I am trying to run a powershell command - ConnectAzureAD and getting the below error-
'Could not load file or assembly 'Microsoft.IdentityModel.Clients.ActiveDirectory, Version=3.19.7.16602, Culture=neutral,. Could not find or load a specific file.'
This was working earlier with Powershell 5 but not with powershell core.The versions that i am using are as:
Powershell - 7.0.1
Az.Accounts - 1.8.1 (i have tried updating this but no luck)
AzureAd - 2.0.2.104
Is there any workaroudn for this ? We tried Azure.Standard.Preview from 'Post test Gallery' but it failed the keyVault powershell commands. Any help on this?
Install-Module -Name AzureADPreview -RequiredVersion 2.0.2.89
Import-Module AzureADPreview -Version 2.0.2.89 -UseWindowsPowerShell
As Shiva said, this is a known limitation on .NET CORE that new version assembly cannot be loaded if old version is already loaded. PowerShell is considering module isolation but so far there is no good solution yet.
You can upgrade Microsoft.IdentityModel.Clients.ActiveDirectory to the latest version.
For more details, you could refer to this issue.
You could instead try to use the az rest invoking the graph api.
Until the time az-cli is in par with the AzureAD powershell module you can instead use the graph api
az login --tenant <tenantname.onmicrosoft.com>
$uri = "https://graph.microsoft.com/v1.0/applications"
$allApplications = az rest `
--method GET `
--uri $uri `
--headers 'Content-Type=application/json' | convertfrom-json
$allApplications.value |% {"{0}-{1}" -f $_.appid, $_.displayname}
I have put some samples using az rest here,
https://github.com/joepaulk/utilities/blob/master/manage-azuread-applicationregistrations.ps1
You may also refer to: https://damienbod.com/2020/06/22/using-azure-cli-to-create-azure-app-registrations/ from where i picked up inspiration
Other reference, how az rest use the accesstokens from az cli can be found here,
https://mikhail.io/2019/07/how-azure-cli-manages-access-tokens/
Related
I've run into an error after following this document (https://learn.microsoft.com/en-us/graph/cloud-communication-online-meeting-application-access-policy) when trying to set up an application access policy in powershell. This is the cmdlet that was run, which produced the error,
New-CsApplicationAccessPolicy -Identity "MeetingsPolicy" -AppIds "<app-id>" -Description "MeetingsPolicy"
The error received in powershell is the following,
"New-CsApplicationAccessPolicy : Unable to cast object of type 'System.Management.Automation.PSListModifier' to type
'System.String'."
Can anyone help shed any light on what is the problem here and how to fix it please?
P.S Im using Powershell 5.1 on Win 10 and running Powershell in admin mode.
Have also tried the following using "splatting", which also did not work.
$props = #{
identity = 'MeetingsPolicy'
appids = '<app-id>'
description = 'MeetingsPolicy'
}
New-CsApplicationAccessPolicy #props
So it turned out the Microsoft Teams cmdlet module version 3.1.0 has issues in there when installed with no previous version. I had to install the 2.3.2-preview version first, which allowed the cmdlets to work. I then updated this version to 3.1.0 and it works fine.
So the steps you need to take are the following,
i) Remove the teams module from powershell,
Uninstall-Module MicrosoftTeams -Allversions
ii) Install the older version first,
Install-Module -Name MicrosoftTeams -RequiredVersion 2.3.2-preview -AllowPrerelease
iii) Connect to teams
Connect-MicrosoftTeams
v) Update to the latest version (Optional)
Update-Module -Name MicrosoftTeams
Run cmdlet and it should work now.
Credit to Marcus Rath for his post here https://blog.matrixpost.net/teams-powershell-several-cmdlet-doesnt-work-errounable-to-cast-object-of-type-system-management-automation-pslistmodifier-to-type-system-string/, which explains the issue in more detail.
I have built a module that uses both PSGallery and Azure Devops (I have a free repo up and I have been playing with it). This is the module: https://www.powershellgallery.com/packages/xanderu.helpers/0.1.9
The problem I'm running into is that when I try to leverage the secure repo, I keep getting a forbidden error. This is the way I'm calling the module:
Publish-ToPSGallery -PSGalleryKey $PSGalleryKey `
-secureRepoName 'PowershellAZDO' `
-secureRepopublishApiKey $PATToken `
-secureRepopublishApiURL "https://pkgs.dev.azure.com/$orgName/$projectName/_packaging/$feedName/nuget/v2/" `
-secureRepoUser $secureRepoUser `
-secureRepoPass $PATToken `
-codePath .
Its a pretty strait forward module but basically create a module (or script) that has the tag 'private' and it should publish to the PSGallery or AZDO accordingly. I'm sure it has something to do with how I'm using the token and credentials (or the API key). Does anyone have any idea what I'm doing wrong here?
EDIT: As part of the xanderu.helpers there is a function new-powershelltemplate and it will auto build a module manifest or script base line that can be used for the publish pipeline
ADDITIONAL EDIT:
I have also tried the following to push to myget nuget and it pushes but it wont find the module using find-module -repository myget:
Publish-ToPSGallery -PSGalleryKey $PSGalleryKey `
-secureRepoName 'MyGet' `
-secureRepopublishApiKey $nugetAPIKey `
-secureRepopublishApiURL "https://www.myget.org/F/$feedName/api/v2" `
-secureRepoUser $secureRepoUser `
-secureRepoPass $secureRepoPass `
-codePath .
Edit #3
I did a little more messing around and when I run
nuget.exe sources
After I run the script, I can see that nuget gets PowershellAZDO as a source. Then I run:
nuget push -Source "PowershellAZDO" -ApiKey AzureDevOps .\xanderu.helpers.0.1.9.nupkg
and I get prompted for a username and password. When I type out the username and PATToken, it pushes the package. This appears to be a bug in the Publish-Module command but I'm unsure as to why. It is like the PSCredential that the module is passed isn't honored. I kept digging and found that in the PowerShellGet v2.2.5 PSModule.psm1 file, there is a call to (line 10990):
Publish-PSArtifactUtility #PublishPSArtifactUtility_Params
and I do in fact see the PSCredential object in there. I've added the following step to the PowerShellGet module that seems to fix the issue... but this is a bug in the source it would appear (this starts on line 6018):
elseif ($NuGetExePath) {
& $NuGetExePath sources update -Name $Repository -UserName $Credential.Username -Password $Credential.GetNetworkCredential().Password
Publish-NugetPackage -NupkgPath $NupkgFullName -Destination $Destination -NugetApiKey $NugetApiKey -NugetExePath $NuGetExePath -Verbose:$VerbosePreference
}
NuGet Version: 5.7.0.6726
PowerShellGet Version: 2.2.5
This is caused by a bug in the Powershellget module v 2.2.5 that I am using. The root cause is because the repo doesn't have a password passed in, you need to add the password to the configs for nuget. This appears to be resolved in the 3.0.0 version of PowerShellGet. I will need to update my manifest/modules to force the load of that version of the module to resolve the issue.
Edit: scratch that... its looks like I thought this worked but it was because my nuget.exe creds were preserved.
Edit2:
This works without fail and doesn't require screwing with the core modules. After running the Register-PSRepository command, ensure you run the following as well or the publish pipeline to Azure Devops won't work. This is a bug in the module as it works other places.
nuget sources update -Name $secureRepoParams.Name -UserName $secureRepoParams.Credential -Password $secureRepoParams.Credential.GetNetworkCredential().Password
I'm getting an error running New-AzureRmRoleAssignment. I want to give an AD group access to a resource group. The script actually works-- the group gets contributor access to the resource group. It just says that it's failing with the message "Access denied to the specified API version".
My script (params not included) is here:
# Import the Task.Common dll that has all the cmdlets we need for Build
import-module Microsoft.TeamFoundation.DistributedTask.Task.Common
import-module Microsoft.TeamFoundation.DistributedTask.Task.Internal
Import-Module "Microsoft.TeamFoundation.DistributedTask.Task.Deployment.Internal"
Import-Module "Microsoft.TeamFoundation.DistributedTask.Task.Deployment.Azure"
Write-Output "Connecting to Azure"
Initialize-AzurePowershellSupport -ConnectedServiceName $ConnectedServiceName -ErrorAction SilentlyContinue
$subscription = (Get-AzureRmContext).Subscription.SubscriptionName #(Get-AzureRmContext).Subscription.SubscriptionName
New-AzureRmRoleAssignment -ObjectId $objID -RoleDefinitionName $roleName -ResourceGroupName $environment-$featureName
How can I fix the error? The script does what it's supposed to, but the build "fails".
According to the error log, do you login Azure by using service principal. If yes, it is a know issue. Please check the issue on GitHub. The issue is solved on the latest version Azure Power Shell(4.1.0 or later).
You could use the following cmdlet to check your Azure PowerShell version.
Get-Module -ListAvailable -Name Azure -Refresh
The latest version is 4.3.1, you could download it from the link.
If you build the script on VSTS, please use Hosted 2017 build agent, it uses the latest version PowerShell. Please refer to this answer.
I am attempting to login to an Azure account through a PowerShell script by means of making use of a publishsettings file; However, I am still finding that it is requiring me to login to my account using Login-AzureRmAccount, regardless of having those credentials.
My step-by step looks something like this:
Clear out all accounts that may be available:
Get-AzureAccount | ForEach-Object { Remove-AzureAccount $_.ID -Force }
Download the PublishSettings file: Import-AzurePublishSettingsFile –PublishSettingsFile $PublishSettingsFileNameWithPath
Select the Azure subscription using the subscription ID:
Select-AzureRMSubscription -SubscriptionId $SubscriptionId
And finally, create a new resource group in the subscription before deploying it: New-AzureRmResourceGroup -Name $ResourceGroupName -Location $ResourceGroupLocation -Verbose -Force 2>> .\errorCIMS_RG.txt | Out-File .\rgDetailsCIMS_RG.txt
However, this is when an error is thrown: Run Login-AzureRmAccount to login.
Assuming I have the PublishSettings file, and it hasnt expired, why would this be giving back an error?
As Mihail said, we should check Azure PowerShell version first, and install the latest version.
We can run this command to list Azure PowerShell version:
Get-Module -ListAvailable -Name Azure -Refresh
By the way, Import-AzurePublishSettingsFile work for ASM, New-AzureRmResourceGroup is ARM command, so if you want to create resource group, you should Login-AzureRmAccount first.
Note:
The AzureResourceManager module does not support publish settings
files.
More information about Import-AzurePublishSettingsFile, please refer to this link.
I solved this problem by updating to last version of azure powershell cmdlet.
You can find last one here:
https://github.com/Azure/azure-powershell/releases
We have a set of custom powershell modules which use the Azure powershell cmdlets - they have been working fine for over a year. I just set up a new machine and whenever I try to run Get_AzureWebsite I receive the following error:
PS C:\WINDOWS\system32> Get-AzureWebsite 'anything'
Get-AzureWebsite : Requested value 'Dynamic' was not found.
This may just be a machine setup but am worried that these comdlets may be being deprecated - appreciate if anyone can help or knows how to fix this?
It may be fixed by updating the version of Azure PowerShell . More detail please refer to the issue and feedback. Please refer to how to install and configure Azure PowerShell. I didn't reproduce it on the Azure PowerShell v2.1.0. It works successfully.Please try to use the following code to get the current Azure PowerShell version .
(Get-Module -ListAvailable | Where-Object{ $_.Name -eq 'Azure' }) `
| Select Version, Name, Author, PowerShellVersion | Format-List;
Okay so this is versions of Azure and AzureRM cmdlets.
Working install is
Install-Module -Name AzureRM -RequiredVersion 1.3.2
Install-Module Azure -AllowClobber
Not sure about -AllowClobber but this was printed in the Azure Console....
PackageManagement\Install-Package : A command with name 'Get-AzureStorageContainerAcl' is already available on this
system. This module 'Azure' may override the existing commands. If you still want to install this module 'Azure', use
-AllowClobber parameter.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:1661 char:21
Guess there is a class in the Storage namespace or something
I installed the latest azure powershell and then ran again the script.
It worked fine.
Just to add you need to restart your machine after installing latest powershell, else you might face error "the required module Azure.Storage is not loaded"