ensure user sid to user powershell csom

%3CLINGO-SUB%20id%3D%22lingo-sub-286006%22%20slang%3D%22en-US%22%3Eensure%20user%20sid%20to%20user%20powershell%20csom%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-286006%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20written%20the%20following%20script%20which%20collate%20all%20the%20sites%20in%20a%20list%20along%20with%20some%20of%20the%20properties%20as%20field%20column%20values%20in%20a%20list.%20However%2C%20when%20the%20execution%20hits%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%24objSID%20%3D%20New-Object%20System.Security.Principal.SecurityIdentifier(%24%3C%2FSPAN%3E%3CSPAN%3ESID%3C%2FSPAN%3E%3CSPAN%3E)%20it%20gives%20an%20issue%20saying%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3BException%20calling%20%22.ctor%22%20with%20%221%22%20argument(s)%3A%20%22Value%20was%20invalid.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%5BSystem.Reflection.Assembly%5D%3A%3ALoadWithPartialName(%22Microsoft.SharePoint.Client%22)%3CBR%20%2F%3E%5BSystem.Reflection.Assembly%5D%3A%3ALoadWithPartialName(%22Microsoft.SharePoint.Client.Runtime%22)%3CBR%20%2F%3E%5BSystem.Reflection.Assembly%5D%3A%3ALoadWithPartialName(%22Microsoft.SharePoint.Client.UserProfiles%22)%3C%2FP%3E%3CP%3E%24SiteURL%20%3D%20%22https%3A%2F%2F%3CSITE%20url%3D%22%22%3E%22%3CBR%20%2F%3E%24ListName%20%3D%20%22%3CLIST%20name%3D%22%22%3E%22%3C%2FLIST%3E%3C%2FSITE%3E%3C%2FP%3E%3CP%3ETry%20%7B%3CBR%20%2F%3E%24Cred%3D%20Get-Credential%3CBR%20%2F%3E%24Credentials%20%3D%20New-Object%20Microsoft.SharePoint.Client.SharePointOnlineCredentials(%24Cred.Username%2C%20%24Cred.Password)%3C%2FP%3E%3CP%3E%23Setup%20the%20context%3CBR%20%2F%3E%24Ctx%20%3D%20New-Object%20Microsoft.SharePoint.Client.ClientContext(%24SiteURL)%3CBR%20%2F%3E%24Ctx.Credentials%20%3D%20%24Credentials%3CBR%20%2F%3E%23Get%20the%20List%3CBR%20%2F%3E%24List%20%3D%20%24Ctx.Web.Lists.GetByTitle(%24ListName)%3CBR%20%2F%3E%24Ctx.Load(%24List)%3CBR%20%2F%3E%24Ctx.ExecuteQuery()%3C%2FP%3E%3CP%3EGet-SPOSite%20-Limit%20ALL%7C%20%25%20%7B%20Get-SPOSite%20-Detailed%20-Identity%20%24_.URL%20%7C%20%25%7B%3C%2FP%3E%3CP%3E%24ListItemInfo%20%3D%20New-Object%20Microsoft.SharePoint.Client.ListItemCreationInformation%3CBR%20%2F%3E%24ListItem%20%3D%20%24List.AddItem(%24ListItemInfo)%3C%2FP%3E%3CP%3E%24ListItem%5B%22Title%22%5D%20%3D%20%24_.Title%3CBR%20%2F%3E%24ListItem%5B%22DisableSharingForNonOwnersStatus%22%5D%20%3D%20%24_.DisableSharingForNonOwnersStatus%3CBR%20%2F%3E%24ListItem%5B%22LastContentModifiedDate%22%5D%20%3D%20%24_.LastContentModifiedDate%3CBR%20%2F%3E%24ListItem%5B%22Status%22%5D%20%3D%20%24_.Status%3CBR%20%2F%3E%23%24ListItem%5B%22Owner%22%5D%20%3D%20%24_.Owner%3C%2FP%3E%3CP%3E%3CBR%20%2F%3E%24SID%20%3D%24_.Owner%3CBR%20%2F%3E%24objSID%20%3D%20New-Object%20System.Security.Principal.SecurityIdentifier(%24%3CSPAN%3ESID%3C%2FSPAN%3E)%3CBR%20%2F%3E%24objUser%20%3D%20%24objSID.Translate(%5BSystem.Security.Principal.NTAccount%5D)%3CBR%20%2F%3EWrite-Host%20%22Resolved%20user%20name%3A%20%22%20%24objUser.Value%3C%2FP%3E%3CP%3E%24ListItem%5B%22Owner%22%5D%20%3D%24Ctx.Web.EnsureUser(%24objUser.Value)%3B%3C%2FP%3E%3CP%3E%24ListItem%5B%22SharingCapability%22%5D%20%3D%20%24_.SharingCapability%3CBR%20%2F%3E%24ListItem%5B%22ConditionalAccessPolicy%22%5D%20%3D%20%24_.ConditionalAccessPolicy%3CBR%20%2F%3E%24ListItem%5B%22Url%22%5D%20%3D%20%24_.Url%3CBR%20%2F%3E%24ListItem.Update()%3CBR%20%2F%3E%24Ctx.ExecuteQuery()%3CBR%20%2F%3EWrite-host%20%22New%20Item%20%24_.Title%20Added%20to%20the%20List!%22%20-ForegroundColor%20Green%3C%2FP%3E%3CP%3E%7D%3CBR%20%2F%3E%7D%7D%3CBR%20%2F%3ECatch%20%7B%3CBR%20%2F%3Ewrite-host%20-f%20Red%20%22Error%20Adding%20Items%20to%20List!%22%20%24_.Exception.Message%3CBR%20%2F%3E%7D%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-286006%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-304771%22%20slang%3D%22en-US%22%3ERe%3A%20ensure%20user%20sid%20to%20user%20powershell%20csom%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-304771%22%20slang%3D%22en-US%22%3E%3CP%3EHave%20you%20verified%20that%20this%20pipeline%20is%20returning%20the%20objects%20you%20expect%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGet-SPOSite%20-Limit%20ALL%7C%20%25%20%7B%20Get-SPOSite%20-Detailed%20-Identity%20%24_.URL%7D%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-289311%22%20slang%3D%22en-US%22%3ERe%3A%20ensure%20user%20sid%20to%20user%20powershell%20csom%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-289311%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20not%20a%20Developer%20but%20here's%20the%20reference%20to%20the%20object%20you're%20trying%20to%20work%20with%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdotnet%2Fapi%2Fsystem.security.principal.securityidentifier%3Fview%3Dnetframework-4.7.2%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdotnet%2Fapi%2Fsystem.security.principal.securityidentifier%3Fview%3Dnetframework-4.7.2%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EA%20quick%20glance%20looks%20like%20it%20wants%20the%20SID%20in%20SDDL%20format.%20%26nbsp%3B%20Take%20a%20look%20at%20the%20value%20of%20the%20SID%20returned%20from%20the%20earlier%20object%20and%20see%20if%20it%20matches%20this%20format%20described%20here%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fdesktop%2Fsecauthz%2Fsecurity-descriptor-string-format%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fdesktop%2Fsecauthz%2Fsecurity-descriptor-string-format%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-289309%22%20slang%3D%22en-US%22%3ERe%3A%20ensure%20user%20sid%20to%20user%20powershell%20csom%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-289309%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20not%20a%20Developer%20but%20this%20might%20help%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdotnet%2Fapi%2Fsystem.security.principal.securityidentifier%3Fview%3Dnetframework-4.7.2%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdotnet%2Fapi%2Fsystem.security.principal.securityidentifier%3Fview%3Dnetframework-4.7.2%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIn%20reading%20up%20it's%20not%20asking%20for%20the%20SID%20in%20string%20but%20in%20SDDL%20format%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fdesktop%2Fsecauthz%2Fsecurity-descriptor-string-format%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fdesktop%2Fsecauthz%2Fsecurity-descriptor-string-format%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ELet%20me%20know%20if%20this%20helps%3C%2FP%3E%0A%3CP%3ESean%3C%2FP%3E%3C%2FLINGO-BODY%3E
Regular Contributor

 

I have written the following script which collate all the sites in a list along with some of the properties as field column values in a list. However, when the execution hits 

$objSID = New-Object System.Security.Principal.SecurityIdentifier($SID) it gives an issue saying

 Exception calling ".ctor" with "1" argument(s): "Value was invalid.

 

[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client")
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.Runtime")
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.UserProfiles")

$SiteURL = "https://<site url>"
$ListName = "<list Name>"

Try {
$Cred= Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Credentials
#Get the List
$List = $Ctx.Web.Lists.GetByTitle($ListName)
$Ctx.Load($List)
$Ctx.ExecuteQuery()

Get-SPOSite -Limit ALL| % { Get-SPOSite -Detailed -Identity $_.URL | %{

$ListItemInfo = New-Object Microsoft.SharePoint.Client.ListItemCreationInformation
$ListItem = $List.AddItem($ListItemInfo)

$ListItem["Title"] = $_.Title
$ListItem["DisableSharingForNonOwnersStatus"] = $_.DisableSharingForNonOwnersStatus
$ListItem["LastContentModifiedDate"] = $_.LastContentModifiedDate
$ListItem["Status"] = $_.Status
#$ListItem["Owner"] = $_.Owner


$SID =$_.Owner
$objSID = New-Object System.Security.Principal.SecurityIdentifier($SID)
$objUser = $objSID.Translate([System.Security.Principal.NTAccount])
Write-Host "Resolved user name: " $objUser.Value

$ListItem["Owner"] =$Ctx.Web.EnsureUser($objUser.Value);

$ListItem["SharingCapability"] = $_.SharingCapability
$ListItem["ConditionalAccessPolicy"] = $_.ConditionalAccessPolicy
$ListItem["Url"] = $_.Url
$ListItem.Update()
$Ctx.ExecuteQuery()
Write-host "New Item $_.Title Added to the List!" -ForegroundColor Green

}
}}
Catch {
write-host -f Red "Error Adding Items to List!" $_.Exception.Message
}

3 Replies

I'm not a Developer but this might help

https://docs.microsoft.com/en-us/dotnet/api/system.security.principal.securityidentifier?view=netfra...

 

In reading up it's not asking for the SID in string but in SDDL format 

https://docs.microsoft.com/en-us/windows/desktop/secauthz/security-descriptor-string-format

 

Let me know if this helps

Sean

I'm not a Developer but here's the reference to the object you're trying to work with

https://docs.microsoft.com/en-us/dotnet/api/system.security.principal.securityidentifier?view=netfra...

 

A quick glance looks like it wants the SID in SDDL format.   Take a look at the value of the SID returned from the earlier object and see if it matches this format described here

https://docs.microsoft.com/en-us/windows/desktop/secauthz/security-descriptor-string-format

 

Have you verified that this pipeline is returning the objects you expect:

 

Get-SPOSite -Limit ALL| % { Get-SPOSite -Detailed -Identity $_.URL}