Enable-PriviledgedRoleAssignment : Cannot bind parameter, Cannot convert the value to type

%3CLINGO-SUB%20id%3D%22lingo-sub-359818%22%20slang%3D%22en-US%22%3EEnable-PriviledgedRoleAssignment%20%3A%20Cannot%20bind%20parameter%2C%20Cannot%20convert%20the%20value%20to%20type%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359818%22%20slang%3D%22en-US%22%3E%3CP%3ETrying%20to%20make%20a%20role%20elevation%20script%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CDIV%3E%3CDIV%3E%3CSPAN%3EConnect-PimService%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Eroles%3C%2FSPAN%3E%20%3CSPAN%3E%3D%3C%2FSPAN%3E%20%3CSPAN%3EGet-PrivilegedRoleAssignment%3C%2FSPAN%3E%20%3CSPAN%3E%7C%3C%2FSPAN%3E%20%3CSPAN%3EWhere%3C%2FSPAN%3E%20%3CSPAN%3E%7B%24%3C%2FSPAN%3E%3CSPAN%3E_%3C%2FSPAN%3E%3CSPAN%3E.IsElevated%3C%2FSPAN%3E%20%3CSPAN%3E-ne%3C%2FSPAN%3E%20%3CSPAN%3E%22%3C%2FSPAN%3E%3CSPAN%3ETrue%3C%2FSPAN%3E%3CSPAN%3E%22%3C%2FSPAN%3E%3CSPAN%3E%7D%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Emenu%3C%2FSPAN%3E%20%3CSPAN%3E%3D%3C%2FSPAN%3E%20%3CSPAN%3E%40%3C%2FSPAN%3E%3CSPAN%3E%7B%7D%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3Efor%3C%2FSPAN%3E%20%3CSPAN%3E(%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%3CSPAN%3E%3D%3C%2FSPAN%3E%3CSPAN%3E1%3C%2FSPAN%3E%3CSPAN%3E%3B%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%20%3CSPAN%3E-le%3C%2FSPAN%3E%20%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Eroles.count%3C%2FSPAN%3E%3CSPAN%3E%3B%3C%2FSPAN%3E%20%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%3CSPAN%3E%2B%2B%3C%2FSPAN%3E%3CSPAN%3E)%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%7B%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3EWrite-Host%3C%2FSPAN%3E%20%3CSPAN%3E%22%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%3CSPAN%3E.%20%3C%2FSPAN%3E%3CSPAN%3E%24(%24%3C%2FSPAN%3E%3CSPAN%3Eroles.RoleName%3C%2FSPAN%3E%3CSPAN%3E%5B%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%3CSPAN%3E-%3C%2FSPAN%3E%3CSPAN%3E1%3C%2FSPAN%3E%3CSPAN%3E%5D)%22%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Emenu.Add%3C%2FSPAN%3E%3CSPAN%3E(%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%3CSPAN%3E%2C%3C%2FSPAN%3E%20%3CSPAN%3E(%24%3C%2FSPAN%3E%3CSPAN%3Eroles.RoleName%3C%2FSPAN%3E%3CSPAN%3E%5B%24%3C%2FSPAN%3E%3CSPAN%3Ei%3C%2FSPAN%3E%20%3CSPAN%3E-%3C%2FSPAN%3E%20%3CSPAN%3E1%3C%2FSPAN%3E%3CSPAN%3E%5D))%3C%2FSPAN%3E%20%3CSPAN%3E%7D%3C%2FSPAN%3E%3C%2FDIV%3E%3CBR%20%2F%3E%3CDIV%3E%3CSPAN%3E%5B%3C%2FSPAN%3E%3CSPAN%3Eint%3C%2FSPAN%3E%3CSPAN%3E%5D%24%3C%2FSPAN%3E%3CSPAN%3Eans%3C%2FSPAN%3E%20%3CSPAN%3E%3D%3C%2FSPAN%3E%20%3CSPAN%3ERead-host%3C%2FSPAN%3E%20%3CSPAN%3E'%3C%2FSPAN%3E%3CSPAN%3Eenter-Selection%3C%2FSPAN%3E%3CSPAN%3E'%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Ereason%3C%2FSPAN%3E%20%3CSPAN%3E%3D%3C%2FSPAN%3E%20%3CSPAN%3ERead-Host%3C%2FSPAN%3E%20%3CSPAN%3E'%3C%2FSPAN%3E%3CSPAN%3EWhat%20is%20the%20reason%20for%20elevation%3C%2FSPAN%3E%3CSPAN%3E'%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Eselection%3C%2FSPAN%3E%20%3CSPAN%3E%3D%3C%2FSPAN%3E%20%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Emenu.Item%3C%2FSPAN%3E%3CSPAN%3E(%24%3C%2FSPAN%3E%3CSPAN%3Eans%3C%2FSPAN%3E%3CSPAN%3E)%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3EEnable-PrivilegedRoleAssignment%3C%2FSPAN%3E%20%3CSPAN%3E-%3C%2FSPAN%3E%3CSPAN%3Eduration%20%3C%2FSPAN%3E%3CSPAN%3E2%3C%2FSPAN%3E%20%3CSPAN%3E-%3C%2FSPAN%3E%3CSPAN%3ERoleAssignment%20%3C%2FSPAN%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Eselection%3C%2FSPAN%3E%20%3CSPAN%3E-%3C%2FSPAN%3E%3CSPAN%3EReason%20%3C%2FSPAN%3E%3CSPAN%3E%24%3C%2FSPAN%3E%3CSPAN%3Ereason%3C%2FSPAN%3E%3C%2FDIV%3E%3CBR%20%2F%3E%3CDIV%3E%3CSPAN%3EDisconnect-PimService%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3EI%20keep%20getting%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3EEnable-PrivilegedRoleAssignment%20%3A%20Cannot%20bind%20parameter%20'RoleAssignment'.%20Cannot%20convert%20the%20%22Exchange%20Administrator%22%20value%20of%20type%20%22System.String%22%20to%20type%3CBR%20%2F%3E%22Microsoft.Azure.ActiveDirectory.PIM.API.ODataClient.Microsoft.Azure.PrivilegedIdentities.PrivilegedRoleAssignment%22.%3CBR%20%2F%3EAt%20C%3A%5CUsers%5Cdavietp%5CDocuments%5Cscripts%5CPIMTest.ps1%3A12%20char%3A61%3CBR%20%2F%3E%2B%20...%20ivilegedRoleAssignment%20-duration%202%20-RoleAssignment%20%24selection%20-Reason%20...%3CBR%20%2F%3E%2B%20~~~~~~~~~~%3CBR%20%2F%3E%2B%20CategoryInfo%20%3A%20InvalidArgument%3A%20(%3A)%20%5BEnable-PrivilegedRoleAssignment%5D%2C%20ParameterBindingException%3CBR%20%2F%3E%2B%20FullyQualifiedErrorId%20%3A%20CannotConvertArgumentNoMessage%2CMicrosoft.Azure.ActiveDirectory.PIM.PSModule.Cmdlets.EnablePrivilegedRoleAssignment%3C%2FSPAN%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-359818%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EWindows%20PowerShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-359828%22%20slang%3D%22en-US%22%3ERe%3A%20Enable-PriviledgedRoleAssignment%20%3A%20Cannot%20bind%20parameter%2C%20Cannot%20convert%20the%20value%20to%20type%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359828%22%20slang%3D%22en-US%22%3E%3CP%3EI%20figured%20it%20out%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EConnect-PimService%3C%2FP%3E%3CP%3E%24roles%20%3D%20Get-PrivilegedRoleAssignment%20%7C%20Where%20%7B%24_.IsElevated%20-ne%20%22True%22%7D%3C%2FP%3E%3CP%3E%24menu%20%3D%20%40%7B%7D%3C%2FP%3E%3CP%3Efor%20(%24i%3D1%3B%24i%20-le%20%24roles.count%3B%20%24i%2B%2B)%3C%2FP%3E%3CP%3E%7B%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Write-Host%20%22%24i.%20%24(%24roles.RoleName%5B%24i-1%5D)%22%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%24menu.Add(%24i%2C%20(%24roles.RoleName%5B%24i%20-%201%5D))%20%7D%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%5Bint%5D%24ans%20%3D%20Read-host%20'enter-Selection'%3C%2FP%3E%3CP%3E%24reason%20%3D%20Read-Host%20'What%20is%20the%20reason%20for%20elevation'%3C%2FP%3E%3CP%3E%24selection%20%3D%20%24menu.Item(%24ans)%3C%2FP%3E%3CP%3E%3CSTRONG%3E%24assignment%20%3D%20Get-PrivilegedRoleAssignment%20%7C%20Where%20%7B%24_.RoleName%20-eq%20%24selection%7D%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EEnable-PrivilegedRoleAssignment%20-duration%202%20-RoleAssignment%20%24assignment%20-Reason%20%24reason%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDisconnect-PimService%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Trying to make a role elevation script

 

Connect-PimService
$roles = Get-PrivilegedRoleAssignment | Where {$_.IsElevated -ne "True"}
$menu = @{}
for ($i=1;$i -le $roles.count; $i++)
{
Write-Host "$i. $($roles.RoleName[$i-1])"
$menu.Add($i, ($roles.RoleName[$i - 1])) }

[int]$ans = Read-host 'enter-Selection'
$reason = Read-Host 'What is the reason for elevation'
$selection = $menu.Item($ans)
Enable-PrivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason $reason

Disconnect-PimService
 
I keep getting
Enable-PrivilegedRoleAssignment : Cannot bind parameter 'RoleAssignment'. Cannot convert the "Exchange Administrator" value of type "System.String" to type
"Microsoft.Azure.ActiveDirectory.PIM.API.ODataClient.Microsoft.Azure.PrivilegedIdentities.PrivilegedRoleAssignment".
At C:\Users\davietp\Documents\scripts\PIMTest.ps1:12 char:61
+ ... ivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason ...
+ ~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Enable-PrivilegedRoleAssignment], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Azure.ActiveDirectory.PIM.PSModule.Cmdlets.EnablePrivilegedRoleAssignment
1 Reply
Highlighted

I figured it out

 

Connect-PimService

$roles = Get-PrivilegedRoleAssignment | Where {$_.IsElevated -ne "True"}

$menu = @{}

for ($i=1;$i -le $roles.count; $i++)

{

    Write-Host "$i. $($roles.RoleName[$i-1])"

    $menu.Add($i, ($roles.RoleName[$i - 1])) }

 

[int]$ans = Read-host 'enter-Selection'

$reason = Read-Host 'What is the reason for elevation'

$selection = $menu.Item($ans)

$assignment = Get-PrivilegedRoleAssignment | Where {$_.RoleName -eq $selection}

Enable-PrivilegedRoleAssignment -duration 2 -RoleAssignment $assignment -Reason $reason

 

Disconnect-PimService