[BUG]? - Grant-PnPTenantServicePrincipalPermission timing out

Question

[BUG]? - Grant-PnPTenantServicePrincipalPermission timing out

brianpmccullough opened this issue 4 years ago · comments

Grant-PnPTenantServicePrincipalPermission is timing out consistently for me.

Reporting an Issue or Missing Feature

The cmdlet is timing out and not completing and indicates a timeout. I have resorted to the M365 CLI which is working for me:
m365 spo serviceprincipal grant add

Expected behavior

Service Principal added and available in https://[tenant]-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/webApiPermissionManagement

Actual behavior

`
Grant-PnPTenantServicePrincipalPermission : The operation has timed out
At line:1 char:1

Grant-PnPTenantServicePrincipalPermission -Scope "User.ReadBasic.All" ...

  + CategoryInfo          : WriteError: (:) [Grant-PnPTenant...cipalPermission], WebException
  + FullyQualifiedErrorId : EXCEPTION,PnP.PowerShell.Commands.Apps.GrantTenantServicePrincipalPermission

`

Steps to reproduce behavior

Please include complete code samples in-line or linked from gists

`
$tenant = "[yourtenant]"

$username = [Environment]::UserName
$searcher = [adsisearcher]"(samaccountname=$env:USERNAME)"
$email = $searcher.FindOne().Properties.mail
$email = $email.Replace("@myco.com", "@$tenant.onmicrosoft.com")

if ($cred -eq $null){
$cred = Get-Credential -UserName $email -Message "Please enter your credentials for SharePoint Online in the '$tenant' tennant."
}

$tenantAdminUrl = "https://$tenant-admin.sharepoint.com/"
Connect-PnPOnline $tenantAdminUrl -Credentials $cred
Get-PnPWeb

Grant-PnPTenantServicePrincipalPermission -Scope "User.ReadBasic.All" -Resource "Microsoft Graph"

`

Which version of the PnP-PowerShell Cmdlets are you using?

PnP PowerShell for SharePoint 2013
PnP PowerShell for SharePoint 2016
PnP PowerShell for SharePoint 2019
[X ] PnP PowerShell for SharePoint Online

What is the version of the Cmdlet module you are running?

(you can retrieve this by executing Get-Module -Name sharepointpnppowershell* -ListAvailable)
3.26.2010.0

How did you install the PnP-PowerShell Cmdlets?

MSI Installed downloaded from GitHub
Installed through the PowerShell Gallery with Install-Module
Other means

Mark Powney · Answer 1 · Fri Dec 18 2020 08:15:35 GMT+0800 (China Standard Time)

I've been able to reproduce this behaviour with v3.28.2012.0. the command seems to stall indefinitely.

I've enabled Set-PnPTraceLog to level Debug, it seems to stop after the first step

Repro commands:

Connect-PnPOnline https://tenant-admin.sharepoint.com/ -UseWebLogin
$Scope = "Group.Read.All"; $Resource = "Microsoft Graph"
Set-PnPTraceLog -On -WriteToConsole -Level Debug
Grant-PnPTenantServicePrincipalPermission -Scope $Scope -Resource $Resource

The tenant is relatively new - a demo tenant provisioned via the Customer Digital Experience portal

Mark Powney · Answer 2 · Fri Dec 18 2020 11:32:26 GMT+0800 (China Standard Time)

Running "Fiddler everywhere" with an open session, after executing Grant-PnPTenantServicePrincipalPermission command I'm observing a flood of repeated CSOM requests for the search query 'contentclass:STS_Site AND SiteTemplate:APPCATALOG' with a 'IndexDocId > x.xxxxxxxx' appended to the end of the search query.