Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AADUser: When trying to remove group membership this error appear: [BadRequest] : Invalid filter clause: There is an unterminated string literal #5417

Open
snunezMSFT opened this issue Nov 18, 2024 · 0 comments
Open

AADUser: When trying to remove group membership this error appear: [BadRequest] : Invalid filter clause: There is an unterminated string literal #5417

snunezMSFT opened this issue Nov 18, 2024 · 0 comments

Comments

@snunezMSFT
Copy link

Description of the issue

When the user in the environment has more group memberships than the ones defined on the configuration file and the configuration file has at least one group membership, this error appear for each group that DSC is trying to remove membership.

[BadRequest] : Invalid filter clause: There is an unterminated string literal at position 27 in 'DisplayName eq 'TEST1-Group'.
+ CategoryInfo : InvalidOperation: ({ ConsistencyLe... , Headers = }:) [], CimException
+ FullyQualifiedErrorId : BadRequest,Microsoft.Graph.PowerShell.Cmdlets.GetMgGroup_List
+ PSComputerName : localhost

Cannot bind argument to parameter 'GroupId' because it is an empty string.
+ CategoryInfo : InvalidData: (:) [], CimException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Remove-MgGroupMemberDirectoryObjectByRef
+ PSComputerName : localhost

Microsoft 365 DSC Version

1.24.1106.3

Which workloads are affected

Azure Active Directory (Entra ID)

The DSC configuration

Node localhost
    {
        AADUser "AADUser-Sample User"
        {
            ApplicationId        = $ConfigurationData.NonNodeData.ApplicationId;
            ApplicationSecret    = New-Object System.Management.Automation.PSCredential ('ApplicationSecret', (ConvertTo-SecureString $ConfigurationData.NonNodeData.ApplicationSecret -AsPlainText -Force));
            DisplayName          = "Sample User";
            Ensure               = "Present";
            LicenseAssignment    = @();
            MemberOf             = @("Test-Demo-Users");
            Password             = New-Object System.Management.Automation.PSCredential('Password', (ConvertTo-SecureString ((New-Guid).ToString()) -AsPlainText -Force));;
            PasswordNeverExpires = $False;
            Roles                = @();
            TenantId             = $OrganizationName;
            UserPrincipalName    = "[email protected]";
            UserType             = "Member";
        }
    }
}

Verbose logs showing the problem

VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' =
root/Microsoft/Windows/DesiredStateConfiguration'.
VERBOSE: An LCM method call arrived from computer alfasierra02 with user sid S-1-5-21-1877439935-2638897408-3034618804-500.
VERBOSE: [alfasierra02]: LCM:  [ Start  Set      ]
VERBOSE: [alfasierra02]: LCM:  [ Start  Resource ]  [[AADUser]AADUser-Sample User]
VERBOSE: [alfasierra02]: LCM:  [ Start  Test     ]  [[AADUser]AADUser-Sample User]
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Testing configuration of Azure AD User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Getting configuration of Office 365 User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Getting Office 365 User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Found User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Current Values: AccessTokens=$null
ApplicationId=***
ApplicationSecret=***
CertificateThumbprint=***
City=$null
Country=$null
Credential=$null
Department=$null
DisplayName=Sample User
Ensure=Present
Fax=$null
FirstName=$null
LastName=$null
LicenseAssignment=()
MemberOf=(Test-Demo-Users,TEST1-Group,TEST2-Gröup,TEST3-Group with blank spaces)
MobilePhone=$null
Office=$null
Password=***
PasswordNeverExpires=False
PasswordPolicies=$null
PhoneNumber=$null
PostalCode=$null
PreferredLanguage=$null
Roles=()
State=$null
StreetAddress=$null
TenantId=***
Title=$null
UsageLocation=$null
UserPrincipalName=sample@M365x79890256.onmicrosoft.com
UserType=Member
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Target Values: ApplicationId=***
ApplicationSecret=***
DisplayName=Sample User
Ensure=Present
LicenseAssignment=()
MemberOf=(Test-Demo-Users)
Password=***
PasswordNeverExpires=False
Roles=()
TenantId=***
UserPrincipalName=sample@M365x79890256.onmicrosoft.com
UserType=Member
Verbose=True
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Test-TargetResource returned False
VERBOSE: [alfasierra02]: LCM:  [ End    Test     ]  [[AADUser]AADUser-Sample User]  in 0.6560 seconds.
VERBOSE: [alfasierra02]: LCM:  [ Start  Set      ]  [[AADUser]AADUser-Sample User]
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Setting configuration of Office 365 User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Getting configuration of Office 365 User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Getting Office 365 User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Found User sample@M365x79890256.onmicrosoft.com
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] Updating Office 365 User sample@M365x79890256.onmicrosoft.com Information
VERBOSE: [alfasierra02]:                            [[AADUser]AADUser-Sample User] PasswordProfile property will not be updated
[BadRequest] : Invalid filter clause: There is an unterminated string literal at position 27 in 'DisplayName eq 'TEST1-Group'.
    + CategoryInfo          : InvalidOperation: ({ ConsistencyLe... , Headers =  }:) [], CimException
    + FullyQualifiedErrorId : BadRequest,Microsoft.Graph.PowerShell.Cmdlets.GetMgGroup_List
    + PSComputerName        : localhost

Cannot bind argument to parameter 'GroupId' because it is an empty string.
    + CategoryInfo          : InvalidData: (:) [], CimException
    + FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Remove-MgGroupMemberDirectoryObjectByRef
    + PSComputerName        : localhost

[BadRequest] : Invalid filter clause: There is an unterminated string literal at position 27 in 'DisplayName eq 'TEST2-Gröup'.
    + CategoryInfo          : InvalidOperation: ({ ConsistencyLe... , Headers =  }:) [], CimException
    + FullyQualifiedErrorId : BadRequest,Microsoft.Graph.PowerShell.Cmdlets.GetMgGroup_List
    + PSComputerName        : localhost

Cannot bind argument to parameter 'GroupId' because it is an empty string.
    + CategoryInfo          : InvalidData: (:) [], CimException
    + FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Remove-MgGroupMemberDirectoryObjectByRef
    + PSComputerName        : localhost

[BadRequest] : Invalid filter clause: There is an unterminated string literal at position 45 in 'DisplayName eq 'TEST3-Group with blank spaces'.
    + CategoryInfo          : InvalidOperation: ({ ConsistencyLe... , Headers =  }:) [], CimException
    + FullyQualifiedErrorId : BadRequest,Microsoft.Graph.PowerShell.Cmdlets.GetMgGroup_List
    + PSComputerName        : localhost

Cannot bind argument to parameter 'GroupId' because it is an empty string.
    + CategoryInfo          : InvalidData: (:) [], CimException
    + FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Remove-MgGroupMemberDirectoryObjectByRef
    + PSComputerName        : localhost

VERBOSE: [alfasierra02]: LCM:  [ End    Set      ]  [[AADUser]AADUser-Sample User]  in 6.3590 seconds.
The PowerShell DSC resource '[AADUser]AADUser-Sample User' with SourceInfo 'C:\Repo\Microsoft365DSCPipelines\baseline\04.Identities\M365TenantConfig.ps1::17::9::AADUser' threw one or more
non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for
more details.
    + CategoryInfo          : InvalidOperation: (:) [], CimException
    + FullyQualifiedErrorId : NonTerminatingErrorFromProvider
    + PSComputerName        : localhost

VERBOSE: [alfasierra02]: LCM:  [ End    Set      ]
The SendConfigurationApply function did not succeed.
    + CategoryInfo          : NotSpecified: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : MI RESULT 1
    + PSComputerName        : localhost

VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Time taken for configuration job to complete is 7.137 seconds

Environment Information + PowerShell Version

OsName               : Microsoft Windows 11 Enterprise
OsOperatingSystemSKU : EnterpriseEdition
OsArchitecture       : 64-bit
WindowsVersion       : 2009
WindowsBuildLabEx    : 22621.1.amd64fre.ni_release.220506-1250
OsLanguage           : en-US
OsMuiLanguages       : {en-US}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@snunezMSFT