EXO Connectivity broken with release 1.24.522.1
YenNantes opened this issue · 4 comments
YenNantes commented
Description of the issue
Assert-M365DSCBlueprint cannot connect anymore to Exchange online when using cert auth (see verbose logs section).
It was working fine with the previous version (I tried it just before upgrading).
Microsoft 365 DSC Version
1.24.522.1
Which workloads are affected
Exchange Online
The DSC configuration
Assert-M365DSCBlueprint -BluePrintUrl .\M365Baseline-iteurofinseu.m365 -OutputReportPath .\reports\M365DSCReport-iteurofinseu-$date.json -ApplicationId $ApplicationId -CertificateThumbprint $CertificateThumbprint -TenantId $TenantDomain -ExcludedProperties ID -Type json
Verbose logs showing the problem
Selected BluePrint contains (51) components to assess.
Initiating the Export of those (51) components from the tenant...
Exporting Microsoft 365 configuration for Components: AADAuthenticationContextClassReference, AADAuthorizationPolicy, AADConditionalAccessPolicy, AADCrossTenantAccessPolicyConfigurationDefault, AADExternalIdentityPolicy, AADGroupLifecyclePolicy, AADGroupsNamingPolicy, AADGroupsSettings, AADSecurityDefaults, EXOAntiPhishPolicy, EXODkimSigningConfig, EXOHostedContentFilterPolicy, EXOMalwareFilterPolicy, EXOManagementRole, EXOOrganizationConfig, EXOQuarantinePolicy, EXOSafeAttachmentPolicy, EXOSafeAttachmentRule, EXOSafeLinksPolicy, EXOSafeLinksRule, EXOTransportConfig, O365AdminAuditLogConfig, O365OrgCustomizationSetting, O365OrgSettings, ODSettings, SCLabelPolicy, SCSensitivityLabel, TeamsAppPermissionPolicy, TeamsChannelsPolicy, TeamsClientConfiguration, TeamsFederationConfiguration, TeamsGuestMeetingConfiguration, TeamsGuestMessagingConfiguration, TeamsMeetingPolicy, TeamsMessagingPolicy, IntuneAppProtectionPolicyAndroid, IntuneAppProtectionPolicyiOS, IntuneDeviceCompliancePolicyAndroidWorkProfile, IntuneDeviceCompliancePolicyiOs, IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10, IntuneDeviceConfigurationCustomPolicyWindows10, IntuneDeviceConfigurationEndpointProtectionPolicyWindows10, IntuneDeviceConfigurationIdentityProtectionPolicyWindows10, IntuneDeviceConfigurationPolicyAndroidWorkProfile, IntuneDeviceConfigurationPolicyiOS, IntuneDeviceConfigurationPolicyWindows10, IntuneDeviceEnrollmentPlatformRestriction, IntuneSettingCatalogCustomPolicyWindows10, IntuneWindowsAutopilotDeploymentProfileAzureADJoined, IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10, IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10
Authentication methods specified:
- Service Principal with Certificate Thumbprint
Connecting to {ExchangeOnline}...❌
Partial Export file was saved at: C:\Users\T2ADM_~3\AppData\Local\Temp\f1c6b1cb-aa7b-40f0-8c92-834dcf610af4.partial.ps1
IDX12729: Unable to decode the header '[PII of type 'System.String' is hidden. For more details, see
https://aka.ms/IdentityModel/PII.]' as Base64Url encoded string.
At C:\Program
Files\WindowsPowerShell\Modules\ExchangeOnlineManagement\3.5.0\netFramework\ExchangeOnlineManagement.psm1:762 char:21
+ throw $_.Exception.InnerException;
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], ArgumentException
+ FullyQualifiedErrorId : IDX12729: Unable to decode the header '[PII of type 'System.String' is hidden. For more
details, see https://aka.ms/IdentityModel/PII.]' as Base64Url encoded string.
Environment Information + PowerShell Version
No response
Tom-DB commented
I'm facing the same issue.
hvdbrink commented
I'm having the same issue with with both Exchange and Security&Compliance.
ChristianGlockner commented
Yes, same issue with Exchange and Security&Compliance.
NikCharlebois commented
The exchange team is investigating. This is only happening when you first connect to Microsoft Graph and then attempt to connect to Exchange. We will circle back.