Enable-PriviledgedRoleAssignment : Cannot bind parameter, Cannot convert the value to type

Highlighted
New Contributor

Trying to make a role elevation script

 

Connect-PimService
$roles = Get-PrivilegedRoleAssignment | Where {$_.IsElevated -ne "True"}
$menu = @{}
for ($i=1;$i -le $roles.count; $i++)
{
Write-Host "$i. $($roles.RoleName[$i-1])"
$menu.Add($i, ($roles.RoleName[$i - 1])) }

[int]$ans = Read-host 'enter-Selection'
$reason = Read-Host 'What is the reason for elevation'
$selection = $menu.Item($ans)
Enable-PrivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason $reason

Disconnect-PimService
 
I keep getting
Enable-PrivilegedRoleAssignment : Cannot bind parameter 'RoleAssignment'. Cannot convert the "Exchange Administrator" value of type "System.String" to type
"Microsoft.Azure.ActiveDirectory.PIM.API.ODataClient.Microsoft.Azure.PrivilegedIdentities.PrivilegedRoleAssignment".
At C:\Users\davietp\Documents\scripts\PIMTest.ps1:12 char:61
+ ... ivilegedRoleAssignment -duration 2 -RoleAssignment $selection -Reason ...
+ ~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Enable-PrivilegedRoleAssignment], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Azure.ActiveDirectory.PIM.PSModule.Cmdlets.EnablePrivilegedRoleAssignment
1 Reply

I figured it out

 

Connect-PimService

$roles = Get-PrivilegedRoleAssignment | Where {$_.IsElevated -ne "True"}

$menu = @{}

for ($i=1;$i -le $roles.count; $i++)

{

    Write-Host "$i. $($roles.RoleName[$i-1])"

    $menu.Add($i, ($roles.RoleName[$i - 1])) }

 

[int]$ans = Read-host 'enter-Selection'

$reason = Read-Host 'What is the reason for elevation'

$selection = $menu.Item($ans)

$assignment = Get-PrivilegedRoleAssignment | Where {$_.RoleName -eq $selection}

Enable-PrivilegedRoleAssignment -duration 2 -RoleAssignment $assignment -Reason $reason

 

Disconnect-PimService