MSEndpointMgr/Intune

Upload-WindowsAutopilotDeviceInfo.ps1 fails on missing dll for new AzureAD module

Closed this issue · 19 comments

Hi,

There was an AzureAD module version 2.0.2.180 released yesterday. It breaks the Upload-WindowsAutopilotDeviceInfo.ps1 script because of a missing Microsoft.IdentityModel.Clients.ActiveDirectory.dll in this version. Is there an option to update the script with a required old version? And push this to powershellgallery?

Eg.
#Requires -Modules @{ ModuleName="AzureAD"; ModuleVersion="2.0.2.140" }

And maybe later have a new script based on MSGraph module?

Kind Regards,

Jeroen

Hi,
can confirm, we have the same issue.

This is also affecting the Modern Device Drivers/Bios see this in the log

image

Confirming same issue on Windows 10 and Windows 11 devices

Hi,
also confirming.

Hi,
Have the same issue

A workaround for now, launch powershell then run:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Install-Script Get-WindowsAutoPilotInfo
Get-WindowsAutoPilotInfo.ps1 -Online

Sign in as a Global Admin and the hash will upload, takes longer than the Upload-WindowsAutopilotDeviceInfo.ps1 script though. It will sit at "waiting for 1 of 1 to be imported" for a while then succeed (usually).

Hi,

There was an AzureAD module version 2.0.2.180 released yesterday. It breaks the Upload-WindowsAutopilotDeviceInfo.ps1 script because of a missing Microsoft.IdentityModel.Clients.ActiveDirectory.dll in this version. Is there an option to update the script with a required old version? And push this to powershellgallery?

Eg. #Requires -Modules @{ ModuleName="AzureAD"; ModuleVersion="2.0.2.140" }

And maybe later have a new script based on MSGraph module?

Kind Regards,

Jeroen

Same issue here across our entire organization. Our workaround has been to manually upload the hash once its been collected using Get-WindowsAutopilotInfo cmdlet. Wonder if Azure AD Module will be fixed is now my wanting to know and to be aware when it is.

same issue here, work around checks out, just wondering when this is fixed

same here. However, it looks like the solution proposed above works fine too:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Install-Script Get-WindowsAutoPilotInfo
Get-WindowsAutoPilotInfo.ps1 -Online

We run Upload-WindowsAutopilotDeviceInfo.ps1 as part of a automated deployment via MDT, so in the short term we can live with Get-WindowsAutoPilotInfo.ps1 -Online and running it interactively, but would like the ability to automate this again.

I have found another workaround that has worked for me so far.

Install-Script -Name Upload-WindowsAutopilotDeviceInfo
Install-Module AzureAD -RequiredVersion 2.0.2.140
Copy-Item -Path "C:\Program Files\WindowsPowerShell\Modules\AzureAD\2.0.2.140\Microsoft.IdentityModel.Clients.A*" -Destination "C:\Program Files\WindowsPowerShell\Modules\AzureAD\2.0.2.180"

After that, the Upload-WindowsAutopilotDeviceInfo.ps1 worked as it used to. Worked as of the last time I needed this, which was 5/31/2023.

l2g2h commented

@NickolajA https://github.com/MSEndpointMgr/Intune/blob/master/Autopilot/Upload-WindowsAutopilotDeviceInfo.ps1%20v1.2.0
Some issues with module install logic at line 81

Install-Module -Name MSGraphRequest
Install-Module -Name MSAL.PS

@l2g2h: yeah I noticed I was a bit too quick in committing this change. I'm testing it out currently and have updated it slightly to mimic more the behavior as of my IntuneWin32App module.

@MoondewCoUK: For your scenario, would allowing for passing a Client Secret of a custom app registration that you setup, solve your situation? I'm thinking down the lines of:

Upload-WindowsAutopilotDeviceInfo.ps1 -TenantName -ClientID -ClientSecret

@jerveree: My take is to make use of the MSAL.PS module instead. Would that work for you?

I've pushed 1.2.1 in this repo now. Please let me know if it works better, and I'll publish it to the gallery. Appreciate all the feedback!

@jerveree: My take is to make use of the MSAL.PS module instead. Would that work for you?

We are currently using Get-WindowsAutoPilotInfo.ps1 -Online as a workaround. I'll inform my colleagues about your solution.

@NickolajA

I have updated the old script we have (1.1.0) with 1.2.1, we use the following script as part of automated MDT deployment , unfortunately I did not get the login window to authenticate , any help is appreciated:

@echo OFF
REM Set variables
SET SOURCE=%~dp0
SET SOURCE=%SOURCE:~0,-1%
IF NOT DEFINED LOGDIR SET LOGDIR=%SystemRoot%\TEMP

rem xcopy "Upload-WindowsAutopilotDeviceInfo.ps1" "%systemdrive%\Program Files\WindowsPowerShell\Scripts"

Install-PackageProvider -Name NuGet -RequiredVersion 2.8.5.201 -Force

powershell Install-Script -Name AzureAD -Force
powershell Install-Script -Name PSIntuneAuth -Force

powershell Install-Script -Name Upload-WindowsAutopilotDeviceInfo -Force
powershell -noprofile -executionpolicy bypass .\Upload-WindowsAutopilotDeviceInfo.ps1 -TenantName "xyz.com" -GroupTag "ABC"

any chance you could update the version in the gallery

It has been updated now.