Getting started with PnP PowerShell - Installation and app registration

Рет қаралды 4,671

Күн бұрын

Пікірлер: 23

@iamdarshann Ай бұрын

This is a fantastic video for setting up the App. I was able to setup the app using the MS docs and information but watching this video helped me understand it even better.

@MicrosoftCommunityLearning Ай бұрын

Great to hear! 🧡

@Ceviot Ай бұрын

Thanks, very useful as in few minutes I managed to create the app registration and to connect!

@MicrosoftCommunityLearning Ай бұрын

Glad it helped!

@paullouie8983 18 күн бұрын

The provided information is not accurate and the command (Register-PnPEntraIDAppForInteractiveLogin) does not generating any certificate! (min 7:48)

@ErwinvanHunen 18 күн бұрын

The Register-PnPEntraIDAppForInteractiveLogin does *not* generate a certificate, however, the cmdlet that I talk about during the time you specified, is Register-PnPEntraIDApp which *does* generate a certificate. Register-PnPEntraIDApp is basically there for you to help you to set up a Entra ID App registration that you can use for unattended (certificate based) logins. Register-PnPEntraIDAppForInteractiveLogin is there to set up a registration for you to use with interactive login (e.g. username/password with multi-factor in place).

@bmassimo1966 Ай бұрын

Thanks for your explanations. How can be possible register an app granting full control only for a specified site collection?

@webdeveloperify Ай бұрын

Thanks Erwin and no wonder why you are called father of PnP Powershell but you rarely say it in your introduction :)

@NganBui-s1n Ай бұрын

As non-admin, can we register Entra App and add permissions manually in UI and then ask GA to consent instead of using cmdlet?

@xsandpathx Ай бұрын

Thats great and all but we were using credential manager with a service account where we specified which sites it had access too But the permissions your showing are tenant wide, whether its right or read or full control. We would rather have site by site access, how can we achieve this

@MicrosoftCommunityLearning Ай бұрын

Please use the GitHub discussions for any questions with the PnP PowerShell crew - they are happy to help for sure - github.com/pnp/powershell/discussions. Required permissions are always 100% dependent on what you are trying achieve. You can grant also site specific permissions in SharePoint Online, but it all depends on your exact objectives and which APIs you are planning to us, so please provide that detail also in the discussion.

@dineshjeyam1 Ай бұрын

I am trying to understand the purpose of the -SharePointApplicationPermissions and -GraphApplicationPermissions parameters in the Register-PnPEntraIDAppForInteractiveLogin command. If the sole purpose of using the app is for interactive login (i.e., user context with user permissions), why are these parameters needed? And I would like to know if using the -GraphDelegatePermissions and -SharePointDelegatePermissions parameters with the required permissions will help exclude the default 4 delegated permissions (AllSites.FullControl, Group.ReadWrite.All, User.ReadWrite.All, TermStore.ReadWrite.All) that are automatically added when provisioning the app.

@vivekm75murali Ай бұрын

Hello, Thank you for the video. I am working on a GCC High environment and above registration (unattended ) doesn’t work. It’s unable to get the token using -Interactive method. Any suggestions?

@ErwinvanHunen Ай бұрын

As I don't have access to a GCC high environment (I'm located in Sweden) it will be a bit of a challenge to figure out where this potentially goes wrong. But I will contact people on the other side of the ocean at MS and check if they can help me debug this issue. You should however be able to manually register the application in your Entra ID, with the right permissions, add localhost as the redirect URL for the app (that is required for interactive login) and then use the ID of that app to authenticate.

@vivekm75murali Ай бұрын

@@ErwinvanHunen - Thank you! I will try to manually register n check.

@NganBui-s1n Ай бұрын

Hello, Thanks Erwin and wonder if non-admin can register Entra App and add permissions manually and ask GA consent once this app is created.

@ErwinvanHunen Ай бұрын

You will still need admin permissions to create the app before the consent. It is possible, manually, to create the app in Entra ID, set the permissions from there, and provide consent. So it's something a GA can do without needing to run cmdlets. They can then provide you with the ID of app to use for authentication

@amatorkemanci80 Ай бұрын

@@ErwinvanHunen after we register our app, during authentication i receive " AADSTS500113: No reply address is registered for the application." error. what do i miss?

@troyleanna6852 Ай бұрын

After trying to run the Register-PnPEntraIDApp, I get the 'is not recognized as the name of a cmdlet, function...' error... What is required to run this?

@MicrosoftCommunityLearning Ай бұрын

Please use the GitHub repository as the primary location to ask the questions - please see following issue for guidance - github.com/pnp/powershell/issues/4250 Most likely you are running older version of the PnP PowerShell and update is required.