Creation of new AzureAD application with powershell - powershell

I'm trying to create a new AzureAD application by using the Azure Active Directory Powershell 2.0 module, however after calling the New-
AzureADApplication I get a HTTP Bad requset with the following error.
+ New-AzureADApplication -DisplayName "Umbraco-domea" -IdentifierUris $ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureADApplication], ApiException
+ FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.NewApplication
I found the following github issue with a bit of googling, however even by including the -IdentifierUris in my cmdlet call I still get the error.
New-AzureADApplication -DisplayName $displayName -IdentifierUris $URIs -GroupMembershipClaims "SecurityGroup" -ReplyUrls #($Live",$Dev,"http://localhost:4198/")

The following script works for me, maybe you could test.
$displayName="shuitest"
$URIs="http://mynewapp.contoso.com"
$Live="https://localhost:8080"
$Dev="https://localhost:8081"
New-AzureADApplication -DisplayName $displayName -IdentifierUris $URIs -GroupMembershipClaims "SecurityGroup" -ReplyUrls #($Live,$Dev,"http://localhost:4198/")
If you also get same error log, begin your script add $DebugPreference="Continue" to produce additional debugging information.

Related

Suddenly getting "Unable to get Lros Token." when running Powershell commands

So I've been using Powershell for a while with our Microsoft 365 environment with no major issues.
I'm specifically using the SkypeOnlineConnector to manage our Teams Direct Routing environment.
Today, suddenly out of no where, I've been encountering the following error when running the Grant-CsOnlineVoiceRoutingPolicy and Grant-CsTenantDialPlan commands:
PS C:\Users\shvlzz> Grant-CsOnlineVoiceRoutingPolicy -Identity $upn -PolicyName $null
Unable to get Lros Token.
+ CategoryInfo : NotSpecified: (CN=495c9e16-e17...au1001,DC=local:OCSADUserOrAppContact) [Grant-CsOnlineVoiceRoutingPolicy], LrosClie
ntErrorException
+ FullyQualifiedErrorId : GrantPolicy,Microsoft.Rtc.Management.Xds.GrantOnlineVoiceRoutingPolicyCmdlet
+ PSComputerName : adminau1.online.lync.com
PS C:\Users\shvlzz> Grant-CsTenantDialPlan -identity $upn -PolicyName $null
Unable to get Lros Token.
+ CategoryInfo : NotSpecified: (CN=495c9e16-e17...au1001,DC=local:OCSADUserOrAppContact) [Grant-CsOnlineVoiceRoutingPolicy], LrosClie
ntErrorException
+ FullyQualifiedErrorId : GrantPolicy,Microsoft.Rtc.Management.Xds.GrantOnlineVoiceRoutingPolicyCmdlet
+ PSComputerName : adminau1.online.lync.com
I've tried with a real PolicyName and it also fails with same error:
PS C:\Users\shvlzz> Grant-CsOnlineVoiceRoutingPolicy -Identity $upn -PolicyName "NZ-Unrestricted"
Unable to get Lros Token.
+ CategoryInfo : NotSpecified: (CN=495c9e16-e17...au1001,DC=local:OCSADUserOrAppContact) [Grant-CsOnlineVoiceRoutingPolicy], LrosClie
ntErrorException
+ FullyQualifiedErrorId : GrantPolicy,Microsoft.Rtc.Management.Xds.GrantOnlineVoiceRoutingPolicyCmdlet
+ PSComputerName : adminau1.online.lync.com
I've tried terminating and reestablishing the SkypeOnlineConnector session but the issue still occurs.
Get and Set commands are working properly.
I don't know what the error means so I can't properly troubleshoot to fix it.
I have tried Googling "Lros Token" but have come up emtpy. Even Google doesn't seem to know what it is.
Please help!
I'm getting the same error. I've raised a ticket with Microsoft support and waiting to see what they say.
I can confirm I was able to do the same changes via Admin Center and works as expected.
Happens for me also.
We've seen this across 9 Office 365 tenants.
We cannot grant CsClientPolicy, TeamsCallingPolicy, OnlineVoiceroutingPolicy.
E.g. Set-CsUser -EnterpriseVoiceEnabled works fine.
I'm filing a ticket with MS now.

powershell returned an error:(403) WebException using New-pnpList

I had my PS script running the other day and created a new list with a single field with no issues. Was able to view the list in the Site Contents lib.
Today, it's not working. I tried running the PS code below and then resorted to running the new-pnplist code at the command line...got the same error which is shown below.
I'm using the Global admin account. Using version 3.13.19 SharePointPNPPowerShellOnline. Executed the commands from Powershell ISE which is what I did the other day when it worked. And, I was able to connect successfully using the Connect-sposervice command.
Error:
new-pnplist -Template GenericList -Title 'TestPNP2'
new-pnplist : The remote server returned an error: (403) Forbidden.
At line:1 char:1
+ new-pnplist -Template GenericList -Title $ListName
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (:) [New-PnPList], WebException
+ FullyQualifiedErrorId : EXCEPTION,SharePointPnP.PowerShell.Commands.Lists.NewList
Code:
$TargetListURL="https://<my sharepoint.com>/sites/CKCDemo"
$ListName="TESTPNP2"
Connect-PnPOnline -url $TargetListURL -CurrentCredentials
New-PnPList -Template GenericList -Title $ListName
Add-PnPField -List $ListName -DisplayName "MyTEST" -InternalName "MyTEST" -Type Text -AddToDefaultView
Get-PnPList`
Make sure you have enough permission to create a list in this site. You could try to go to the site directly, check whether you could create a list through ui.
Note: A global admin will not automatically have access to individual sites unless explicitly granted.

PowerShell Error while using the AzureRM Module - HTTP Status Code: NotFound

Calling all PowerShell gurus!
I'm trying to use the Get-AzureRmDataFactoryV2ActivityRun cmdlet in the azurerm PowerShell Module.
When I attempt a query, it says:
Get-AzureRmDataFactoryV2ActivityRun : HTTP Status Code: NotFound
Error Code: NotFound
Error Message: Operation returned an invalid status code 'NotFound'
Request Id: aea5f9c5-fced-4b03-929f-e071eaeb0d9e
Timestamp (Utc):10/25/2017 19:56:43
At line:1 char:1
+ Get-AzureRmDataFactoryV2ActivityRun -DataFactoryName nwmovdatafactory ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureRmDataFactoryV2ActivityRun], ErrorResponseException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.DataFactoryV2.GetAzureDataFactoryActivityRunCommand
If I try and use the previous implementation of this cmdlet, Get-AzureRmDataFactoryRun it works just fine. HOWEVER, it will ALSO throw the same error as above if I do not first Select-AzureRMSubscription.
Furthermore, Select-AzureRMSubscription before running Get-AzureRMDataFactoryV2ActivityRun DOES NOT resolve the issue. Is there a different way I should be setting my active subscription? Or is just just a fake solution?
EDIT:
Login-AzureRMAccount -SubscriptionID SUBID
Get-AzureRmDataFactoryRun -DataFactoryName DATAFACTORY -DatasetName DATASET -StartDateTime 2017-10-25T19:34:18+00:00 -ResourceGroupName RESGROUP
Will work.
Login-AzureRMAccount -SubscriptionID SUBID
Get-AzureRmDataFactoryV2ActivityRun -DataFactoryName DATAFACTORY -ResourceGroupName RESGROUP -PipelineRunId PIPELINENAME -RunStartedAfter 2017-10-25T19:34:18+00:00 -RunStartedBefore 2017-10-26T19:34:18+00:00
Will not work.
It appears the answer to this question is that DataFactoryv2 is an entirely different resource.
https://learn.microsoft.com/en-us/azure/data-factory/introduction

Submit U-SQL Script locally using Powershell

If I want to submit a U-SQL Script to ADLA account, I can do so, using the below powershell cmdlet.
`
Submit-AzureRmDataLakeAnalyticsJob -Account $adlaAccountName -ScriptPath $USQLFile -Name $folder -DegreeOfParallelism $degreeOfParallelism -Verbose`
But, I am not able to submit the script against local ADLA account. I am getting error:
Submit-AzureRmDataLakeAnalyticsJob : Run Login-AzureRmAccount to login.
At line:1 char:1
+ Submit-AzureRmDataLakeAnalyticsJob -Account "local" -ScriptPath GetIn ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Submit-AzureRmDataLakeAnalyticsJob], PSInvalidOperationExceptio
n
+ FullyQualifiedErrorId : InvalidOperation,Microsoft.Azure.Commands.DataLakeAnalytics.SubmitAzureDataLakeAnalyti
csJob
How to submit U-SQL script against local ADLA account ?
In addition to ADL Tools, we have released standalone SDK as well.
https://www.nuget.org/packages/Microsoft.Azure.DataLake.USQL.SDK
And document here:
https://learn.microsoft.com/en-us/azure/data-lake-analytics/data-lake-analytics-data-lake-tools-local-run
Thanks a lot,
Yu Dong

New-AzureQuickVM not creating VM on exsisting Cloud Service?

I'm trying to run the following Azure Powershell cmdlet to provision a new Virtual Machine on a existing Cloud Service.
PS C:\> Get-AzureService | ft ServiceName
ServiceName
-----------
$AZURETEST-EUWEST0
$AZURETEST-JPWEST0
$AZURETEST-USEAST0
$AZURETEST-USWEST0
PS C:\> $image = "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201505.01-en.us-127GB.vhd"
PS C:\> New-AzureQuickVM -Windows -ServiceName "$AZURETEST-USEAST0" -name "AZURESVM-USE1" -ImageName $image -Password Password1 -AdminUsername admin -WaitForBoot
New-AzureQuickVM : ResourceNotFound: The deployment name '$AZURETEST-USEAST0' does not exist.
At line:1 char:1
+ New-AzureQuickVM -Windows -ServiceName "$AZURETEST-USEAST0" -name "AZURESVM-USE1" -Im ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureQuickVM], CloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.PersistentVMs.NewQuickVM
New-AzureQuickVM : Sequence contains no matching element
At line:1 char:1
+ New-AzureQuickVM -Windows -ServiceName "$AZURETEST-USEAST0" -name "AZURESVM-USE1" -Im ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureQuickVM], InvalidOperationException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.PersistentVMs.NewQuickVM
PS C:\>
What doesn't make sense is I'm getting an error that says my Cloud Service - or Deployment Name doesn't exist when you can clearly see it returned when I listed all the available Cloud Services!
First of all, admin as administrator account name will not work. It's a reserved word, once you get past the service name, it will break on this one.
Second, there's nothing wrong with your powershell command and I tested exactly with the same parameters to make sure. I can bet it's the "$" you used for the cloud service name that is being misinterpreted by the cmdlet.
Since you can't rename cloud services, create a new one without the "$" and try again to see if it works.
Update: This is what happens when i try to create CS from the portal with the "$" as first character:
"This field can contain only letters, numbers, and hyphens. The first
and last character in the field must be a letter or number.
Trademarks, reserved words, and offensive words are not allowed."
Try to enter all parameters inline without using named parameters (e.g $image). that solved it for me.
Here is a working example:
$image = "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-20160229-en.us-127GB.vhd"
$location = 'West Europe'
New-AzureQuickVM -Windows -Location $location -ServiceName "RamiSOTest1-cs" -name "RamiSOTest1-VM" -ImageName $image -Password 'RamiPass-1' -AdminUsername 'rami' -WaitForBoot