Add ServiceAccount member to all teams via Powershell

%3CLINGO-SUB%20id%3D%22lingo-sub-1535260%22%20slang%3D%22en-US%22%3EAdd%20ServiceAccount%20member%20to%20all%20teams%20via%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1535260%22%20slang%3D%22en-US%22%3E%3CP%3EI%20created%20a%20small%20powershell%20script%20to%20add%20my%20ServiceAccount%20user%20to%20all%20teams%20via%20%22%3CSTRONG%3EAdd-TeamUser%3C%2FSTRONG%3E%22.%20Unfortunately%20I%20get%20this%20error%20message%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EAdd-TeamUser%20%3A%20Error%20occurred%20while%20executing%20Add-TeamUser%0ACode%3A%20Authorization_RequestDenied%0AMessage%3A%20Insufficient%20privileges%20to%20complete%20the%20operation.%0AInnerError%3A%0A%20%20RequestId%3A%2025ee1e0c-70cc-44bd-bfe9-b08d5bf05c36%0A%20%20DateTimeStamp%3A%202020-07-21T10%3A19%3A32%0AHttpStatusCode%3A%20Authorization_RequestDenied%0AAt%20C%3A%5CUsers%5CXYZ%5CDocuments%5CPSScripts%5COthers%5CAddTeamsMember.ps1%3A5%20char%3A5%0A%2B%20%20%20%20%20Add-TeamUser%20-User%20ServiceAccount%40evgiii.onmicrosoft.com%20-GroupId%20...%0A%2B%20%20%20%20%20~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%0A%20%20%20%20%2B%20CategoryInfo%20%20%20%20%20%20%20%20%20%20%3A%20NotSpecified%3A%20(%3A)%20%5BAdd-TeamUser%5D%2C%20ApiException%0A%20%20%20%20%2B%20FullyQualifiedErrorId%20%3A%20Microsoft.TeamsCmdlets.PowerShell.Custom.ErrorHandling.ApiException%2CMicrosoft.TeamsCmdlets.PowerShell.Custom.AddTeamUser%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20script%20looks%20like%20this%3A%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EConnect-MicrosoftTeams%0A%24groups%20%3D%20Get-Team%20%7CSelect%20GroupId%2C%20DisplayName%0A%0Aforeach(%24group%20in%20%24groups)%7B%0A%20%20%20%20Add-TeamUser%20-User%20ServiceAccount%40evgiii.onmicrosoft.com%20-GroupId%20%24group.GroupId%20-Role%20Owner%0A%7D%3C%2FCODE%3E%3C%2FPRE%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1535260%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eadd-teamuser%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Epowershell%20script%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1537873%22%20slang%3D%22en-US%22%3ERe%3A%20Add%20ServiceAccount%20member%20to%20all%20teams%20via%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1537873%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F642475%22%20target%3D%22_blank%22%3E%40Thomsch%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eas%20per%20the%20error%20message%20%22%3C%2FP%3E%0A%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EInsufficient%20privileges%20to%20complete%20the%20operation%3C%2FCODE%3E%3C%2FPRE%3E%0A%3CP%3Euser%20should%20have%20admin%20access%20to%20add%20owner%20or%20member%20to%20Team.%20Above%20command%20is%20working%20fine.%20Please%20check%20is%20it%20now%20working%20for%20some%20teams%20or%20all%20teams%20you%20are%20facing%20the%20same%20issue.%20You%20can%20check%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fgroup-post-owners%3Fview%3Dgraph-rest-1.0%26amp%3Btabs%3Dhttp%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EGraphApi%3C%2FA%3E%20also%20to%20do%20the%20above%20job.%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_0%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_1%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_2%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_3%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_4%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1537910%22%20slang%3D%22en-US%22%3ERe%3A%20Add%20ServiceAccount%20member%20to%20all%20teams%20via%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1537910%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F635527%22%20target%3D%22_blank%22%3E%40teams1535%3C%2FA%3E%26nbsp%3BI%20used%20the%20global%20admin%20account%20for%20this%20operation.%20So%20this%20user%20should%20be%20sufficient%20rights.%20It%20worked%20on%20all%20teams%20that%20I've%20checked.%3CBR%20%2F%3ENo%20idea%20why%20this%20error%20message%20popped%20up.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Frequent Contributor

I created a small powershell script to add my ServiceAccount user to all teams via "Add-TeamUser". Unfortunately I get this error message

Add-TeamUser : Error occurred while executing Add-TeamUser
Code: Authorization_RequestDenied
Message: Insufficient privileges to complete the operation.
InnerError:
  RequestId: 25ee1e0c-70cc-44bd-bfe9-b08d5bf05c36
  DateTimeStamp: 2020-07-21T10:19:32
HttpStatusCode: Authorization_RequestDenied
At C:\Users\XYZ\Documents\PSScripts\Others\AddTeamsMember.ps1:5 char:5
+     Add-TeamUser -User ServiceAccount@evgiii.onmicrosoft.com -GroupId ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Add-TeamUser], ApiException
    + FullyQualifiedErrorId : Microsoft.TeamsCmdlets.PowerShell.Custom.ErrorHandling.ApiException,Microsoft.TeamsCmdlets.PowerShell.Custom.AddTeamUser

 

My script looks like this:

Connect-MicrosoftTeams
$groups = Get-Team |Select GroupId, DisplayName

foreach($group in $groups){
    Add-TeamUser -User ServiceAccount@evgiii.onmicrosoft.com -GroupId $group.GroupId -Role Owner
}
3 Replies

@Thomsch 

as per the error message "

Insufficient privileges to complete the operation

user should have admin access to add owner or member to Team. Above command is working fine. Please check is it now working for some teams or all teams you are facing the same issue. You can check GraphApi also to do the above job. 

 
 
 
 
 

 

@teams1535 I used the global admin account for this operation. So this user should be sufficient rights. It worked on all teams that I've checked.
No idea why this error message popped up.

@Thomsch Hi, Was this sorted out for you ? am having the same issue now. earlier this command has worked for me with the same group, and am having sufficient privilege as well