Join Log in
Score:2
marafado88 avatar Server

Connect-IPPSSession with CertificateThumbPrint cmdlet showing sign in popup

in flag
marafado88

I've set an application to be used by a script, to login on exchange online on an unattended way, following this tutorial.

But when I try to login with it, I got the following outcome, there is a login sign in popup that its not supposed to show:

enter image description here

Note, I've that certificate installed in the same machine where I am running this script:

enter image description here

The way that I've used to create that certificate is the one step 3, recommended way.

Anyone knows how can I avoid that sign in from showing up, and let it do in fact an unattended login?

Thank in advance!

UPDATE1:

Tried with the newest exchange command and worked, but through that I am not able to use SCC cmdlets:

enter image description here

Have also installed the must recent ExchangeOnlineManagement version,

Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.5

but still being popup with Connect-IPPSession ...

UPDATE2:

From documentation I need to have at least Exchange Online PowerShell module version 2.0.6-Preview5 or later, but when I use Connect-IPPSSession with CertificateThumbPrint when I close that login popup, I receive an error message with 3.0.0 on command path error.

On my system I've the following versions:

enter image description here

But really don't know how to force 2.0.6-Preview5 or later, under v2 to be used, instead of 3.0.0 who is the current one, for this case.

739
2 + 0
Score:2
Manuel Batsching avatar Server
us flag
Manuel Batsching

Edit Nov 21 2022: The current pre-release version 3.0.1 of ExchangeOnlineManagement has a fix for this.

I had a look at the cmdlets of the ExchangeOnlineManagement module 3.0.0.

The Problem

The Connect-IPPSSession cmdlet internally calls the Connect-ExchangeOnline cmdlet but removes the -ConnectCertificateThumbprint parameter in the internal call when run from Windows PowerShell.

These are lines 853 to 681 of ExchangeOnlineManagement.psm1:

# Will not pass CertificateThumbprint for other system except Windows
if($IsWindows -eq $true)
{
   Connect-ExchangeOnline -ConnectionUri $ConnectionUri -AzureADAuthorizationEndpointUri $AzureADAuthorizationEndpointUri -UserPrincipalName $UserPrincipalName.Value -PSSessionOption $PSSessionOption -Credential $Credential.Value -BypassMailboxAnchoring:$BypassMailboxAnchoring -ShowBanner:$false -DelegatedOrganization $DelegatedOrganization -Certificate $Certificate.Value -CertificateFilePath $CertificateFilePath.Value -CertificatePassword $CertificatePassword.Value -CertificateThumbprint $CertificateThumbprint.Value -AppId $AppId.Value -Organization $Organization.Value -Prefix $Prefix -CommandName $CommandName -FormatTypeName $FormatTypeName -UseRPSSession:$true
}
else
{
   Connect-ExchangeOnline -ConnectionUri $ConnectionUri -AzureADAuthorizationEndpointUri $AzureADAuthorizationEndpointUri -UserPrincipalName $UserPrincipalName.Value -PSSessionOption $PSSessionOption -Credential $Credential.Value -BypassMailboxAnchoring:$BypassMailboxAnchoring -ShowBanner:$false -DelegatedOrganization $DelegatedOrganization -Certificate $Certificate.Value -CertificateFilePath $CertificateFilePath.Value -CertificatePassword $CertificatePassword.Value -AppId $AppId.Value -Organization $Organization.Value -Prefix $Prefix -CommandName $CommandName -FormatTypeName $FormatTypeName -UseRPSSession:$true
}

The problem here is, that the $IsWindows variable was introduced with PowerShell Core and is not present by default in Windows PowerShell. This means that under Windows PowerShell the condition $IsWindows -eq $true evaluates as $false.

The Workaround

As a workaround in Windows PowerShell you can set the $IsWindows variable globally before calling Connect-IPPSSession:

$Global:IsWindows = $true   
Connect-IPPSSession -AppId '{App ID}' -CertificateThumbprint '{Certificate thumbprint}' -Organization '{Your Organization}.onmicrosoft.com'

I have successfully tested this on Windows PowerShell 5.1 with ExchangeOnlineManagement 3.0.0.

+ 0
Score:0
marafado88 avatar Server
in flag
marafado88

So this was the only way that I managed to solve this:

Get-Command Install-Module
Install-Module PowerShellGet -Force

Close the terminal and open a new one, and do:

Get-Command Install-Module
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.6-Preview7 -AllowPrerelease
Import-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.6
Connect-IPPSSession -CertificateThumbPrint "<certificatethumbprint>" -AppID "<AppID>" -Organization "foobar.onmicrosoft.com"

enter image description here

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.