Issue setting up roles based on group claims

keithadams · September 18, 2024, 8:50pm

Product: PowerShell Universal
Version: 5.0.6

So I have setup OIDC and am trying to grant new users permissions based on what groups they are in in Azure AD. I put in the claim value and the claim type, then restart the PSU service, but it does not work and gives me this error.

This is what my Roles.ps1 looks like.

For extra fun the Admin role also disappears from the Roles page, presumably due to the error.

parzog · September 18, 2024, 8:55pm

Ah - Remove the -Policy script block from any roles that have claims mapping enabled.

@adam I didn’t see anything documented for this - I presume it’s intended behavior as only one should be used at a time, but can you confirm that this isn’t a bug at the least?

Hope this helps!
ZG

Topic		Replies	Views
OIDC Roles & Identities PowerShell Universal	3	508	March 3, 2022
Azure OIDC, unable to locate claims PowerShell Universal	5	356	March 21, 2022
Azure AD OIDC group rights PowerShell Universal	3	282	September 12, 2022
Windows Policy Assignment Not Working PowerShell Universal	2	337	June 12, 2023
AD group authentication PowerShell Universal	0	240	February 27, 2023

Issue setting up roles based on group claims

Related topics