Azure命令在ISE中不起作用,但在PS Shell中起作用

问题描述 投票:-1回答:1

我正在尝试使用我的公司O365帐户连接到我的Azure AD。当我在PS Shell中运行命令时,效果很好。但是,尝试制作ps1脚本文件时,命令在ISE中失败。下面的代码和错误:

代码:

$managedcred = get-storedcredential -Target o365

connect-azuread -credential $managedcred

错误:

Connect-AzureAD:发生一个或多个错误。:AADSTS50126:无效的用户名或密码。跟踪ID:3bbf3cba-61c3-45c5-a19f-60973b7c2700相关编号:14599060-8bb3-4fce-afda-621efc3660ed时间戳记:2019-10-03 16:05:03Z在第1行:char:1+ Connect-AzureAD-凭证$ managedcred+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo:AuthenticationError:(:) [Connect-AzureAD],AadAuthenticationFailedException+ FullyQualifiedErrorId:Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD


Connect-AzureAD:发生一个或多个错误。在第1行:char:1+ Connect-AzureAD-凭证$ managedcred+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo:AuthenticationError:(:) [Connect-AzureAD],AggregateException+ FullyQualifiedErrorId:Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD


Connect-AzureAD:AADSTS50126:无效的用户名或密码。跟踪ID:3bbf3cba-61c3-45c5-a19f-60973b7c2700相关编号:14599060-8bb3-4fce-afda-621efc3660ed时间戳记:2019-10-03 16:05:03Z在第1行:char:1+ Connect-AzureAD-凭证$ managedcred+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo:AuthenticationError:(:) [Connect-AzureAD],AdalServiceException+ FullyQualifiedErrorId:Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD


Connect-AzureAD:响应状态代码未指示成功:400(BadRequest)。在第1行:char:1+ Connect-AzureAD-凭证$ managedcred+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo:AuthenticationError:(:) [Connect-AzureAD],HttpRequestException+ FullyQualifiedErrorId:Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD


Connect-AzureAD:{“错误”:“ invalid_grant”,“错误描述”:“ AADSTS50126:无效的用户名或密码。\ r \ n跟踪ID:3bbf3cba-61c3-45c5-a19f-60973b7c2700 \ r \ n关联ID:14599060-8bb3-4fce-afda-621efc3660ed \ r \ n时间戳:2019-10-0316:05:03Z“,”错误代码“:[50126],”时间戳“:” 2019-10-03 16:05:03Z“,” trace_id“:” 3bbf3cba-61c3-45c5-a19f-60973b7c2700“,” correlation_id “:” 14599060-8bb3-4fce-afda-621efc3660ed“,” error_uri“:” https://login.microsoftonline.com/error?code=50126“}:未知错误在第1行:char:1+ Connect-AzureAD-凭证$ managedcred+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo:AuthenticationError:(:) [Connect-AzureAD],AdalException+ FullyQualifiedErrorId:Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD


Connect-AzureAD:发生一个或多个错误。:AADSTS50126:无效的用户名或密码。跟踪ID:3bbf3cba-61c3-45c5-a19f-60973b7c2700相关编号:14599060-8bb3-4fce-afda-621efc3660ed时间戳记:2019-10-03 16:05:03Z在第1行:char:1+ Connect-AzureAD-凭证$ managedcred+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo:未指定:(:) [Connect-AzureAD],AadAuthenticationFailedException+ FullyQualifiedErrorId:Microsoft.Open.Azure.AD.CommonLibrary.AadAuthenticationFailedException,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

因此,似乎第一个命令可以正常工作,但连接失败。

powershell azure-active-directory
1个回答
0
投票

根据错误消息,您没有使用正确的用户名和密码来连接Azure AD。请使用以下命令进行检查。

 Get-StoredCredential -Target O365 -AsCredentialObject

enter image description here

此外,根据我的理解,您希望在没有提示的情况下连接Azure AD。您也可以使用以下命令:

$name = ""
$password = ""
$secpasswd = ConvertTo-SecureString $password -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ($name, $secpasswd)
Connect-AzureAD -Credential $mycreds 

更新

根据研究,应用密码用于与不支持现代身份验证(例如Outlook)的客户端一起完成MFA。有关更多详细信息,请参阅https://support.microsoft.com/en-au/help/12409/microsoft-account-app-passwords-and-two-step-verification。因此,我们无法使用应用程序密码在PowerShell ISE中连接Azure AD。

根据情况,我建议您使用服务主体连接Azure AD。有关更多详细信息,请参阅https://docs.microsoft.com/en-us/powershell/azure/active-directory/signing-in-service-principal?view=azureadps-2.0

© www.soinside.com 2019 - 2024. All rights reserved.