BUG?: [SPOSharingSettings] Settings appear to apply, except for RequireAcceptingAccountMatchInvitedAccount = $True

[GeldHades27355]

Description of the issue

Apologies if this is a noob question, but we're only starting out so I might not be asking the right questions in the right places.

We think we finally have a devops CI/CD pipeline running and it seems to execute without errors. I seems to connect to the right target tenant and subscription AND it correctly identifies a different configuration:
Target = [RequireAcceptingAccountMatchInvitedAccount, False]
Desired config = [RequireAcceptingAccountMatchInvitedAccount, True]

(we're only testing with ONE resource for now)

The log suggests that the LCM executes and applies the change (does it tho?), but even an hour later, the target tenant still hasn't implemented [RequireAcceptingAccountMatchInvitedAccount, True]. We verified this through the GUI and with an M365DSC export of that resource, which are both consistent.

What would cause the setting to not apply? Where should we start looking?

Microsoft 365 DSC Version

1.24.605.1

Which workloads are affected

SharePoint Online

The DSC configuration

# Generated with Microsoft365DSC version 1.24.605.1
# For additional information on how to use Microsoft365DSC, please visit https://aka.ms/M365DSC
 
 
Configuration M365TenantConfig
{
     param
    (
        [Parameter(Mandatory = $true)]
        [System.Collections.Hashtable]
        $Credentials
    )
 
    Import-DscResource -ModuleName 'Microsoft365DSC' -ModuleVersion '1.24.605.1'
    Node localhost
    {
        $sharepointAppCreds = $ConfigurationData.NonNodeData.AppCredentials | Where-Object -FilterScript { $_.Workload -eq 'SharePoint' }
          SPOSharingSettings "SPOSharingSettings"
        {
            ApplicationId = '451596dc-bf8d-4720-bbaa-17c2843bda8b'
            TenantId      = '***dev1.onmicrosoft.com'
            CertificateThumbprint    = '***'
            BccExternalSharingInvitations              = $False;
            Credential                                 = $Credscredential;
            DefaultLinkPermission                      = "Edit";
            DefaultSharingLinkType                     = "Internal";
            EnableGuestSignInAcceleration              = $False;
            Ensure                                     = "Present";
            ExternalUserExpirationRequired             = $False;
            ExternalUserExpireInDays                   = 60;
            FileAnonymousLinkType                      = "Edit";
            FolderAnonymousLinkType                    = "Edit";
            IsSingleInstance                           = "Yes";
            MySiteSharingCapability                    = "ExternalUserAndGuestSharing";
            NotifyOwnersWhenItemsReshared              = $True;
            PreventExternalUsersFromResharing          = $True;
            ProvisionSharedWithEveryoneFolder          = $False;
            RequireAcceptingAccountMatchInvitedAccount = $True;
            SharingCapability                          = "ExternalUserAndGuestSharing";
            SharingDomainRestrictionMode               = "None";
            ShowAllUsersClaim                          = $False;
            ShowEveryoneClaim                          = $False;
            ShowEveryoneExceptExternalUsersClaim       = $True;
            ShowPeoplePickerSuggestionsForGuestUsers   = $False;
        }
    }
 
}

Verbose logs showing the problem

2024-06-17T14:35:01.9206797Z ##[section]Starting: Azure PowerShell script: FilePath
2024-06-17T14:35:01.9212270Z ==============================================================================
2024-06-17T14:35:01.9212353Z Task         : Azure PowerShell
2024-06-17T14:35:01.9212400Z Description  : Run a PowerShell script within an Azure environment
2024-06-17T14:35:01.9212478Z Version      : 5.241.0
2024-06-17T14:35:01.9212524Z Author       : Microsoft Corporation
2024-06-17T14:35:01.9212569Z Help         : https://aka.ms/azurepowershelltroubleshooting
2024-06-17T14:35:01.9212622Z ==============================================================================
2024-06-17T14:35:02.7198317Z Generating script.
2024-06-17T14:35:02.7519318Z ========================== Starting Command Output ===========================
2024-06-17T14:35:02.7699033Z ##[command]"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command ". 'C:\Program Files\WindowsPowerShell\AzureAgent\Azure Agent\_work\_temp\a9c89558-5fac-4838-be31-fd52298b56ca.ps1'"
2024-06-17T14:35:03.5592455Z Added TLS 1.2 in session.
2024-06-17T14:35:03.7001158Z ##[command]Import-Module -Name C:\Program Files\WindowsPowerShell\Modules\Az.Accounts\3.0.0\Az.Accounts.psd1 -Global
2024-06-17T14:35:04.6895140Z ##[warning]You're using AzureRM which will be retired soon, please schedule an update.
2024-06-17T14:35:04.7123130Z ##[command]Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue
2024-06-17T14:35:04.9939299Z ##[command]Clear-AzContext -Scope Process
2024-06-17T14:35:05.0079654Z ##[command]Clear-AzConfig -DefaultSubscriptionForLogin
2024-06-17T14:35:05.0534476Z ##[command]Connect-AzAccount 
2024-06-17T14:35:05.0544147Z Name                           Value                                                                                   
2024-06-17T14:35:05.0563105Z ----                           -----                                                                                   
2024-06-17T14:35:05.0577139Z Tenant                         0a958985-d792-429a-8aca-2db3e21b2abd                                                    
2024-06-17T14:35:05.0588784Z Scope                          Process                                                                                 
2024-06-17T14:35:05.0598588Z Environment                    AzureCloud                                                                              
2024-06-17T14:35:05.0602767Z Credential                     System.Management.Automation.PSCredential                                               
2024-06-17T14:35:05.0622342Z WarningAction                  SilentlyContinue                                                                        
2024-06-17T14:35:05.0631496Z ServicePrincipal               True                                                                                    
2024-06-17T14:35:05.0637041Z 
2024-06-17T14:35:05.0641502Z 
2024-06-17T14:35:05.0645507Z 
2024-06-17T14:35:06.2455875Z Retrieving subscriptions for the selection...
2024-06-17T14:35:07.5325916Z 
2024-06-17T14:35:07.5336207Z [Announcements]
2024-06-17T14:35:07.5342442Z With the new Azure PowerShell login experience, you can select the subscription you want to use more easily. Learn more about it and its configuration at https://go.microsoft.com/fwlink/?linkid=2271909.
2024-06-17T14:35:07.5346471Z 
2024-06-17T14:35:07.5351479Z If you encounter any problem, please open an issue at: https://aka.ms/azpsissue
2024-06-17T14:35:07.5354677Z 
2024-06-17T14:35:07.5493617Z VERBOSE: Command [Connect-AzAccount] succeeded.
2024-06-17T14:35:07.5541196Z ##[command]Set-AzContext 
2024-06-17T14:35:07.5544763Z Name                           Value                                                                                   
2024-06-17T14:35:07.5552132Z ----                           -----                                                                                   
2024-06-17T14:35:07.5556071Z SubscriptionId                 460aadfd-1f53-40ee-8159-b2f51d201983                                                    
2024-06-17T14:35:07.5565139Z 
2024-06-17T14:35:07.5609820Z 
2024-06-17T14:35:07.5615759Z 
2024-06-17T14:35:08.4063815Z Subscription name Tenant                              
2024-06-17T14:35:08.4066872Z ----------------- ------                              
2024-06-17T14:35:08.4140385Z Pay-Per-Use       0a958985-d792-429a-8aca-2db3e21b2abd
2024-06-17T14:35:08.4189811Z 
2024-06-17T14:35:08.4311524Z Name               : Pay-Per-Use (460aadfd-1f53-40ee-8159-b2f51d201983) - 0a958985-d792-429a-8aca-2db3e21b2abd - 
2024-06-17T14:35:08.4314576Z                      ***
2024-06-17T14:35:08.4321971Z Subscription       : 460aadfd-1f53-40ee-8159-b2f51d201983
2024-06-17T14:35:08.4326834Z Account            : ***
2024-06-17T14:35:08.4333993Z Environment        : AzureCloud
2024-06-17T14:35:08.4337210Z Tenant             : 0a958985-d792-429a-8aca-2db3e21b2abd
2024-06-17T14:35:08.4341630Z TokenCache         : 
2024-06-17T14:35:08.4346966Z VersionProfile     : 
2024-06-17T14:35:08.4354575Z ExtendedProperties : {}
2024-06-17T14:35:08.4355281Z 
2024-06-17T14:35:08.4405331Z VERBOSE: Command [Set-AzContext] succeeded.
2024-06-17T14:35:08.4614868Z [2024-06-17 16:35:08] - *********************************************************
2024-06-17T14:35:08.4623058Z [2024-06-17 16:35:08] - *      Starting M365 DSC Configuration Deployment       *
2024-06-17T14:35:08.4628546Z [2024-06-17 16:35:08] - *********************************************************
2024-06-17T14:35:08.4638859Z [2024-06-17 16:35:08] - Environment to be deployed: Production
2024-06-17T14:35:08.4645356Z [2024-06-17 16:35:08] - *********************************************************
2024-06-17T14:35:08.4651672Z [2024-06-17 16:35:08] -  
2024-06-17T14:35:08.4679536Z [2024-06-17 16:35:08] - Switching to path: C:\Program Files\WindowsPowerShell\AzureAgent\Azure Agent\_work\r2\a\_M365 Automation\MOFFiles
2024-06-17T14:35:08.4697233Z [2024-06-17 16:35:08] -  
2024-06-17T14:35:08.4706108Z [2024-06-17 16:35:08] - Checking for presence of specified environment
2024-06-17T14:35:08.4709459Z [2024-06-17 16:35:08] -  
2024-06-17T14:35:08.4760310Z [2024-06-17 16:35:08] - Checking for presence of Microsoft365Dsc module and all required modules
2024-06-17T14:35:08.4765813Z [2024-06-17 16:35:08] -  
2024-06-17T14:35:08.5103495Z [2024-06-17 16:35:08] -   Checking Microsoft365Dsc version
2024-06-17T14:35:08.5316145Z [2024-06-17 16:35:08] -     Required version: 1.24.605.1
2024-06-17T14:35:08.5351549Z [2024-06-17 16:35:08] -     Installed version: 
2024-06-17T14:35:08.5370886Z [2024-06-17 16:35:08] -         Configuring PowerShell Gallery
2024-06-17T14:35:13.3182813Z [2024-06-17 16:35:13] -         Installing Microsoft365Dsc
2024-06-17T14:36:09.0914271Z [2024-06-17 16:36:08] -   Checking Module Dependencies
2024-06-17T14:36:15.1299000Z [2024-06-17 16:36:14] -   Removing Outdated Module Dependencies
2024-06-17T14:36:17.6984586Z Checking Microsoft.Graph.Authentication
2024-06-17T14:36:17.7478260Z [2024-06-17 16:36:17] - Modules installed successfully!
2024-06-17T14:36:17.7485694Z [2024-06-17 16:36:17] -  
2024-06-17T14:36:17.7577299Z [2024-06-17 16:36:17] - Getting certificate secrets from KeyVault 'Soloprokeyvault'
2024-06-17T14:36:17.7608937Z [2024-06-17 16:36:17] -   Processing PRD-Cert-Exchange
2024-06-17T14:36:19.3193041Z [2024-06-17 16:36:19] -   Certificate PRD-Cert-Exchange with thumbprint D0A3DB2BAD5849F3777A76A4AF7974ECDDA074EC already exists. Skipping...
2024-06-17T14:36:19.3201498Z [2024-06-17 16:36:19] -   Processing PRD-Cert-Office365
2024-06-17T14:36:20.1772843Z [2024-06-17 16:36:20] -   Certificate PRD-Cert-Office365 with thumbprint D0A3DB2BAD5849F3777A76A4AF7974ECDDA074EC already exists. Skipping...
2024-06-17T14:36:20.1804097Z [2024-06-17 16:36:20] -   Processing PRD-Cert-PowerPlatform
2024-06-17T14:36:21.1632933Z [2024-06-17 16:36:21] -   Certificate PRD-Cert-PowerPlatform with thumbprint D0A3DB2BAD5849F3777A76A4AF7974ECDDA074EC already exists. Skipping...
2024-06-17T14:36:21.1664200Z [2024-06-17 16:36:21] -   Processing PRD-Cert-SecurityCompliance
2024-06-17T14:36:22.0981440Z [2024-06-17 16:36:22] -   Certificate PRD-Cert-SecurityCompliance with thumbprint D0A3DB2BAD5849F3777A76A4AF7974ECDDA074EC already exists. Skipping...
2024-06-17T14:36:22.1008121Z [2024-06-17 16:36:22] -   Processing PRD-Cert-SharePoint
2024-06-17T14:36:23.0004419Z [2024-06-17 16:36:22] -   Certificate PRD-Cert-SharePoint with thumbprint D0A3DB2BAD5849F3777A76A4AF7974ECDDA074EC already exists. Skipping...
2024-06-17T14:36:23.0012281Z [2024-06-17 16:36:22] -   Processing PRD-Cert-Teams
2024-06-17T14:36:23.9278807Z [2024-06-17 16:36:23] -   Certificate PRD-Cert-Teams with thumbprint D0A3DB2BAD5849F3777A76A4AF7974ECDDA074EC already exists. Skipping...
2024-06-17T14:36:23.9334960Z [2024-06-17 16:36:23] - Running deployment of MOF file for environment 'Production'
2024-06-17T14:36:25.1646564Z VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = 
2024-06-17T14:36:25.1646861Z SendConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' = 
2024-06-17T14:36:25.1647438Z root/Microsoft/Windows/DesiredStateConfiguration'.
2024-06-17T14:36:25.1647689Z VERBOSE: An LCM method call arrived from computer SERVER2022 with user sid S-1-5-21-326915350-1447297256-58782252-1025.
2024-06-17T14:36:25.1647820Z VERBOSE: [SERVER2022]: LCM:  [ Start  Set      ]
2024-06-17T14:36:25.1647932Z VERBOSE: [SERVER2022]: LCM:  [ Start  Resource ]  [[SPOSharingSettings]SPOSharingSettings]
2024-06-17T14:36:25.1648070Z VERBOSE: [SERVER2022]: LCM:  [ Start  Test     ]  [[SPOSharingSettings]SPOSharingSettings]
2024-06-17T14:36:29.0039512Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Testing configuration for 
2024-06-17T14:36:29.0043813Z SPO Sharing settings
2024-06-17T14:36:29.0092551Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Getting configuration for 
2024-06-17T14:36:29.0098173Z SPO Sharing settings
2024-06-17T14:36:31.0897280Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connecting to the SharePoint
2024-06-17T14:36:31.0902759Z  Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:31.8425179Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connected to the SharePoint 
2024-06-17T14:36:31.8437201Z Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:32.8126142Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connecting to the SharePoint
2024-06-17T14:36:32.8138786Z  Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:32.8141583Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connected to the SharePoint 
2024-06-17T14:36:32.8152932Z Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:33.6490493Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connecting to the SharePoint
2024-06-17T14:36:33.6507344Z  Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:33.6522173Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connected to the SharePoint 
2024-06-17T14:36:33.6537461Z Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:34.7384105Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Current Values: 
2024-06-17T14:36:34.7395996Z AccessTokens=$null
2024-06-17T14:36:34.7396404Z 
2024-06-17T14:36:34.7404066Z ApplicationId=***
2024-06-17T14:36:34.7404404Z 
2024-06-17T14:36:34.7412410Z ApplicationSecret=$null
2024-06-17T14:36:34.7413824Z 
2024-06-17T14:36:34.7420588Z BccExternalSharingInvitations=False
2024-06-17T14:36:34.7421475Z 
2024-06-17T14:36:34.7430080Z BccExternalSharingInvitationsList=$null
2024-06-17T14:36:34.7430413Z 
2024-06-17T14:36:34.7437820Z CertificatePassword=$null
2024-06-17T14:36:34.7438964Z 
2024-06-17T14:36:34.7446822Z CertificatePath=***
2024-06-17T14:36:34.7447445Z 
2024-06-17T14:36:34.7455001Z CertificateThumbprint=***
2024-06-17T14:36:34.7455288Z 
2024-06-17T14:36:34.7462610Z Credential=$null
2024-06-17T14:36:34.7462905Z 
2024-06-17T14:36:34.7470406Z DefaultLinkPermission=Edit
2024-06-17T14:36:34.7471205Z 
2024-06-17T14:36:34.7478543Z DefaultSharingLinkType=AnonymousAccess
2024-06-17T14:36:34.7479164Z 
2024-06-17T14:36:34.7493036Z EnableGuestSignInAcceleration=False
2024-06-17T14:36:34.7561957Z 
2024-06-17T14:36:34.7565856Z Ensure=Present
2024-06-17T14:36:34.7566195Z 
2024-06-17T14:36:34.7570066Z ExternalUserExpirationRequired=False
2024-06-17T14:36:34.7572795Z 
2024-06-17T14:36:34.7573133Z ExternalUserExpireInDays=60
2024-06-17T14:36:34.7573344Z 
2024-06-17T14:36:34.7573590Z FileAnonymousLinkType=Edit
2024-06-17T14:36:34.7573785Z 
2024-06-17T14:36:34.7574021Z FolderAnonymousLinkType=Edit
2024-06-17T14:36:34.7574208Z 
2024-06-17T14:36:34.7574440Z IsSingleInstance=Yes
2024-06-17T14:36:34.7574661Z 
2024-06-17T14:36:34.7574888Z Managedidentity=False
2024-06-17T14:36:34.7575079Z 
2024-06-17T14:36:34.7575367Z MySiteSharingCapability=ExternalUserAndGuestSharing
2024-06-17T14:36:34.7575576Z 
2024-06-17T14:36:34.7575814Z NotifyOwnersWhenItemsReshared=True
2024-06-17T14:36:34.7576002Z 
2024-06-17T14:36:34.7576413Z PreventExternalUsersFromResharing=False
2024-06-17T14:36:34.7576677Z 
2024-06-17T14:36:34.7578510Z ProvisionSharedWithEveryoneFolder=False
2024-06-17T14:36:34.7582209Z 
2024-06-17T14:36:34.7587298Z RequireAcceptingAccountMatchInvitedAccount=False
2024-06-17T14:36:34.7593517Z 
2024-06-17T14:36:34.7600162Z RequireAnonymousLinksExpireInDays=-1
2024-06-17T14:36:34.7604550Z 
2024-06-17T14:36:34.7610540Z SharingAllowedDomainList=$null
2024-06-17T14:36:34.7614917Z 
2024-06-17T14:36:34.7619736Z SharingBlockedDomainList=$null
2024-06-17T14:36:34.7622918Z 
2024-06-17T14:36:34.7634093Z SharingCapability=ExternalUserAndGuestSharing
2024-06-17T14:36:34.7634453Z 
2024-06-17T14:36:34.7646862Z SharingDomainRestrictionMode=None
2024-06-17T14:36:34.7661754Z 
2024-06-17T14:36:34.7714811Z ShowAllUsersClaim=False
2024-06-17T14:36:34.7715881Z 
2024-06-17T14:36:34.7725327Z ShowEveryoneClaim=False
2024-06-17T14:36:34.7726667Z 
2024-06-17T14:36:34.7734533Z ShowEveryoneExceptExternalUsersClaim=True
2024-06-17T14:36:34.7734881Z 
2024-06-17T14:36:34.7821543Z ShowPeoplePickerSuggestionsForGuestUsers=False
2024-06-17T14:36:34.7833381Z 
2024-06-17T14:36:34.7834175Z TenantId=***
2024-06-17T14:36:34.7834477Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Target Values: 
2024-06-17T14:36:34.7837591Z ApplicationId=***
2024-06-17T14:36:34.7837690Z 
2024-06-17T14:36:34.7837761Z BccExternalSharingInvitations=False
2024-06-17T14:36:34.7837816Z 
2024-06-17T14:36:34.7837877Z CertificateThumbprint=***
2024-06-17T14:36:34.7837913Z 
2024-06-17T14:36:34.7837978Z DefaultLinkPermission=Edit
2024-06-17T14:36:34.7838013Z 
2024-06-17T14:36:34.7838075Z DefaultSharingLinkType=Internal
2024-06-17T14:36:34.7838119Z 
2024-06-17T14:36:34.7838181Z EnableGuestSignInAcceleration=False
2024-06-17T14:36:34.7838220Z 
2024-06-17T14:36:34.7838279Z Ensure=Present
2024-06-17T14:36:34.7838315Z 
2024-06-17T14:36:34.7838383Z ExternalUserExpirationRequired=False
2024-06-17T14:36:34.7838423Z 
2024-06-17T14:36:34.7838483Z ExternalUserExpireInDays=60
2024-06-17T14:36:34.7838523Z 
2024-06-17T14:36:34.7838583Z FileAnonymousLinkType=Edit
2024-06-17T14:36:34.7838617Z 
2024-06-17T14:36:34.7838711Z FolderAnonymousLinkType=Edit
2024-06-17T14:36:34.7838747Z 
2024-06-17T14:36:34.7839071Z IsSingleInstance=Yes
2024-06-17T14:36:34.7839259Z 
2024-06-17T14:36:34.7841550Z MySiteSharingCapability=ExternalUserAndGuestSharing
2024-06-17T14:36:34.7845634Z 
2024-06-17T14:36:34.7850495Z NotifyOwnersWhenItemsReshared=True
2024-06-17T14:36:34.7853611Z 
2024-06-17T14:36:34.7858296Z PreventExternalUsersFromResharing=True
2024-06-17T14:36:34.7863446Z 
2024-06-17T14:36:34.7868893Z ProvisionSharedWithEveryoneFolder=False
2024-06-17T14:36:34.7872398Z 
2024-06-17T14:36:34.7876940Z RequireAcceptingAccountMatchInvitedAccount=True
2024-06-17T14:36:34.7880263Z 
2024-06-17T14:36:34.7885303Z SharingCapability=ExternalUserAndGuestSharing
2024-06-17T14:36:34.7889254Z 
2024-06-17T14:36:34.7894984Z SharingDomainRestrictionMode=None
2024-06-17T14:36:34.7899014Z 
2024-06-17T14:36:34.7903928Z ShowAllUsersClaim=False
2024-06-17T14:36:34.7907382Z 
2024-06-17T14:36:34.7915901Z ShowEveryoneClaim=False
2024-06-17T14:36:34.7919773Z 
2024-06-17T14:36:34.7924611Z ShowEveryoneExceptExternalUsersClaim=True
2024-06-17T14:36:34.7928176Z 
2024-06-17T14:36:34.7934192Z ShowPeoplePickerSuggestionsForGuestUsers=False
2024-06-17T14:36:34.7938366Z 
2024-06-17T14:36:34.7943113Z TenantId=***
2024-06-17T14:36:34.7946512Z 
2024-06-17T14:36:34.7951060Z Verbose=True
2024-06-17T14:36:34.7978480Z WARNING: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] 
2024-06-17T14:36:34.7983896Z ExternalUserExpirationRequired is set to be false. For that the ExternalUserExpireInDays property cannot be configured
2024-06-17T14:36:34.7993174Z WARNING: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] SharingDomainRestrictionMode
2024-06-17T14:36:34.7995346Z  is set to None. For that SharingAllowedDomainList / SharingBlockedDomainList cannot be configured
2024-06-17T14:36:35.7096184Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Test-TargetResource returned
2024-06-17T14:36:35.7096620Z  False
2024-06-17T14:36:35.7096762Z VERBOSE: [SERVER2022]: LCM:  [ End    Test     ]  [[SPOSharingSettings]SPOSharingSettings]  in 10.3500 seconds.
2024-06-17T14:36:35.7096901Z VERBOSE: [SERVER2022]: LCM:  [ Start  Set      ]  [[SPOSharingSettings]SPOSharingSettings]
2024-06-17T14:36:35.7097029Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Setting configuration for 
2024-06-17T14:36:35.7097123Z SPO Sharing settings
2024-06-17T14:36:35.7097216Z WARNING: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] 
2024-06-17T14:36:35.7097343Z ExternalUserExpirationRequired is set to be false. For that the ExternalUserExpireInDays property cannot be configured
2024-06-17T14:36:35.7097699Z WARNING: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] SharingDomainRestrictionMode
2024-06-17T14:36:35.7097833Z  is set to None. For that SharingAllowedDomainList / SharingBlockedDomainList cannot be configured
2024-06-17T14:36:35.7097958Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7098071Z [SharingCapability, ExternalUserAndGuestSharing]
2024-06-17T14:36:35.7098180Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7098278Z [ShowEveryoneClaim, False]
2024-06-17T14:36:35.7098377Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7098474Z [ShowAllUsersClaim, False]
2024-06-17T14:36:35.7098574Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7099130Z [ShowEveryoneExceptExternalUsersClaim, True]
2024-06-17T14:36:35.7099251Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7099356Z [ProvisionSharedWithEveryoneFolder, False]
2024-06-17T14:36:35.7099465Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7100155Z [BccExternalSharingInvitations, False]
2024-06-17T14:36:35.7100264Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7100360Z [SharingDomainRestrictionMode, None]
2024-06-17T14:36:35.7100467Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7100568Z [DefaultSharingLinkType, Internal]
2024-06-17T14:36:35.7100669Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7100774Z [PreventExternalUsersFromResharing, True]
2024-06-17T14:36:35.7100877Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7100983Z [ShowPeoplePickerSuggestionsForGuestUsers, False]
2024-06-17T14:36:35.7101090Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7101187Z [FileAnonymousLinkType, Edit]
2024-06-17T14:36:35.7101286Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7101383Z [FolderAnonymousLinkType, Edit]
2024-06-17T14:36:35.7101482Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7101584Z [NotifyOwnersWhenItemsReshared, True]
2024-06-17T14:36:35.7101690Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7101781Z [DefaultLinkPermission, Edit]
2024-06-17T14:36:35.7101882Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7101985Z [RequireAcceptingAccountMatchInvitedAccount, True]
2024-06-17T14:36:35.7102098Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Configuring Tenant with: 
2024-06-17T14:36:35.7102196Z [ExternalUserExpirationRequired, False]
2024-06-17T14:36:35.7102490Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connecting to the SharePoint
2024-06-17T14:36:35.7102735Z  Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:35.7103132Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connected to the SharePoint 
2024-06-17T14:36:35.7103312Z Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:36.2740077Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connecting to the SharePoint
2024-06-17T14:36:36.2755651Z  Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:36.2770195Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connected to the SharePoint 
2024-06-17T14:36:36.2785896Z Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:36.9753575Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connecting to the SharePoint
2024-06-17T14:36:36.9768774Z  Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:36.9785703Z VERBOSE: [SERVER2022]:                            [[SPOSharingSettings]SPOSharingSettings] Connected to the SharePoint 
2024-06-17T14:36:36.9795041Z Online Admin Center at 'https://soloprodev1-admin.sharepoint.com' to run this cmdlet
2024-06-17T14:36:39.5707264Z VERBOSE: [SERVER2022]: LCM:  [ End    Set      ]  [[SPOSharingSettings]SPOSharingSettings]  in 4.4750 seconds.
2024-06-17T14:36:39.5716753Z VERBOSE: [SERVER2022]: LCM:  [ End    Resource ]  [[SPOSharingSettings]SPOSharingSettings]
2024-06-17T14:36:39.5758694Z VERBOSE: [SERVER2022]: LCM:  [ End    Set      ]
2024-06-17T14:36:39.5914431Z VERBOSE: [SERVER2022]: LCM:  [ End    Set      ]    in  15.1660 seconds.
2024-06-17T14:36:39.6011057Z VERBOSE: Operation 'Invoke CimMethod' complete.
2024-06-17T14:36:39.6121229Z VERBOSE: Time taken for configuration job to complete is 15.351 seconds
2024-06-17T14:36:39.6128009Z [2024-06-17 16:36:39] -  
2024-06-17T14:36:39.6138526Z [2024-06-17 16:36:39] -  
2024-06-17T14:36:39.6145074Z [2024-06-17 16:36:39] - ************************************************
2024-06-17T14:36:39.6153077Z [2024-06-17 16:36:39] - *              Deployment results              *
2024-06-17T14:36:39.6158925Z [2024-06-17 16:36:39] - ************************************************
2024-06-17T14:36:39.6166750Z [2024-06-17 16:36:39] - MOF Deployment Succeeded!
2024-06-17T14:36:39.6175385Z 
2024-06-17T14:36:39.6175828Z 
2024-06-17T14:36:39.8232565Z Added TLS 1.2 in session.
2024-06-17T14:36:41.0036135Z ##[command]Disconnect-AzAccount -Scope CurrentUser -ErrorAction Stop
2024-06-17T14:36:41.3175736Z ##[command]Disconnect-AzAccount -Scope Process -ErrorAction Stop
2024-06-17T14:36:41.3374560Z ##[command]Clear-AzContext -Scope Process -ErrorAction Stop
2024-06-17T14:36:41.3833023Z ##[section]Finishing: Azure PowerShell script: FilePath

Environment Information + PowerShell Version

No response

[GeldHades27355]

UPDATE: We modified more settings to this resource , which seem to apply as expected - EXCEPT for RequireAcceptingAccountMatchInvitedAccount. It remains "off"/$false, regardless of what we do.

Here is the resource config
BccExternalSharingInvitations = $False;
Credential = $***;
DefaultLinkPermission = "View";
DefaultSharingLinkType = "AnonymousAccess";
EnableGuestSignInAcceleration = $False;
Ensure = "Present";
ExternalUserExpirationRequired = $True;
ExternalUserExpireInDays = 30;
FileAnonymousLinkType = "Edit";
FolderAnonymousLinkType = "Edit";
IsSingleInstance = "Yes";
MySiteSharingCapability = "Disabled";
NotifyOwnersWhenItemsReshared = $True;
PreventExternalUsersFromResharing = $True;
ProvisionSharedWithEveryoneFolder = $False;
#this is the only value that does not deploy:
RequireAcceptingAccountMatchInvitedAccount = $True;
SharingCapability = "ExternalUserAndGuestSharing";
SharingDomainRestrictionMode = "None";
ShowAllUsersClaim = $False;
ShowEveryoneClaim = $False;
ShowEveryoneExceptExternalUsersClaim = $True;
ShowPeoplePickerSuggestionsForGuestUsers = $True;

[Tom-DB]

I'm seeing the same (unwanted) behaviour.

[ricmestre]

I'm also having the same issue but it's definitely a backend problem and not specific to M365DSC since my integration tests were working before in changing this specific property to true and now it doesn't.

[GeldHades27355]

I'm also having the same issue but it's definitely a backend problem and not specific to M365DSC since my integration tests were working before in changing this specific property to true and now it doesn't.

Sounds plausible, as other values in this resource deploy as expected.

@NikCharlebois any chance to get this fed back to whatever team at MSFT owns this setting?

[ricmestre]

@ykuijs Hi, are you aware of this issue? The cmdlet was working before and now it doesn't so it's a backend problem which seems to be affecting other people.

A simple way to replicate this is to first make sure that the property is set to $false and then do the below, no error messages are shown even with Verbose and Debug enabled.

Set-PnPTenant -RequireAcceptingAccountMatchInvitedAccount $true
(Get-PnPTenant).RequireAcceptingAccountMatchInvitedAccount # this always returns $false

[ykuijs]

If the behavior also occurs when running Set-PnPTenant directly, it has something to do with PnP PowerShell. Could you please create an issue in the PnP PowerShell repo: https://github.com/pnp/powershell/issues

At the same time, I will check with a contact in that team

[ricmestre]

@ykuijs The thing is that this was working just a couple weeks before and nothing changed relative to the PnP module, we don't have updates to it in ages so it's clearly a backend issue, are they able to help with that?

[MatthewWhiteMoJ]

I have been doing some digging on this and came across the following article just as I was about to raise a Bug on the PnP module

https://learn.microsoft.com/en-us/microsoft-365/solutions/microsoft-365-guest-settings?view=o365-worldwide

Setting	Default	Description
Guests must sign in using the same account to which sharing invitations are sent	Off	Prevents guests from redeeming site sharing invitations using a different email address than the invitation was sent to. SharePoint and OneDrive integration with Microsoft Entra B2B does not use this setting because all guests are added to the directory based on the email address that the invitation was sent to and alternate email addresses can't be used to access the site.

Whilst you can define the B2B enabled via Set-PnPTenant it doesn't look like the value is returned when you do a Get-PnPTenant but running Get-SPOTenant confirms that the value is in fact enabled.

I will raise a bug for the Get-PnPTenant and link to this issue and would be good to have some logic in the set-logic that removes the sharing option IF the B2B piece is enabled

[MatthewWhiteMoJ]

Odd - just seen - pnp/powershell#3018 that this was resolved but the fix is in PnP version 2.2.0 but DSC still has a requirement for 1.12.0

Is this something that is held back for a reason @NikCharlebois @andikrueger @ykuijs

[ricmestre]

M365DSC must work with PS5.1 and PnP 2.x branch only works with PS7+ so for the time being it cannot be upgraded, I've also requested something to be changed in PnP and they only applied to 2.x since 1.x is not being upgraded anymore.

[GeldHades27355]

I have been doing some digging on this and came across the following article just as I was about to raise a Bug on the PnP module

https://learn.microsoft.com/en-us/microsoft-365/solutions/microsoft-365-guest-settings?view=o365-worldwide

Setting Default Description
Guests must sign in using the same account to which sharing invitations are sent Off Prevents guests from redeeming site sharing invitations using a different email address than the invitation was sent to. SharePoint and OneDrive integration with Microsoft Entra B2B does not use this setting because all guests are added to the directory based on the email address that the invitation was sent to and alternate email addresses can't be used to access the site.
Whilst you can define the B2B enabled via Set-PnPTenant it doesn't look like the value is returned when you do a Get-PnPTenant but running Get-SPOTenant confirms that the value is in fact enabled.

I will raise a bug for the Get-PnPTenant and link to this issue and would be good to have some logic in the set-logic that removes the sharing option IF the B2B piece is enabled

Actually, we checked via GUI - and it also didn't enable. From what we can see, SETTING doesn't work. Looks like this may be inconsistent across different tenants or DSC versions.

[MatthewWhiteMoJ]

I have been doing some digging on this and came across the following article just as I was about to raise a Bug on the PnP module
https://learn.microsoft.com/en-us/microsoft-365/solutions/microsoft-365-guest-settings?view=o365-worldwide
Setting Default Description
Guests must sign in using the same account to which sharing invitations are sent Off Prevents guests from redeeming site sharing invitations using a different email address than the invitation was sent to. SharePoint and OneDrive integration with Microsoft Entra B2B does not use this setting because all guests are added to the directory based on the email address that the invitation was sent to and alternate email addresses can't be used to access the site.
Whilst you can define the B2B enabled via Set-PnPTenant it doesn't look like the value is returned when you do a Get-PnPTenant but running Get-SPOTenant confirms that the value is in fact enabled.
I will raise a bug for the Get-PnPTenant and link to this issue and would be good to have some logic in the set-logic that removes the sharing option IF the B2B piece is enabled

Actually, we checked via GUI - and it also didn't enable. From what we can see, SETTING doesn't work. Looks like this may be inconsistent across different tenants or DSC versions.

So if the B2B setting is enabled at an SPO level which you can confirm with Get-SPOTenant and the stock MS module (or a sneaky install of PnP v2 latest on your machine you should be able to see the B2B link to Entra is enabled so regardless of what is in your Datafiles for M365DSC it will always return False and fail verification. I've taken the line out of our config to clear the error

[MatthewWhiteMoJ]

PS5.1 and PnP 2.x branch only works with PS7+ so for the time being it cannot be upgraded, I've also requested something to be changed in PnP and they only applied to 2.

ah ok - makes sense havent dug into their release notes all that much to see what was there

[JonasRied]

Same problem here. Is there any news yet?

[MatthewWhiteMoJ]

Same problem here. Is there any news yet?

I don't think that the support from M365DSC for Powershell 7 or the backport of the setting in PnP to the older version would be anything happening short term. I would check that your tenant is setup for B2B guest using the SPO powershell module and then remove the setting from your M365DSC template.

I don't see that there is a bug in either product and I've not tried the docs page logic on PS7 support in M365DSC either

[FabienTschanz]

There is a pull request #4949 awaiting review for improved PowerShell 7 support. Unfortunately it always takes a long time for those reviews to complete... I personally would prefer to have PowerShell 7 support as quick as possible.