我目前正在尝试设置一个 powershell 脚本,它为我们公司设置的新租户进行基本配置。
自从我不得不开始使用 MS Graph API 以来,我遇到了困难。对于 Azure 云中的许多设置,MS 提供了一些 cmdlet 来调用 Graph-API 进行配置。示例:
Get-MgDeviceManagementDeviceConfiguration
这将获取当前配置的 Windows 10+ 更新环。这工作正常,我从 Graph API 中得到了适当的答案,并查看了所有配置的选项。现在我想使用以下 cmdlet 进行自己的配置:
New-MgDeviceManagementDeviceConfiguration
我提供了看起来合适的 BodyParameters(并且我已经使用 Update-MgPolicyAuthenticationMethodPolicyAuthenticationMethodConfiguration 将其用于 AuthenticationMethods 配置),但我得到的只是“发生了一个或多个错误。”:
New-MgDeviceManagementDeviceCompliancePolicy : One or more errors occurred.
At line:9 char:5
+ New-MgDeviceManagementDeviceCompliancePolicy -BodyParameter $para ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-MgDeviceMan...cePolicy_Create], AggregateException
+ FullyQualifiedErrorId : Microsoft.Graph.PowerShell.Cmdlets.NewMgDeviceManagementDeviceCompliancePolicy_Create
有没有办法实际调试这样的东西?使用 -Debug 参数不会显示 HTTP 调用,但会显示没有帮助的 StackTrace:
DEBUG: [CmdletException]: Received exception with message 'AggregateException - One or more errors occurred. : at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Microsoft.Graph.PowerShell.EventFactory.CreateLogEvent(Task`1 message)
at Microsoft.Graph.PowerShell.Cmdlets.NewMgDeviceManagementDeviceConfiguration_Create.<>c__DisplayClass47_0.<Microsoft.Graph.PowerShell.Runtime.IEventListener.Signal>b__1()
at Microsoft.Graph.PowerShell.Cmdlets.NewMgDeviceManagementDeviceConfiguration_Create.<Microsoft-Graph-PowerShell-Runtime-IEventListener-Signal>d__47.MoveNext()
--- End of stack trace from previous location where exception was thrown ---...
知道如何调试那些“文档不那么完善”的cmdlet吗?
谢谢。
我也遇到了同样的问题,我想我已经解决了。尝试一下,看看是否有效:
Update-MSGraphEnvironment -AuthUrl 'https://login.microsoftonline.us/common' `
-GraphBaseUrl 'https://graph.microsoft.us' `
-GraphResourceId 'https://graph.microsoft.us' `
-SchemaVersion 'beta'
# Get the MSAL token with required scopes for device management
# Create App Reg RedirectURI under Authentication>Add a platform>Mobile and Desktop Applications -> check MSAL
$msalToken = Get-MsalToken `
-Interactive `
-ClientId $clientId `
-TenantId $tenantId `
-AzureCloudInstance AzureUsGovernment `
-RedirectUri "msalXXXXXXXXXX://auth" `
-Scopes "https://graph.microsoft.us/.default"
$accesstoken = ConvertTo-SecureString "($msalToken.AccessToken)" -AsPlainText -Force
try {
Connect-MgGraph -AccessToken $accesstoken -Environment "USGov"
Write-Host "Successfully connected to Microsoft Graph"
} catch {
Write-Error "Failed to connect to Microsoft Graph: $_"
Write-Error $_.Exception.Message
}