This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I have been using Export-ActivityExplorerData when my client asks for DLP violations in Purview. It makes sense to do this via a self-serve runbook. Automation is already doing a bit of EXO admin, so this would just be adding to it.
Is this possible, or is it prevented by design for security/privacy reasons? Feel confident the app registration has the permissions as per this article. I have also read this article. The app registration has these permissions
Screenshot 2023-05-30 092745.png
I am testing using Powershell ISE (5.1) on my laptop, then will move it to a runbook when it works. EXO is v3.1.
It connects fine with Connect-IPPSSession -CertificateThumbPrint $thumbprint -AppID $applicationid -Organization $organization
but this error is returned when trying to run the cmdlet.
Export-ActivityExplorerData : The term 'Export-ActivityExplorerData' is not recognized as the name of a cmdlet, function
Everything works fine when authenticating using my credentials. This is why I wonder if the behavior is by design.
Many thanks in advance!
Which role(s) do you have assigned to the service principal? If the cmdlet is not available under connecting, the most likely reason is that it's not present in any of the role(s) definitions currently assigned to the SP object.
Thank you for replying! So this requires role assignment like Security Reader to the app registration versus granting API permissions? Trying to grant the minimum amount necessary.
Edit: It required adding Security Reader role to the automation account.