cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Add ServiceAccount member to all teams via Powershell

%3CLINGO-SUB%20id%3D%22lingo-sub-1535260%22%20slang%3D%22en-US%22%3EAdd%20ServiceAccount%20member%20to%20all%20teams%20via%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1535260%22%20slang%3D%22en-US%22%3E%3CP%3EI%20created%20a%20small%20powershell%20script%20to%20add%20my%20ServiceAccount%20user%20to%20all%20teams%20via%20%22%3CSTRONG%3EAdd-TeamUser%3C%2FSTRONG%3E%22.%20Unfortunately%20I%20get%20this%20error%20message%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EAdd-TeamUser%20%3A%20Error%20occurred%20while%20executing%20Add-TeamUser%0ACode%3A%20Authorization_RequestDenied%0AMessage%3A%20Insufficient%20privileges%20to%20complete%20the%20operation.%0AInnerError%3A%0A%20%20RequestId%3A%2025ee1e0c-70cc-44bd-bfe9-b08d5bf05c36%0A%20%20DateTimeStamp%3A%202020-07-21T10%3A19%3A32%0AHttpStatusCode%3A%20Authorization_RequestDenied%0AAt%20C%3A%5CUsers%5CXYZ%5CDocuments%5CPSScripts%5COthers%5CAddTeamsMember.ps1%3A5%20char%3A5%0A%2B%20%20%20%20%20Add-TeamUser%20-User%20ServiceAccount%40evgiii.onmicrosoft.com%20-GroupId%20...%0A%2B%20%20%20%20%20~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%0A%20%20%20%20%2B%20CategoryInfo%20%20%20%20%20%20%20%20%20%20%3A%20NotSpecified%3A%20(%3A)%20%5BAdd-TeamUser%5D%2C%20ApiException%0A%20%20%20%20%2B%20FullyQualifiedErrorId%20%3A%20Microsoft.TeamsCmdlets.PowerShell.Custom.ErrorHandling.ApiException%2CMicrosoft.TeamsCmdlets.PowerShell.Custom.AddTeamUser%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20script%20looks%20like%20this%3A%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EConnect-MicrosoftTeams%0A%24groups%20%3D%20Get-Team%20%7CSelect%20GroupId%2C%20DisplayName%0A%0Aforeach(%24group%20in%20%24groups)%7B%0A%20%20%20%20Add-TeamUser%20-User%20ServiceAccount%40evgiii.onmicrosoft.com%20-GroupId%20%24group.GroupId%20-Role%20Owner%0A%7D%3C%2FCODE%3E%3C%2FPRE%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1535260%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eadd-teamuser%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Epowershell%20script%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1537873%22%20slang%3D%22en-US%22%3ERe%3A%20Add%20ServiceAccount%20member%20to%20all%20teams%20via%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1537873%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F642475%22%20target%3D%22_blank%22%3E%40Thomsch%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eas%20per%20the%20error%20message%20%22%3C%2FP%3E%0A%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EInsufficient%20privileges%20to%20complete%20the%20operation%3C%2FCODE%3E%3C%2FPRE%3E%0A%3CP%3Euser%20should%20have%20admin%20access%20to%20add%20owner%20or%20member%20to%20Team.%20Above%20command%20is%20working%20fine.%20Please%20check%20is%20it%20now%20working%20for%20some%20teams%20or%20all%20teams%20you%20are%20facing%20the%20same%20issue.%20You%20can%20check%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fgroup-post-owners%3Fview%3Dgraph-rest-1.0%26amp%3Btabs%3Dhttp%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EGraphApi%3C%2FA%3E%20also%20to%20do%20the%20above%20job.%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_0%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_1%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_2%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_3%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20id%3D%22tinyMceEditorteams1535_4%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1537910%22%20slang%3D%22en-US%22%3ERe%3A%20Add%20ServiceAccount%20member%20to%20all%20teams%20via%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1537910%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F635527%22%20target%3D%22_blank%22%3E%40teams1535%3C%2FA%3E%26nbsp%3BI%20used%20the%20global%20admin%20account%20for%20this%20operation.%20So%20this%20user%20should%20be%20sufficient%20rights.%20It%20worked%20on%20all%20teams%20that%20I've%20checked.%3CBR%20%2F%3ENo%20idea%20why%20this%20error%20message%20popped%20up.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Thomsch
Frequent Contributor

‎07-21-2020 03:24 AM

‎07-21-2020 03:24 AM

Add ServiceAccount member to all teams via Powershell

I created a small powershell script to add my ServiceAccount user to all teams via "Add-TeamUser". Unfortunately I get this error message

Add-TeamUser : Error occurred while executing Add-TeamUser
Code: Authorization_RequestDenied
Message: Insufficient privileges to complete the operation.
InnerError:
  RequestId: 25ee1e0c-70cc-44bd-bfe9-b08d5bf05c36
  DateTimeStamp: 2020-07-21T10:19:32
HttpStatusCode: Authorization_RequestDenied
At C:\Users\XYZ\Documents\PSScripts\Others\AddTeamsMember.ps1:5 char:5
+     Add-TeamUser -User ServiceAccount@evgiii.onmicrosoft.com -GroupId ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Add-TeamUser], ApiException
    + FullyQualifiedErrorId : Microsoft.TeamsCmdlets.PowerShell.Custom.ErrorHandling.ApiException,Microsoft.TeamsCmdlets.PowerShell.Custom.AddTeamUser

 

My script looks like this:

Connect-MicrosoftTeams
$groups = Get-Team |Select GroupId, DisplayName

foreach($group in $groups){
    Add-TeamUser -User ServiceAccount@evgiii.onmicrosoft.com -GroupId $group.GroupId -Role Owner
}
203 Views
0 Likes
2 Replies
Reply
2 Replies
teams1535

‎07-22-2020 01:04 AM

‎07-22-2020 01:04 AM

Re: Add ServiceAccount member to all teams via Powershell

@Thomsch 

as per the error message "

Insufficient privileges to complete the operation

user should have admin access to add owner or member to Team. Above command is working fine. Please check is it now working for some teams or all teams you are facing the same issue. You can check GraphApi also to do the above job. 

 
 
 
 
 

 

Preview file
22 KB
0 Likes
Reply
Thomsch

‎07-22-2020 01:49 AM

‎07-22-2020 01:49 AM

Re: Add ServiceAccount member to all teams via Powershell

@teams1535 I used the global admin account for this operation. So this user should be sufficient rights. It worked on all teams that I've checked.
No idea why this error message popped up.

0 Likes
Reply