0 votes

We are creating a scheduled task with powershell script to check for group licensing errors in Azure/Entra ID using Graph API but the connection throws an error.

`# Connect to Graph
$token = $Context.CloudServices.GetAzureAuthAccessToken("https://graph.microsoft.com")
# $token = $Context.CloudServices.GetAzureAuthAccessToken()
$token = $token | ConvertTo-SecureString -AsPlainText -Force
Connect-MgGraph -AccessToken $token

$users = Get-MgUser -All -Property AssignedLicenses, LicenseAssignmentStates, DisplayName | Select-Object DisplayName, AssignedLicenses -ExpandProperty LicenseAssignmentStates | Select-Object DisplayName, AssignedByGroup, State, Error, SkuId
#count the number of users found with errors
$count = 0
# Loop through each user and check the Error property for None value
foreach($user in $users) {
    if($user.Error -ne "None") {
        $count += 1
        Write-Host "User $($user.DisplayName) has a license error"
    }
}
if ($count -le 0) {
 write-host "No user found with license errors"
}`

grapherror1.png

by (140 points)

1 Answer

0 votes
by (298k points)

Hello,

The error occurs because the target object the script is executed on is not included into the associated scope of a Microsoft 365 tenant in Adaxes. For details on how to check that, see https://www.adaxes.com/help/LookupTenantForUser.

0

Thanks for this answer, we got it working!

0

Getting the same error for connectivity in the scheduled task for similar use case. What did you do to resolve the connectivity error ?

0

Hello Faraz,

As it was stated above the issue occurs because the target object is not included into the scope of your Microsoft 365 tenant in Adaxes. In your case, they are the objects included into the Activity Scope of the scheduled task. All the objects of the type the task is configured for from the scope must also be in the tenant scope.

Related questions

0 votes
1 answer

This message is displaying inside the Office 365 properties for every user on this account/domain. Multi-Factor Authentication is disabled on the tenant account and I am able ... domains that are working with O365 without issue on the same servers as well.

asked Oct 24, 2019 by jhutchinson (20 points)
0 votes
1 answer

we are establishing a sync with our legacy intranet database and appear to have hit a limit with the API for adaxes...is this a soft threshold that we can adjust ... ; Last access: 2/12/2014 11:09:59 AM; Client: AdmReferralCallback.QueryForConnection Direct

asked Feb 12, 2014 by kf4ape (490 points)
0 votes
1 answer

I am wondering what the expected behavior is, and what troubleshooting can be done, for this issue: We have a few tenants listed under Cloud Services > Office 365 We ... know, but they don't have access to force the license update themselves. Thanks, Jason

asked Jan 9, 2019 by Jasonmh (540 points)
0 votes
1 answer

We currently have a custom command implemented that sends a remove passcode command to a DEP managed iOS device. The script works fine when testing in the Adminstration console, ... { $Context.LogMessage("Failing to send Wipe command", "Warning") return } }

asked Feb 11 by alexalex (60 points)
0 votes
1 answer

Hi, I'm trying to add a column to a report to retrieve the last login data from AAD/Graph using the script posted here but i'm running into the ... [0].signInActivity.lastSignInDateTime # Assign a column value to $Context.Value $Context.Value = $lastLogonDate

asked Feb 22, 2022 by richarddewis (260 points)
3,628 questions
3,315 answers
8,392 comments
548,726 users