Do I need VM or Laptop Admin Rights to use PnP.PowerShell in a Migration?
March 18, 2023Well this is a good question, the answer is NO
If your SharePoint Administrator grant you the Tenant Permissions.
Because You need to run this cmdlet with an identity that has write access to the Azure AD. You are not creating a new application in the sense of something that runs in your Azure AD tenant. You’re only adding a registration to your Azure AD, a so called ‘consent’ for people in your tenant to use that application. The access rights the application requires are delegate only, so you will always have to provide credentials or another way of identifying the user actually using that application.
Setting up Access Tenant Admins
You have, as always, to understand the Governance of the Corporation.
In our previsions WBBrags we see some scenarios about SharePoint Migrations, click in the Categories Brown Bag
If you have administrative permission to use use the PNP.PowerShell on your Machine, these are the steps. But remember, Administrative Permissions is you are authorized to use it in a Virtual Machine or Laptop, you don’t want to break any rules of your corporation.
First lets Manually download the .nupkg Package from the Microsoft 365 Patterns and Practices PowerShell Cmdlets
Once you get it, rename the File to ZIP and extract
Extract to a Well Know Folder Name, like C:\PS\, that’s because you want to use more than one version
C:\PS\1.12.0
C:\PS\1.6.0
The Next Step is understanding what Remote Signing Options the Governance allow you to run the CMDLETS
Get-ExecutionPolicy -List
In this case the LocalMachine is allowed, so you only have to import the PSD1 File, see Import-Module
Now Let’s import all the commands, this means you have to import the PSD1 file, will give you all the stuff 🙂
Import-Module C:\PS\1.12.0\PnP.PowerShell.psd1 Connect-PnPOnline -Url "https:/tenant.sharepoint.com"
On the other hand, if you only have Unrestricted for the CurrentUser you are not able to run any CMDLET without explicit declare the Execution Policy
Set-ExecutionPolicy -Scope CurrentUser RemoteSigned -Force Import-Module C:\PS\1.12.0\PnP.PowerShell.psd1 Connect-PnPOnline -Url "https:/tenant.sharepoint.com"
A final note is always validate with your Local CISO and the SharePoint Admin if you are allowed to do so, because in tight security companies you can be fired or if you are an Independent Contractor you may incur in illegal practices and legal clauses will soon be activated.