powershell icon indicating copy to clipboard operation
powershell copied to clipboard
verified publisher icon pnp

[BUG]Request-PnPPersonalSite: Attempted to perform an unauthorized operation.

Open jknode opened this issue 1 year ago • 8 comments

Notice

Many bugs reported are actually related to the PnP Framework which is used behind the scenes. Consider carefully where to report an issue:

  1. Are you using Invoke-PnPSiteTemplate or Get-PnPSiteTemplate? The issue is most likely related to the Provisioning Engine. The Provisioning engine is not located in the PowerShell repo. Please report the issue here: https://github.com/pnp/pnpframework/issues.
  2. Is the issue related to the cmdlet itself, its parameters, the syntax, or do you suspect it is the code of the cmdlet that is causing the issue? Then please continue reporting the issue in this repo.
  3. If you think that the functionality might be related to the underlying libraries that the cmdlet is calling (We realize that might be difficult to determine), please first double check the code of the cmdlet, which can be found here: https://github.com/pnp/powershell/tree/master/src/Commands. If related to the cmdlet, continue reporting the issue here, otherwise report the issue at https://github.com/pnp/pnpframework/issues

Reporting an Issue or Missing Feature

Our business requires to enable Onedrive for every new account with automated script. Followed procedures described below site. https://pnp.github.io/powershell/cmdlets/Request-PnPPersonalSite.html

I got unauthorized operation error instead success.

I opened Microsoft request and they could reproduce same issue and guided to open request from github.

Expected behavior

Request-PnPPersonalSite should complete with successful.

Actual behavior

Request-PnPPersonalSite: Attempted to perform an unauthorized operation.

Steps to reproduce behavior

https://pnp.github.io/powershell/cmdlets/Request-PnPPersonalSite.html

Created new Sharepoint app via https://tenant-admin.sharepoint.com/_layouts/appregnew.aspx. Added permission via https://tenant-admin.sharepoint.com/_layouts/appinv.aspx Then clicked "Trust It" from browser.

Run Powershell import-module pnp.powershell

Connect-PnPOnline -Url https://[tenant]-admin.sharepoint.com -ClientId xxxxxxxxx-xxxx-xxxx-xxxx-f722d04ee698 -ClientSecret xxxxxxxxxxxxxxxxxxxxxxxxxxx88huvAJAD+9DE=

get-pnPSite

Url CompatibilityLevel

https://[tenant]-admin.sharepoint.com 15

Request-PnPPersonalSite -UserEmails "[email protected]" Request-PnPPersonalSite: Attempted to perform an unauthorized operation.

What is the version of the Cmdlet module you are running?

(you can retrieve this by executing Get-Module -Name "PnP.PowerShell" -ListAvailable) get-module

ModuleType Version PreRelease Name ExportedCommands

Manifest 2.12.13 nightly PnP.PowerShell {Add-PnPAlert, Add-PnPApp, Add-PnPApplicationCustomizer, Add-PnPAvailableSiteClassification…} Script 2.3.4 PSReadLine {Get-PSReadLineKeyHandler, Get-PSReadLineOption, Remove-PSReadLineKeyHandler, Set-PSReadLineKeyHandler…}

Which operating system/environment are you running PnP PowerShell on?

  • [ ] Windows
  • [ ] Linux
  • [x ] MacOS
  • [ ] Azure Cloud Shell
  • [ ] Azure Functions
  • [ ] Other : please specify

jknode avatar Sep 23 '24 03:09 jknode

I'm getting the same error. I registered app via Entra ID and also assigned permissions via appinv.aspx and connected with client secret according to documentation.

manufz avatar Oct 09 '24 11:10 manufz

I'm also seeing this error. I followed the docs and confirmed the permissions are configured as required.

MikeMontanez avatar Oct 14 '24 15:10 MikeMontanez

Hi all, We have the Same problem. Login in with certifcate Request-PnPPersonalSite -UserEmails "Email@domain" Request-PnPPersonalSite: Attempted to perform an unauthorized operation.

What to do?

Raymondvdhorst avatar Nov 01 '24 11:11 Raymondvdhorst

We choose to use PnP PowerShell to avoid autentication with an admin account through MS Online Sharepoint module because of MFA requierements. Following PnP documentation, using ACS via appinv.aspx, "Attempted to perform an unauthorized operation." was returned, but with New-PnPPersonalFolder command it worked if we enable custom app autentication on tenant (Set-SPOTenant -DisableCustomAppAuthentication:$false or with Set-PnPTenant).

But recently a new blocking point appears when we try to change tenant configuration: "Updating DisableCustomAppAuthentication is not allowed anymore for new tenants. This is part of Azure ACS feature retirement plan"... Current documentation seems to be no more compliant with Microsoft plans :(

Last solution could be to use Graph to preprovision ODFB drives: documentation explains that when requested, a drive is created if it doesn't exist and user has the right license. But it doesn't work either...

JMV35 avatar Dec 17 '24 10:12 JMV35

+1

worldsdream avatar Feb 19 '25 10:02 worldsdream

+1

caseykim6 avatar Feb 27 '25 18:02 caseykim6

May I kindly draw attention to this issue again?

Our workaround with "Connect-PnPOnline -UseWebLogin" also doesn't work anymore since "-UseWebLogin" was removed with the publication of PnP PowerShell 3.0.

Beside downgrading to version 2.x ... is anyone aware of another workaround or are there any plans to adjust "Request-PnPPersonalSite"?

gswdn avatar Nov 07 '25 07:11 gswdn

It has been 15 months since this bug was logged. I have confirmed that this works with SPO so can someone please bump this up to get worked on as SPO doesn't work very well in PS7 and all my provisioning is based on PS7 for a number of reasons and I'm sure others here are in the same boat

KevinPinel avatar Dec 08 '25 04:12 KevinPinel