Release v3.0.4 (#13)

Co-authored-by: Adam-it <[email protected]>

Author: github-actions[bot]

package-lock.json

@@ -2,7 +2,7 @@
   "name": "pnp-powershell-extension",
   "displayName": "PnP PowerShell extension",
   "description": "With the PnP PowerShell VS Code extension, you can quickly learn, code and create scripts that use PnP PowerShell commands.",
-  "version": "3.0.3",
+  "version": "3.0.4",
   "publisher": "adamwojcikit",
   "author": {
     "name": "Adam"

package.json

@@ -6695,7 +6695,7 @@
   "Set-PnPTraceLog": {
     "description": "Defines if tracing should be turned on. PnP Core, which is the foundation of these cmdlets, uses the standard Trace functionality of .NET. With this cmdlet you can turn capturing of this trace to a log file on or off. Notice that basically only the Provisioning Engine writes to the trace log which means that cmdlets related to the engine will produce output.",
     "body": [
-      "Set-PnPTraceLog "
+      "Set-PnPTraceLog -On $1"
     ],
     "prefix": [
       "Set-PnPTraceLog"
@@ -6841,34 +6841,29 @@
   },
   "Sync-PnPSharePointUserProfilesFromAzureActiveDirectory": {
     "description": [
-      "This cmdlet allows synchronizing user profiles from Azure Active Directory to their SharePoint Online User Profile equivalents. Note that certain properties are already synced by default. A list of these can be found here: https://learn.microsoft.com/sharepoint/user-profile-sync#properties-that-are-synced-into-sharepoint-user-profiles",
+      "This cmdlet allows synchronizing user profiles from Entra ID to their SharePoint Online User Profile equivalents. Note that certain properties are already synced by default. A list of these can be found here: https://learn.microsoft.com/sharepoint/user-profile-sync#properties-that-are-synced-into-sharepoint-user-profiles",
       "https://learn.microsoft.com/sharepoint/user-profile-sync#properties-that-are-synced-into-sharepoint-user-profiles",
-      "For other properties not listed on this page, you can use this cmdlet to synchronize them. You can provide the property name(s) in Azure Active Directory and specify its equivalent property in SharePoint Online for the values to be mapped to.",
+      "For other properties not listed on this page, you can use this cmdlet to synchronize them. You can provide the property name(s) in Entra ID and specify its equivalent property in SharePoint Online for the values to be mapped to.",
       "Note that SharePoint Online User Profile properties you wish to sync to must have the checkbox unchecked for \"Allow users to edit values for this property\" in the user profile property in the SharePoint User Profile service application. It also must have \"User can override\" checked under Policy Settings of the user profile property in the SharePoint User Profile service application.",
       "must",
       "must",
-      "When running this cmdlet, it will upload a file named userprofilesyncdata-<timestamp>-<guid>.json to the documents library of the SharePoint Online site you are connected to. From there an asynchronous process will be started that processed the JSON file and updates the user profiles on the SharePoint Online side. The time before this process starts varies. Once that process is done and only if something failed, you will find a new folder created in the same document library of which the folder name starts with the same name as the filename. It will contain a .log file in which you can find the results of it trying to update the user profiles in SharePoint Online which were specified in the JSON file. If all the user profile properties have been updated successfully, it will not create such a folder and log file.",
+      "When running this cmdlet, it will upload a file named userprofilesyncdata-<timestamp>-<guid>.json to the document library of the SharePoint Online site you are connected to. From there an asynchronous process will be started that processes the JSON file and updates the user profiles on the SharePoint Online side. The time before this process starts varies. Once that process is done and only if something failed, you will find a new folder created in the same document library of which the folder name starts with the same name as the filename. It will contain a .log file in which you can find the results of it trying to update the user profiles in SharePoint Online which were specified in the JSON file. If all the user profile properties have been updated successfully, it will not create such a folder and log file.",
       "userprofilesyncdata-<timestamp>-<guid>.json",
       "You can also query the import job status using Get-PnPUPABulkImportStatus -JobId <jobid>. The jobid will be returned upon running this cmdlet and can be fed into this cmdlet to get the actual status. It will show State: Submitted after running this cmdlet and before processing it and State: Succeeded once its done and was successful or State: Error if it failed. It will also return full details on the file it will use to update the user profiles and the location of the log file once its done processing and only if it failed. For documentation on all the possible states it can be in, see https://learn.microsoft.com/sharepoint/dev/solution-guidance/bulk-user-profile-update-api-for-sharepoint-online#parameters-2.",
       "Get-PnPUPABulkImportStatus -JobId <jobid>",
       "State: Submitted",
       "State: Succeeded",
       "State: Error",
       "https://learn.microsoft.com/sharepoint/dev/solution-guidance/bulk-user-profile-update-api-for-sharepoint-online#parameters-2",
-      "When not providing -Users, it will fetch all the users and the properties defined in the mapping from Azure Active Directory itself. You can also opt to query for a subset of Azure Active Directory users to update using i.e. Get-PnPAzureAdUser and feed the outcome of that to the -Users parameter. In this case you must ensure that the user objects you supply contain the properties you wish to sync towards SharePoint Online.",
+      "When not providing -Users, it will fetch all the users and the properties defined in the mapping from Entra ID itself. You can also opt to query for a subset of Entra ID users to update using i.e. Get-PnPAzureAdUser and feed the outcome of that to the -Users parameter. In this case you must ensure that the user objects you supply contain the properties you wish to sync towards SharePoint Online.",
       "Get-PnPAzureAdUser",
       "When not providing -Folder, it will assume a document library named \"Shared Documents\" is present within the site collection you're currently connected to. In case you are not using an English site collection, this name may be different and localized. In that case use the -Folder parameter passing in the localized name of the document library you wish to upload the mapping file to.",
       "Required Permissions",
       "Required Permissions",
-      "In order to be able to run this cmdlet you need to have [User.Read.All] and [Sites.FullControl.All] permissions on SharePoint and [User.Read.All] permissions on Microsoft Graph so it will be able to read the users directly from Azure Active Directory and upload the JSON file to SharePoint Online. It also needs to have the Tenant Full Control ACS permission through https://tenant-admin.sharepoint.com/_layouts/appinv.aspx for it to be allowed to kick off the import user profile process:",
-      "[User.Read.All]",
-      "[Sites.FullControl.All]",
-      "SharePoint",
-      "[User.Read.All]",
-      "Microsoft Graph",
-      "https://tenant-admin.sharepoint.com/_layouts/appinv.aspx",
-      "<AppPermissionRequests AllowAppOnlyPolicy=\"true\"> <AppPermissionRequest Scope=\"http://sharepoint/content/tenant\" Right=\"FullControl\" /> </AppPermissionRequests>",
-      "<AppPermissionRequests AllowAppOnlyPolicy=\"true\"> <AppPermissionRequest Scope=\"http://sharepoint/content/tenant\" Right=\"FullControl\" /> </AppPermissionRequests>"
+      "It is no longer needed to use ACS permissions for this cmdlet to work. The following permissions, granted through an Entra ID application registration, should suffice. It can also be used using a Managed Identity within Azure using the same permissions.",
+      "SharePoint: Sites.FullControl.All, TermStore.ReadWrite.All, User.ReadWrite.All \r\nMicrosoft Graph: User.Read ",
+      "SharePoint: Sites.FullControl.All, TermStore.ReadWrite.All, User.ReadWrite.All ",
+      "Microsoft Graph: User.Read "
     ],
     "body": [
       "Sync-PnPSharePointUserProfilesFromAzureActiveDirectory -UserProfilePropertyMapping $1"