Ph7x Innovation Hub

Do I need VM or Laptop Admin Rights to use PnP.PowerShell in a Migration?

by · Published · Updated

Pexels Lukas 574077
Photo by Lukas

Well this is a good question, the answer is NO

If your SharePoint Administrator grant you the Tenant Permissions.

Because You need to run this cmdlet with an identity that has write access to the Azure AD. You are not creating a new application in the sense of something that runs in your Azure AD tenant. You’re only adding a registration to your Azure AD, a so called ‘consent’ for people in your tenant to use that application. The access rights the application requires are delegate only, so you will always have to provide credentials or another way of identifying the user actually using that application.

Setting up Access Tenant Admins

You have, as always, to understand the Governance of the Corporation.

In our previsions WBBrags we see some scenarios about SharePoint Migrations, click in the Categories Brown Bag

If you have administrative permission to use use the PNP.PowerShell on your Machine, these are the steps. But remember, Administrative Permissions is you are authorized to use it in a Virtual Machine or Laptop, you don’t want to break any rules of your corporation.

First lets Manually download the .nupkg Package from the Microsoft 365 Patterns and Practices PowerShell Cmdlets

Once you get it, rename the File to ZIP and extract

Extract to a Well Know Folder Name, like C:\PS\, that’s because you want to use more than one version

C:\PS\1.12.0
C:\PS\1.6.0

The Next Step is understanding what Remote Signing Options the Governance allow you to run the CMDLETS

Get-ExecutionPolicy -List

In this case the LocalMachine is allowed, so you only have to import the PSD1 File, see Import-Module

Now Let’s import all the commands, this means you have to import the PSD1 file, will give you all the stuff šŸ™‚

Import-Module C:\PS\1.12.0\PnP.PowerShell.psd1
Connect-PnPOnline -Url "https:/tenant.sharepoint.com"

On the other hand, if you only have Unrestricted for the CurrentUser you are not able to run any CMDLET without explicit declare the Execution Policy

Set-ExecutionPolicy -Scope CurrentUser RemoteSigned -Force
Import-Module C:\PS\1.12.0\PnP.PowerShell.psd1
Connect-PnPOnline -Url "https:/tenant.sharepoint.com"

A final note is always validate with your Local CISO and the SharePoint Admin if you are allowed to do so, because in tight security companies you can be fired or if you are an Independent Contractor you may incur in illegal practices and legal clauses will soon be activated.

Tags:

joao

Joao Livio

JoĆ£o has over two decades of IT experience and holds several certifications, including Microsoft Certified Professional (MCP) and Microsoft Certified Technology Specialist (MCTS). He is also a Lean Specialist with expertise in Lean Management, Nintex, and other training programs from LinkedIn and Udemy, including exams related to Azure and the Power Platform. As a Consultant and Advisor for Modern Work, JoĆ£o assists clients in unlocking their digital potential and optimizing productivity and collaboration. His approach is agnostic to technology, focusing on practical solutions that align with business goals. He has consistently been recognized as a Microsoft Most Valuable Professional (MVP) for 10 consecutive years. His commitment to excellence extends beyond technical expertise; he also values consistency, mental health, creative thinking, teamwork, and fun at work. JoĆ£o believes that learning every day within a team context is the key to continuous improvement.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *