Skip to main content

Powershell Roles

· One min read
Stephan Hochdörfer

Whilst configuring our Office 365 tenant via Powershell, one command failed with a server error. It did not spit out an error code or message, just a generic error message. After trying a few workarounds, I thought, I'd better check if my user has all the permissions needed.

Powershell offers the Get-ManagementRole cmdlet for this case. You pass the cmdlet name you want to call and the parameters you want to pass, and the Get-ManagementRole cmdlet will print the required roles your user needs to be assigned to.

For the Set-Place cmdlet - that's the cmdlet that I was not able to execute, the call looks like this:

Get-ManagementRole -Cmdlet Set-Place -CmdletParameters Identity,Capacity,City,Street,State,PostalCode,CountryOrRegion,Floor,GeoCoordinates,Building

To figure out which roles a user is assigned to, invoke the Get-ManagementRoleAssignment cmdlet:

Get-ManagementRoleAssignment -RoleAssignee "myuser@mydomain.tld" -Delegating $false

This way, you can easily check if a specific user has all the required roles assigned to execute a cmdlet.

Sadly, this did not fix at all the problem I had in the first place as my user has all the required roles assigned.