Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication issue after updating to Module 1.3.2 #28

Closed
chibs89 opened this issue Dec 9, 2021 · 5 comments
Closed

Authentication issue after updating to Module 1.3.2 #28

chibs89 opened this issue Dec 9, 2021 · 5 comments

Comments

@chibs89
Copy link

chibs89 commented Dec 9, 2021

Hi,
i used to use Moduleversion 1.2.1 before and upgraded to 1.3.2.
Now I get the following error Message:
Connect-MSIntuneGraph -TenantID $tenantID
"WARNING: An error occurred while attempting to retrieve or refresh access token. Error message: The property 'Authority' cannot be found on this object. Verify that the property exists."

It is the same user which I used for connection with 1.2.1.
Do you have any hints what the reason could be?
@chibs89
Copy link
Author

chibs89 commented Apr 4, 2022

FYI: It is still not working under 1.3.3 with the newest MSAL.PS Module installed.
However when I manually downgrade MSAL.PS to 4.36.1.2 it is working.
With 4.37.0.0 it is failing, when I login zu AzureAD before to grab the tenant information I need before connecting against the intunegraph.

@Joly0
Copy link

Joly0 commented Nov 14, 2022

I am having a similar issue. I am trying to connect using an registrated app from my azure ad, so i assume i use the arguments TenantID, ClientID and ClientSecret, but afterwards i only get the error chibs89 already mentionend.
It seems like it is erroring out somewhere in this try/catch

IntuneWin32App/Public/Connect-MSIntuneGraph.ps1

Line 145 in 644deff

try {

@Joly0
Copy link

Joly0 commented Nov 14, 2022

Ok, i got it fixed quite easily by adding "-AzureCloudInstance 1" at the end of this line

IntuneWin32App/Public/Connect-MSIntuneGraph.ps1

Line 147 in 644deff

$Global:AccessToken = Get-MsalToken @AccessTokenArguments
as suggested here AzureAD/MSAL.PS#45 (comment)

@NickolajA
Copy link
Member

I can't reproduce this issue unfortunately. I just tried to authenticate using the client authentication flow (client id/client secret) using MSAL.PS 4.37.0.0 and it worked.

@jonasatgit
Copy link

I was able to reproduce the problem if I install module "Microsoft.Graph.Authentication" and use "Connect-MgGraph" for a different part of my script before using "Connect-MSIntuneGraph".

I do the following after the install module part to fix the issue for my scripts:
Import-Module IntuneWin32App -ErrorAction SilentlyContinue $moduleItem = Get-Module IntuneWin32App if ($moduleItem){ Get-ChildItem -Path ($moduleItem.ModuleBase) -Recurse -filter 'Connect-MSIntuneGraph.ps1' | ForEach-Object { $stringToReplace = 'Get-MsalToken @AccessTokenArguments' $stringToReplaceWith = 'Get-MsalToken @AccessTokenArguments -AzureCloudInstance AzurePublic' # <- This is the fix to avoid a problem with MSAL.PS # Lets check if we replaced the string already if (-NOT(select-string -Path $_.FullName -Pattern $stringToReplaceWith)){ # Lets replace the string $scriptContents = Get-Content $_.FullName $scriptContents = $scriptContents -replace $stringToReplace, $stringToReplaceWith $scriptContents | Out-File -FilePath $_.FullName -Encoding utf8 -Force } } # we neeed to re-load the module in order for the new code to work Remove-Module IntuneWin32App Import-Module IntuneWin32App }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Joly0 @NickolajA @jonasatgit @chibs89