Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CoE Starter Kit - Feature]: Orphaned Process Assignment Fails Due to Manager Not Being Part of Environment Security Group #9121

Open
lukas-nC opened this issue Oct 15, 2024 · 3 comments
Open

[CoE Starter Kit - Feature]: Orphaned Process Assignment Fails Due to Manager Not Being Part of Environment Security Group #9121

lukas-nC opened this issue Oct 15, 2024 · 3 comments
Assignees
@Jenefer-Monroe
Labels
coe-starter-kit CoE Starter Kit issues enhancement New feature or request
Milestone
CoE Starter Kit -...

Comments

@lukas-nC
Copy link

Is your feature request related to a problem? Please describe.

Hi,
We have enabled the Orphaned Process feature, and a manager provided feedback that orphaned flows should be assigned to them. However, the assignment failed, and we received the following error message:

The supplied reference link -- systemusers() -- is invalid. Expecting a reference link of the form /entityset(key).

Upon investigation, we discovered that the environment where these flows reside is protected by a security group. The manager is not a member of this security group, which prevented them from being found in the SystemUser table. As a result, the assignment process could not locate the manager's SystemUserId.

Describe the solution you'd like

Image

I would like to propose a change to enhance the error notification. If the Compose action (Get new owner SystemUserId) returns empty, the error notification should clarify the issue by stating:

The flows could not be assigned because the selected owner is not a member of the corresponding environment's security group. Please Contact your Power Platform Team

This would help clarify why the assignment failed and provide guidance on how to resolve the issue, for the admins and consumer of this process

Describe alternatives you've considered

No response

Additional context?

No response
@lukas-nC lukas-nC added coe-starter-kit CoE Starter Kit issues enhancement New feature or request labels Oct 15, 2024
@Jenefer-Monroe
Copy link
Collaborator

These connections should actually run in the context of the flow owner, per the parent flow for the orphan processes.
Image

And then per the driver escalation processes we have, that user should be system admin in all environments that the kit runs.
Can you please validate you have the run-only user set?

@Jenefer-Monroe Jenefer-Monroe self-assigned this Oct 15, 2024
@lukas-nC
Copy link
Author

Hi @Jenefer-Monroe,

to answer your question, yes, this flow is running in context of the flow owner.

But I don't think that's the problem.
Image
In my case, I got an error because 1 was empty.
1 was empty because of 2,
which was empty because of 3,
which was empty because the manager (4) is not in the systemuser table.
And his Id is not in the systemuser table because he is not a member of the environment security group of the environment where the orphaned flows reside in.

@Jenefer-Monroe
Copy link
Collaborator

Oh I see. Yep I can add something different there that validates thats the issue and updates the return string correctly.
Thanks for posting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Jenefer-Monroe Jenefer-Monroe

Labels
coe-starter-kit CoE Starter Kit issues enhancement New feature or request
Projects
CoE Starter Kit
Status: No status
Milestone
CoE Starter Kit - December 2024
Development

No branches or pull requests
2 participants
@Jenefer-Monroe @lukas-nC