Forum Discussion
Belaflek
Mar 04, 2019Copper Contributor
Enable-PriviledgedRoleAssignment : Cannot bind parameter, Cannot convert the value to type
Trying to make a role elevation script
Connect-PimService
$roles = Get-PrivilegedRoleAssignment | Where {$_.IsElevated -ne "True"}
$menu = @{}
for ($i=1;$i -le $roles.count; $i++)
{
Write-Host "$i. $($roles.RoleName[$i-1])"
$menu.Add($i, ($roles.RoleName[$i - 1])) }
[int]$ans = Read-host 'enter-Selection'
$reason = Read-Host 'What is the reason for elevation'
$selection = $menu.Item($ans)
Enable-PrivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason $reason
Disconnect-PimService
I keep getting
Enable-PrivilegedRoleAssignment : Cannot bind parameter 'RoleAssignment'. Cannot convert the "Exchange Administrator" value of type "System.String" to type
"Microsoft.Azure.ActiveDirectory.PIM.API.ODataClient.Microsoft.Azure.PrivilegedIdentities.PrivilegedRoleAssignment".
At C:\Users\davietp\Documents\scripts\PIMTest.ps1:12 char:61
+ ... ivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason ...
+ ~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Enable-PrivilegedRoleAssignment], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Azure.ActiveDirectory.PIM.PSModule.Cmdlets.EnablePrivilegedRoleAssignment
"Microsoft.Azure.ActiveDirectory.PIM.API.ODataClient.Microsoft.Azure.PrivilegedIdentities.PrivilegedRoleAssignment".
At C:\Users\davietp\Documents\scripts\PIMTest.ps1:12 char:61
+ ... ivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason ...
+ ~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Enable-PrivilegedRoleAssignment], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Azure.ActiveDirectory.PIM.PSModule.Cmdlets.EnablePrivilegedRoleAssignment
- BelaflekCopper Contributor
I figured it out
Connect-PimService
$roles = Get-PrivilegedRoleAssignment | Where {$_.IsElevated -ne "True"}
$menu = @{}
for ($i=1;$i -le $roles.count; $i++)
{
Write-Host "$i. $($roles.RoleName[$i-1])"
$menu.Add($i, ($roles.RoleName[$i - 1])) }
[int]$ans = Read-host 'enter-Selection'
$reason = Read-Host 'What is the reason for elevation'
$selection = $menu.Item($ans)
$assignment = Get-PrivilegedRoleAssignment | Where {$_.RoleName -eq $selection}
Enable-PrivilegedRoleAssignment -duration 2 -RoleAssignment $assignment -Reason $reason
Disconnect-PimService