I am trying to fetch AAD app info using "Get-AzureADApplication" command. but getting the below error-
Get-AzureADApplication : You must call the Connect-AzureAD cmdlet before calling
any other cmdlets.
At C:\Users\v-pasahu\Desktop\Sample.ps1:18 char:11
+ if($app = Get-AzureADApplication -Filter "DisplayName eq '$($AppName) ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-AzureADApplication], AadNee
dAuthenticationException
+ FullyQualifiedErrorId : Microsoft.Open.Azure.AD.CommonLibrary.AadNeedAuthe
nticationException,Microsoft.Open.AzureAD16.PowerShell.GetApplication
According to the error message, you need to run the command Connect-AzureAD first.
Besides, if you do not install azure powershell module, you should install it before using azure ad powershell.
Looking at the comments you have said you want to run this in the non interactive flow. To do this you must follow the instructions here to log in as a service principal.
Alternatively depending on what you are trying to do you may find it easier to Login using the AzureRm cmdlets.
Related
I'm trying to set access policy in azure key vault by following below msdn docs
https://learn.microsoft.com/en-us/azure/key-vault/general/assign-access-policy-powershell
I followed the steps like installed AzureAd in the powershell and connected with azure. But when I run the next steps I'm facing the issue like
Get-AzADServicePrincipal : The term 'Get-AzADServicePrincipal' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a
path was included, verify that the path is correct and try again.
At line:1 char:1
+ Get-AzADServicePrincipal -SearchString PI
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-AzADServicePrincipal:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Not sure what are the steps I'm missing.
Try running the install again with -AllowClobber.
Install-Module -Name Az -AllowClobber
The command Get-AzADServicePrincipal is in the module Az.Resources. It does not a command of AzureAD module. For more details, please refer to here.
Regarding the issue, please refer to the following steps
Assign your account to Azure AD role
Script
Connect-AzAccount
Get-AzADServicePrincipal
I am following documentation https://learn.microsoft.com/en-us/azure/active-directory/b2b/direct-federation on Powershell and running below command:
Import-Module AzureAD
Connect-AzureAD
$federationSettings = New-Object Microsoft.Open.AzureAD.Model.DomainFederationSettings
I am getting following error:
PS C:\WINDOWS\system32> $federationSettings = New-Object Microsoft.Open.AzureAD.Model.DomainFederationSettings
New-Object : Cannot find type [Microsoft.Open.AzureAD.Model.DomainFederationSettings]: verify that the assembly
containing this type is loaded.
At line:1 char:23
+ ... nSettings = New-Object Microsoft.Open.AzureAD.Model.DomainFederationS ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidType: (:) [New-Object], PSArgumentException
+ FullyQualifiedErrorId : TypeNotFound,Microsoft.PowerShell.Commands.NewObjectCommand
DomainFederationSettings class seems to be missing
How can I have Microsoft.Open.AzureAD.Model.DomainFederationSettings loaded and execute command $federationSettings = New-Object Microsoft.Open.AzureAD.Model.DomainFederationSettings
at the time of writing this answer, you need to use AzureADPreview module and not AzureAd
I highly suspect you are trying this statement with the latter rather than the former.
To install
Install-Module -Name AzureADPreview -AllowClobber
(-AllowClobber is to allow the installation side-to-side with AzureAD module, if you have it installed)
To configure direct federation in Azure AD using PowerShell
Install the latest version of the Azure AD PowerShell for Graph module
(AzureADPreview). (If you need detailed steps, the quickstart for
adding a guest user includes the section Install the latest
AzureADPreview module.)
Source :
MS docs - Configure direct federation in azure ad using powershell
I am trying to login to Azure from Azure Automation using my AD credential. However seems like I am doing something wrong and it's throwing error while testing.
$Cred = Get-AutomationPSCredential -Name 'DefaultAzureCredential'
$null = Add-AzureRmAccount -Credential $Cred -ErrorAction Stop -ErrorVariable err
if($err) {
throw $err
}
Get-AzureRmResourceGroup -Name "my-resource-group"
Error:
Get-AzureRmResourceGroup : No subscription found in the context. Please ensure that the credentials you provided are
authorized to access an Azure subscription, then run Login-AzureRMAccount to login.
At line:8 char:1
+ Get-AzureRmResourceGroup -Name "my-resource-group"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureRmResourceGroup], ApplicationException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Resources.GetAzureResourceGroupCommand
Update:
When I run Get-AzureRm-Context from Azure Automation script it shows me following which is completely different than when I run the same command from Azure Cloud Shell. Should I do things differently ?
Account Environment Subscription Tenant
------- ----------- ------------ ------
AzureCloud
Looking at the error, i do not see an issue with Login or credential. The error is in the get-AzureRmResourceGroup No subscription found in the context.
This happens when credential provided does not have a subscription. If you are sure account has subscription, then the issue might be with the module loaded in Azure Automation.
While trying to connect Azure from Powershell getting below error:
PS H:\> Connect-AzureRmAccount
Connect-AzureRmAccount : An error occurred while sending the request.
At line:1 char:1
+ Connect-AzureRmAccount
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Connect-AzureRmAccount], HttpRequestException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
Couple of things to try :
Sometime , powershell cmdlet doesn't give proper error message as it suppressed it , to get the actual error you can try executing with -debug attribute or you can try using DebugPreference like below.
$DebugPreference = "Continue"
Write-Debug -Message "Hello, World"
Alternatively ,Connect-AzureRMAccount cmdlet used TLS 1.0 by default for connecting to azure and sometime it gets blocked by the organization security policy,
Can you setting up something like below:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Additional reference:
Connect-AzureRmAccount : accessing_ws_metadata_exchange_failed
Hope it helps.
When I try to run "Add-AzureAccount" command in the powershell, I encountered the error below:
I am using the latest Azure powershell version 0.87
Add-AzureAccount : multiple_matching_tokens_detected: The cache
contains multiple tokens satisfying the requirements. Call
AcquireToken again providing more requirements (e.g. UserId) At line:1
char:1
Add-AzureAccount
~~~~~~~~~~~~~~~~
CategoryInfo : CloseError: (:) [Add-AzureAccount], AadAuthenticationFailedException
FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.Profile.AddAzureAccount
Go to C:\Users\<user>\AppData\Roaming\Windows Azure Powershell and delete WindowsAzureProfile.xml. That helped me.
Try downloading the latest version. There was an issue around collisions in the token store that was fixed.
https://github.com/Azure/azure-sdk-tools/releases/tag/v0.8.8-September2014