Graph and PowerShell Blog

A request from our Telecoms team asked if we could sync the phone numbers of newly ported users from Teams to AD as part of a scheduled task. The command worked without issue with the Teams Admin role enabled but when running the command Get-CsOnlineUser as an Azure app we got the following error.

Get-CsOnlineUser: Access Denied.

The fix is to give the application the Skype for Business admin role in Azure/Entra ID. The app can be added to the role via the GUI, just copy the App ID and then search for that when adding a role member.

↑ Above we have both an Azure app and a Managed Identity added to the Skype for Business admin role.

Graph and PowerShell Blog	Articles 2024 Advanced Postfix configuration Installing Exchange 2019 in Azure Landing Zone Upgrading PHP on Windows Adding a Postfix server for relay to O365 O365 Integrated Apps troubleshooting Domino and O365 Co-existence Delegate Control in AD App mail relay via HVE Setting up Mail Relay with HVE Getting BIMI certified Orbea Occam SL H30 Installing FreeSat and Saorview Changing broadband provider Replacing a DIN timer on fuseboard Outlook Desktop Notifications stop working Outlook folders keep moving sort order Teams report uploading to SharePoint with Runbooks Teams PowerShell module can't run CS cmd as App 2023 Cannot map new Shared Mailboxes in O365 Renewing an Exchange 2016 certificate Connect to Compliance PowerShell behind a Proxy Sensitivity Label not shown in Outlook Client Room Finder Error in Outlook Teams not showing Rooms Teams unable to open file Unable to review quarantined mails for shared mailbox Set Locale for various Apps Delegate Sent Items placed into external Tenant Overview of Microsoft Support cases When centralized mail sends via O365 Cleaning up your Windows DNS server Set OneDrive for Business Locale O365 Migration Tips Reporting on successful Azure logons IIS Mapi Queue full with NetScaler Secure Office365 reports with a certificate Using Graph to send emails with inline images Visualizing Graph data with Google Charts Keeping a log of NetScaler AlwaysON connections \| About \| Links

Teams PowerShell module cannot run CS commands as App 19-Jan-24 A request from our Telecoms team asked if we could sync the phone numbers of newly ported users from Teams to AD as part of a scheduled task. The command worked without issue with the Teams Admin role enabled but when running the command Get-CsOnlineUser as an Azure app we got the following error. Get-CsOnlineUser: Access Denied. The fix is to give the application the Skype for Business admin role in Azure/Entra ID. The app can be added to the role via the GUI, just copy the App ID and then search for that when adding a role member. ↑ Above we have both an Azure app and a Managed Identity added to the Skype for Business admin role.