[BUG] New-PnPSite create a new SharePoint site by an managed identity gives error: Authorization_RequestDenied Message: Insufficient privileges to complete the operation. #3823
Comments
hajjkh
changed the title
|
can you double check the site is not created. I had something similar but the site got created, even though it said unauthorized. Ref: #3634 |
It looks like my problem is the parameter -TimeZone. When I try it without this paramter it is working fine. Does it work from your site with paramter -TimeZone ? |
|
likewise, check my comment of 8/01 in #3634 |
Hi, yes, it looks like I have the same issue. But I don't see any solution. |
|
Remove the timezone param from the new-pnpsite and use another pnp cmdlet to configure the timezone, I believe it’s under set-pnpweb?
|
But thats a workaround. Can you confirm that this is a bug and should work? |
|
I'm no developer of the PnP module. I'm only stating that I've faced the same issue and am using a workaround as they where unable to reproduce it.. |
I try to create a new modern group-based SharePoint site by an Azure function managed identity. The managed identity has "Sites.FullControl.All" permissions.
I got this error:
ERROR: Code: Authorization_RequestDenied
Message: Insufficient privileges to complete the operation.
When I try another command to create a non-based SharePoint site it is working fine:
New-PnPTenantSite -Url "https://myCompany.sharepoint.com/teams/abc" -Title "SomeTitle" -Template "STS#0" -Owner "someUser@someCompany.com" -TimeZone 4What is going wrong?
What is the version of the Cmdlet module you are running?
2.4.0
Which operating system/environment are you running PnP PowerShell on?
Azure Functions
UPDATE 1
I give the managed identity some more MS Graph permissions and now it is possible to create a group-based SharePoint site, but now I get the error below.
Error:
`2024-03-12T08:32:57Z [Error] ERROR: The remote server returned an error: (401) Unauthorized.
Exception :
Type : System.Management.Automation.PSInvalidOperationException
ErrorRecord :
Exception :
Type : System.Management.Automation.ParentContainsErrorRecordException
Message : The remote server returned an error: (401) Unauthorized.
HResult : -2146233087
CategoryInfo : InvalidOperation: (:) [], ParentContainsErrorRecordException
FullyQualifiedErrorId : InvalidOperation
TargetSite :
Name : ProcessRecord
DeclaringType : PnP.PowerShell.Commands.Base.PnPConnectedCmdlet
MemberType : Method
Module : PnP.PowerShell.dll
Message : The remote server returned an error: (401) Unauthorized.
Source : PnP.PowerShell
HResult : -2146233079
StackTrace :
at PnP.PowerShell.Commands.Base.PnPConnectedCmdlet.ProcessRecord() in c:\build\src\Commands\Base\PnPConnectedCmdlet.cs:line 101
at PnP.PowerShell.Commands.PnPSharePointCmdlet.ProcessRecord() in c:\build\src\Commands\Base\PnPSharePointCmdlet.cs:line 131
at System.Management.Automation.Cmdlet.DoProcessRecord()
at System.Management.Automation.CommandProcessor.ProcessRecord()
CategoryInfo : InvalidOperation: (:) [New-PnPSite], PSInvalidOperationException`
UPDATE 2
It looks like a random behaviour. Now I have the initial error again: Authorization_RequestDenied Message: Insufficient privileges to complete the operation.
The text was updated successfully, but these errors were encountered: