Share via

Unauthorized- PowerShell Scripts - SharePoint Service Admin - SharePoint online

Anonymous
2019-07-30T18:52:44+00:00

Powershell Using CSOM - Exception on Connecting to Governance Site: Exception calling "ExecuteQuery" with "0" argument(s): "The IDCRL response header from server 'https://XXXXXXXX.sharepoint.com/' is not valid. The response header value is 'NTLM'. The response status code is 'Unauthorized'. 

Somtimes, Using PnP, I am getting 403 forbidden.

I am using P2 PIM to elevate myself to SharePoint Service Admin role.

Sometimes, if I restart my machine or if I de-activate and reactivate SSA using the PIM, I am able to run the same script without any issues and sometimes it doesn't and the script works the next day.

Example: I was creating 6 sites and creating SP groups in those sites using PnP. The first two sites were created successfully with groups. Then rest of the 4 sites are created and got 403 for each of the Group creation in those sites.

I cleared temp and de-activate, reactivate SSA and restarted machine -> ran the same script without site creation, the groups were created for the next 2 sites. But, got same 403 error for the sites 5,6. 

Add-PnPUserToGroup : The remote server returned an error: (403) Forbidden.

Thanks in Advance. 

Please note that this has nothing to do with MFA, password files, incorrect pwd etc....

Microsoft 365 and Office | SharePoint | For business | Windows

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2019-07-31T14:04:04+00:00

    Hi Neha,

    Thanks for answering. I am not assigning roles using Powershell scripts. I have no issues in activating roles. Perhaps the below shorter version can help.

    When I try to connect to a site using powershell, I am getting the below errors. 

    "The IDCRL response header from server 'https://XXXXXXXX.sharepoint.com/' is not valid. The response header value is 'NTLM'. The response status code is 'Unauthorized'. 

    Somtimes, Using PnP, I am getting 403 forbidden.

    I will also post in TechNet forum

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  2. Anonymous
    2019-07-31T08:33:36+00:00

    Hi AravindKumarT,

    Here’s an article to help you assign roles to user accounts with Office 365 PowerShell. Also, make sure you run Azure Active Directory PowerShell as an admin.

    Since you are using custom PowerShell script to elevate user role, I’ll suggest you post in TechNet forum to assistance. The reason I ask you to post a new thread is that we have limited resources and very little knowledge about PowerShell script and in TechNet forum, you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction.

    We highly appreciate your understanding.

    Regards,

    Neha

    Was this answer helpful?

    0 comments