Can't connect with Azure Runbook and Managed Identity

Question

Can't connect with Azure Runbook and Managed Identity

Mika5283 opened this issue 5 months ago · 3 comments

Description of the issue

Hello,
When I try to run my Runbook, I always have this error : "The term 'Add-ConfigurationDataEntry' is not recognized.

I use this command : Export-M365DSCConfiguration -ManagedIdentity -Components @("AADUser") -TenantId "mytenant.onmicrosoft.com"

I have these modules installed :

Microsoft365DSC 1.24.424.1 (7.2)
MSCloudLoginAssistant 1.1.16 (7.2)
Microsoft.Graph (2.19.0)

I tried in 7.2 and 5.1 environment and the result is the same ?
I also tried to update the dependencies and removed the old one.

Thanks

Microsoft 365 DSC Version

1.24.424.1

Which workloads are affected

Azure Active Directory (Entra ID)

The DSC configuration

No response

Verbose logs showing the problem

No response

Environment Information + PowerShell Version

No response

Answer 1 · 2024-05-13T07:54:34.000Z

Is anyone has an idea please ?

Answer 2 · 2024-05-15T14:52:09.000Z

Seems that the problem was with reversedsc module. I update it and I have a new error yet :

A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (169.254.169.254:80) (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.))`

My code is only that :

Connect-AzAccount -Identity
Export-M365DSCConfiguration -ManagedIdentity -Components @("ExoAcceptedDomain") -TenantId "XXX.onmicrosoft.com" -Verbose -Debug

Do you have an idea with this problem ?

Answer 3 · 2024-06-18T11:24:42.000Z

M365DSC and its connection handling module MSCloudLoginAssistant do not check for previously established connections. Your first line of code would be ignored and the connection would be established in line 2.

It looks like there is an issue within MsCloudLoginAssistant on how the cmdlet is called:

https://github.com/microsoft/MSCloudLoginAssistant/blob/917faed08aec286d4ac3b793cf2275b40ec078d5/Modules/MSCloudLoginAssistant/Workloads/ExchangeOnline.psm1#L190

There is still a bit of App based authentication left.