I'm working on a project that requires the creation of AD security groups and associated permissions for OneDrive folders and excel files. I'm using the graph API to accomplish this, and consistently encounter the same problem when creating permissions against 'newly created' security groups.
Where a permission is created successfully, the new resource lists a single 'granted to' recipient (Permission.GrantedTo.User.DisplayName) with a name that matches the corresponding security group. Where the security group in question has recently been created (i.e. on a prior graph call), I see what initially appears to be a successful response, however the granted to user is incorrect. Rather than match the corresponding security group name, I instead see the following...
"displayName": "2ee34189-560b-400d-9105-1a1699b008ae (/sharepoint/2009/08/claims/farmid)"
The displayName appears to be composed as follows...
When this problem occurs, this unexpected name/label is also visible when viewing the permission via the one drive 'sharing' facility. I initially assumed that this was a transient problem that would rectify itself after a period of time, however this is sadly not the case. The invalid name appears to remain indefinitely, so to mitigate this I've been forced to check the permission post-creation, then delete it and retry the operation as many times as is necessary.
From experience to date I've found that it takes 30 seconds or more (sometimes over a minute), following the creation of a new security group, before associated permissions can be created successfully.
If anyone has any advice on how I can best mitigate or avoid this problem I'd appreciate it.