Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Start-M365DSCConfigurationExtract broken for Service Principal with thumbprint #2374

Closed
ajkenah opened this issue Oct 6, 2022 · 1 comment · Fixed by #2387 or #2395
Closed

Start-M365DSCConfigurationExtract broken for Service Principal with thumbprint #2374

ajkenah opened this issue Oct 6, 2022 · 1 comment · Fixed by #2387 or #2395
Assignees
@andikrueger
Labels
Authentication Bug Something isn't working Core Engine

Comments

@ajkenah
Copy link

ajkenah commented Oct 6, 2022

Details of the scenario you tried and the problem that is occurring

In the latest version of the module (1.22.1005.1) when running the Export-M365DSCConfiguration function with an Application ID and Certificate Thumbprint it fails.

I've chased the issue to a section of code in the "Start-M365DSCConfigurationExtract" function.
On line 231 (Get Tenant Info) the function calls the "Get-M365DSCTenantDomain" function without specifying the $CertificateThumbprint or $ApplicationSecret variables.

This function (Get-M365DSCTenantDomain) then attempts to create a connection to MSGraph, using the New-M365DSCConnection function and $PSBoundParameters parameters, but since the $CertificateThumbprint or $ApplicationSecret variables weren't defined the connection fails with "Could not determine authentication method"

Verbose logs showing the problem

Suggested solution to the issue

Add the $CertificateThumbprint and $ApplicationSecret variables to the "Get-M365DSCTenantDomain" command on line 237

The DSC configuration that is used to reproduce the issue (as detailed as possible)

Version of the DSC module that was used ('dev' if using current dev branch)

1.22.1005.1
@andikrueger andikrueger added Bug Something isn't working Core Engine labels Oct 6, 2022
@andikrueger andikrueger self-assigned this Oct 6, 2022
andikrueger added a commit to andikrueger/Microsoft365DSC that referenced this issue Oct 6, 2022
@andikrueger
Start-M365DSCConfigurationExtract broken for Service Principal with t…
c6d06fc 
…humbprint

Fixes microsoft#2374
@andikrueger andikrueger mentioned this issue Oct 6, 2022
Closed
andikrueger added a commit to andikrueger/Microsoft365DSC that referenced this issue Oct 7, 2022
@andikrueger
Start-M365DSCConfigurationExtract broken for Service Principal with t…
54959f6 
…humbprint

Fixes microsoft#2374
andikrueger added a commit to andikrueger/Microsoft365DSC that referenced this issue Oct 7, 2022
@andikrueger
Start-M365DSCConfigurationExtract broken for Service Principal with t…
598d38e 
…humbprint

Fixes microsoft#2374
andikrueger added a commit to andikrueger/Microsoft365DSC that referenced this issue Oct 7, 2022
@andikrueger
Start-M365DSCConfigurationExtract broken for Service Principal with t…
34ca87a 
…humbprint

Fixes microsoft#2374
@andikrueger andikrueger mentioned this issue Oct 7, 2022
Closed
andikrueger added a commit to andikrueger/Microsoft365DSC that referenced this issue Oct 11, 2022
@andikrueger
Start-M365DSCConfigurationExtract broken for Service Principal with t…
42c4ccf 
…humbprint

Fixes microsoft#2374
@andikrueger andikrueger mentioned this issue Oct 11, 2022
Closed
andikrueger added a commit to andikrueger/Microsoft365DSC that referenced this issue Oct 11, 2022
@andikrueger
fixed typos, fix microsoft#2374
87735be
@andikrueger andikrueger mentioned this issue Oct 11, 2022
Merged
NikCharlebois added a commit that referenced this issue Oct 12, 2022
@NikCharlebois
Merge pull request #2387 from andikrueger/repost-issue-2374
7bb5de9 
fixed typos, fix #2374
@NikCharlebois NikCharlebois mentioned this issue Oct 12, 2022
Merged
@andikrueger andikrueger mentioned this issue Oct 13, 2022
Closed
@zmart83
Copy link

zmart83 commented Jan 19, 2024

Sorry, but it's still not fixed properly. Especially when exporting single components like 'O365SearchAndIntelligenceConfigurations' the authentication fails. The reason for this is that the authentication is checked in the Start-M365DSCConfigurationExtract function:

if (-not [System.String]::IsNullOrEmpty($CertificateThumbprint))
        {
            Write-Host -Object '- Service Principal with Certificate Thumbprint'
            $AuthMethods += 'CertificateThumbprint'
        }

Then the method

Get-M365DSCComponentsWithMostSecureAuthenticationType -AuthenticationMethod $AuthMethods `
            -Resources $selectedResources

is called. In this case, the check is performed in this way:

if ($AuthenticationMethod.Contains('CertificateThumbprint') -and `
                    $parameters.Contains('ApplicationId') -and `
                    $parameters.Contains('CertificateThumbprint') -and `
                    $parameters.Contains('TenantId'))

However, this does not work, as only CertificateThumbprint is transferred from the previous method.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andikrueger andikrueger

Labels
Authentication Bug Something isn't working Core Engine
Projects
None yet
Milestone
No milestone
3 participants
@andikrueger @ajkenah @zmart83