I have a requirement to grant and remove access to TDE keys in Keyvault for Managed Instances using powershell.
As per the below documentation, Microsoft suggests to use the below code to get the objectid of the Managed instance and use it to set the policy in the key vault
https://learn.microsoft.com/en-us/powershell/module/az.sql/add-azsqlinstancekeyvaultkey?view=azps-4.4.0
$managedInstance = Get-AzSqlInstance -Name 'ContosoManagedInstanceName' -ResourceGroupName 'ContosoResourceGroup' Set-AzKeyVaultAccessPolicy -VaultName ContosoVault -ObjectId $managedInstance.Identity.PrincipalId -PermissionsToKeys get, wrapKey, unwrapKey
But the above command doesn't work for me because the identity property, which i have marked in red is empty
I checked all the MI's in our inventory and they are all empty, But I can assign permissions to the Keys in the vault easily using the Azure portal, which also shows the GUID(object id) of the Managed instance while selecting the principal. Does anyone know why the identity property is empty for Get-AzSqlInstance, is there any other way I can accomplish this using PowerShell?
You can assign identity to your MI with the CmdLet : Set-AzSqlInstance (See : -AssignIdentity parameter https://learn.microsoft.com/en-us/powershell/module/az.sql/set-azsqlinstance?view=azps-5.1.0)
BR.
Related
I need to save a custom property from my outlook add-in and retrieve the this value from graph Api.
I followed MS documentation, this link and this one.
I store the custom property with office.js methods loadCustomPropertiesAsync and customProps.saveAsync
I have checked the value is correctly stored to custom properties (I can read it from add-in when I come back to event)
When I try to check the value from graph API, the event is returned without custom props.
here is the request I use :
{{endpoint}}/Users/bc2d0290-xxx-4041d2d39b66/Events/AAMkADI1YTJjZTI1LWM4YjUtNxxxTvAAA=?$expand=singleValueExtendedProperties($filter=id eq 'String {00020329-0000-0000-C000-000000000046} Name cecp-myAddInManifestId')
What am I doing wrong ?
I found my mistake.
I use custom properties to enrich appointements with conference room.
I tried to retrieve custom props on my server from room eventId instead of organizer eventId
Querying the graph API returns null for many fields which should not be null, for example jobTitle, userType, createdDateTime, and isAccountEnabled. Why are these fields showing up as null? Is there something that needs to be enabled from the global Azure AD?
How can I get these fields to return with their proper values rather than null?
You need the permission "Directory.Read.All" at least.
So that you can read user data in your organization's directory. Otherwise, you will get "null" value.
Microsoft Graph permissions reference - Directory permissions
When calling the Microsoft Graph API to get a specific user, the createdDateTime field is returned without any data.
https://graph.microsoft.com/beta/users/user#domain.com
However, when searching for the user, the field is returned correctly.
https://graph.microsoft.com/beta/users?$filter=startsWith(userPrincipalName, 'user#domain.com')
The bug can be reproduced using the GraphExlorer web-site: https://developer.microsoft.com/en-us/graph/graph-explorer
I'm not sure where to report this, so I posted it here.
I think I might have found the answer.
When I do a GET operation using the Azure AD 'id' the createdDateTime is populated. When I retrieve the same user using the userPrincipalName, the createdDateTime value is returned as null. I suppose the issue is that the value is retrievable by the back-end query when the Azure AD 'id' property is used while the userPrincipalName (which is a mutable/changeable property) is not. Bizarre but at least there seems to be an answer. Hope this helps.
I'm trying to update a Planner bucket's order. To do that, I set the orderHint value of that bucket to be <prevBucketOrderHint> <nextBucketOrderHint>!. This is the only change I make to the bucket object, however, when I try to save the changes, I get the following error:
Validation for field 'PlanId', on entity 'Bucket' has failed: This field is read only and cannot be changed
However, I'm not accessing nor modifying value of PlanId and therefore I don't understand why I get this error.
Below you can find the code I use to achieve my task (note that this is a C# code using the SDK and variable gc is a valid instance of Microsoft.Graph.GraphServiceClient):
theBucket.OrderHint = string.Format("{0} {1}!", previousBucket.OrderHint, nextBucket.OrderHint);
var etag = theBucket.GetEtag();
var result = gc.Planner.Buckets[bucketId].Request().Header("If-Match", etag).UpdateAsync(theBucket).Result;
Do you see any mistake in my approach or, alternatively, do you have any suggestions on how to change the order of buckets in a Planner plan?
Thanks
I'm guessing that you got theBucket object as the result of another call. The API endpoint expects a patch object that only contains the properties you want to update. You are sending the existing object as the patch object. The existing object theBucket has the planId set which is read-only at the service.
Fix it by creating a new PlannerBucket and only set the OrderHint property on it. Use the new PlannerBucket in the UpdateAsync method.
I have a provider hosted app and i want to retrieve the list item version history with all the columns of an item in my provider hosted app using CSOM.
I tried using CAML Query but i am not able to achieve the required functionality.
Any pointer will be helpful.
When loading file, use lambda expression to explicitly request all required attributes.
Microsoft.SharePoint.Client.File file = context.Web.GetFileByUrl("URL_of_FILE"); //Can be referenced however you want
context.Load(file, x=>x.ListItemAllFields, x=>x.Versions);
//Execute query to reference attributes
context.ExecuteQuery();
To reference specific column values:
string columnVal= file.ListItemAllFields["col_val_id"].ToString();