Closed mwsutherland closed 3 years ago
@erich-wang , please look into this question.
@mwsutherland, I've just made some change in this branch and generated one preview version of Az.Accounts. However I could not verify the fix because I could not reproduce the issue.
Could you please help to verify whether the issue be fixed in preview bits by following below steps?
Register-PSRepository -Name temp -SourceLocation d:\az -InstallationPolicy Trusted
Install-Module Az.Accounts -Repository temp -Force -SkipPublisherCheck
$DebugPreference='Continue'
Connect-AzAccounts
Uninstall-Module Az.Accounts
Unregister-PSRepository -Name temp
I was running into the same issue, your fix is working, thank you!
@valaman , thank you very much for the help. The official version should be Az.Accounts 2.2.0 and will be released around Nov 17, thanks.
It worked for me, too. Thanks!
@mwsutherland , thank you for the confirmation.
I've had a similar problem with Login-AzAccount, and your module version solved it. Is the fact that I had to use -AllowClobber to install it important? (old Az.Accounts was uninstalled beforehand)
Correction: it's not solved, it worked once, and when I closed and reoped PS a got:
PS C:\WINDOWS\system32> Login-AzAccount
DEBUG: 7:56:54 - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: ExecuteCmdlet:1 thread id: 10
DEBUG: 7:56:54 - Autosave setting from startup session: 'CurrentUser'
DEBUG: 7:56:54 - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 7:56:54 - Using Autosave scope 'CurrentUser'
Login-AzAccount : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all avai
lable contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account.
At line:1 char:1
+ Login-AzAccount
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], PSInvalidOperationException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration - 00:00:00.0308815;; Exception -
System.Management.Automation.PSInvalidOperationException: The default context can no longer be found; please run
'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or
'Connect-AzAccount' to login with a new account.
at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.get_DefaultContext()
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient..ctor(IProfileOperations profile)
at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action`3
setContextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 7:56:55 - ConnectAzureRmAccountCommand end processing.
And then, after deleting Az contet jsons in user folder:
PS C:\Windows\System32\WindowsPowerShell\v1.0> Login-AzAccount
WARNING: Unable to acquire token for tenant '************'
WARNING: Unable to acquire token for tenant 'organizations'
Login-AzAccount : One or more errors occurred.
At line:1 char:1
+ Login-AzAccount
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], AggregateException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
PS C:\Windows\System32\WindowsPowerShell\v1.0> Login-AzAccount
DEBUG: 8:03:14 - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: ExecuteCmdlet:1 thread id: 10
DEBUG: 8:03:14 - Autosave setting from startup session: 'CurrentUser'
DEBUG: 8:03:14 - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 8:03:14 - Using Autosave scope 'CurrentUser'
DEBUG: ExecuteCmdlet:2 thread id: 10
DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: Request [6feb4a42-e835-470b-9a38-1f8932336639] POST
https://login.microsoftonline.com/organizations/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-CPU:REDACTED
x-client-OS:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-PKeyAuth:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
x-ms-client-request-id:6feb4a42-e835-470b-9a38-1f8932336639
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4250.0; Microsoft Windows 10.0.18363 )
client assembly: Azure.Identity
DEBUG: Response [6feb4a42-e835-470b-9a38-1f8932336639] 200 OK (00.5s)
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
client-request-id:REDACTED
x-ms-request-id:REDACTED
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
Cache-Control:no-store, no-cache
Content-Type:application/json; charset=utf-8
Expires:-1
P3P:REDACTED
Set-Cookie:REDACTED
Date:Fri, 13 Nov 2020 07:03:17 GMT
Content-Length:4842
DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId: ExpiresOn: 2020-11-13T08:03:17.0000000+00:00
DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId: ExpiresOn: 2020-11-13T08:03:17.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/tenants?api-version=2019-06-01
Headers:
x-ms-client-request-id : c84eb1b3-65e4-4ced-80a9-124bfa9ad1e7
accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Pragma : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id : 187c161a-bd98-40af-b5cc-9eecafafb5fe
x-ms-correlation-request-id : 187c161a-bd98-40af-b5cc-9eecafafb5fe
x-ms-routing-request-id : SWITZERLANDNORTH:20201113T070318Z:187c161a-bd98-40af-b5cc-9eecafafb5fe
Strict-Transport-Security : max-age=31536000; includeSubDomains
X-Content-Type-Options : nosniff
Cache-Control : no-cache
Date : Fri, 13 Nov 2020 07:03:18 GMT
Body:
{
"value": [
{
"id": "/tenants/<Subscription ID>",
"tenantId": "<Subscription ID>",
"countryCode": "HR",
"displayName": "Default Directory",
"domains": [
"<REDACTED>",
"<REDACTED>",
"<REDACTED>"
],
"tenantCategory": "Home"
}
]
}
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. No
account matching the specified username: <my-email> tenantId: <Subscription ID> was found
in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. No
account matching the specified username: <my-email> tenantId: <Subscription ID> was found
in the cache.
WARNING: Unable to acquire token for tenant '<Subscription ID>'
DEBUG: ExecuteCmdlet:3 thread id: 10
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - True; Duration - 00:00:04.6634972;
DEBUG: Finish sending metric.
DEBUG: 8:03:19 - ConnectAzureRmAccountCommand end processing.
Account SubscriptionName TenantId Environment
------- ---------------- -------- -----------
<my-email> AzureCloud
PS C:\Windows\System32\WindowsPowerShell\v1.0> Set-AzContext -SubscriptionId f85f6015-01ca-4470-b4d8-c0e0ee95c121
DEBUG: 8:05:38 - SetAzureRMContextCommand begin processing with ParameterSet 'Subscription'.
DEBUG: 8:05:38 - using account id '<my-email>'...
DEBUG: 8:05:38 - Autosave setting from startup session: 'CurrentUser'
DEBUG: 8:05:38 - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 8:05:38 - Using Autosave scope 'CurrentUser'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. No
account matching the specified username: <my-email> was found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. No
account matching the specified username: <my-email> was found in the cache.
WARNING: Unable to acquire token for tenant 'organizations'
Set-AzContext : SharedTokenCacheCredential authentication unavailable. No account matching the specified username: mark
ocurko@yahoo.com was found in the cache.
At line:1 char:1
+ Set-AzContext -SubscriptionId f85f6015-01ca-4470-b4d8-c0e0ee95c121
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzContext], CredentialUnavailableException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.SetAzureRMContextCommand
DEBUG: AzureQoSEvent: CommandName - Set-AzContext; IsSuccess - False; Duration - 00:00:00.1071598;; Exception -
Azure.Identity.CredentialUnavailableException: SharedTokenCacheCredential authentication unavailable. No account
matching the specified username: <my-email> was found in the cache.
at Azure.Identity.SharedTokenCacheCredential.<GetAccountAsync>d__20.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.SharedTokenCacheCredential.<GetTokenImplAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
at Azure.Identity.SharedTokenCacheCredential.<GetTokenImplAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.SharedTokenCacheCredential.<GetTokenAsync>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.<GetAccessTokenAsync>d__33.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount
account, IAzureEnvironment environment, String tenant, SecureString password, String promptBehavior, Action`1
promptAction, IAzureTokenCache tokenCache, String resourceId)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account,
IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action`1 promptAction)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account,
IAzureEnvironment environment, SecureString password, String promptBehavior, Action`1 promptAction)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.TryGetSubscriptionById(String tenantId, String
subscriptionId, IAzureSubscription& subscription)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.SetCurrentContext(String subscriptionNameOrId,
String tenantId, String name)
at
Microsoft.Azure.Commands.Profile.SetAzureRMContextCommand.<>c__DisplayClass37_0.<ExecuteCmdlet>b__2(AzureRmProfile
profile, RMProfileClient client, String name)
at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)
at Microsoft.Azure.Commands.Profile.SetAzureRMContextCommand.SetContextWithOverwritePrompt(Action`3
setContextAction)
at Microsoft.Azure.Commands.Profile.SetAzureRMContextCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 8:05:40 - SetAzureRMContextCommand end processing.
I uninstalled all the Azure AzureRm Az modules, reinstalled Az modules, the module you made available, and tried again. I seem to connect with Connect-AzAccount -Tenant '...' -SubscriptionId '.........', but next command fails immediately:
`PS C:\Users\mcurko> Connect-AzAccount -Tenant '
DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2020-11-13T11:05:54.0000000+00:00 DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2020-11-13T11:05:54.0000000+00:00 DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri:
https://management.azure.com/subscriptions/
Headers: x-ms-client-request-id : 8830e9b7-b583-4977-8907-c8f8054a88a9 Accept-Language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Cache-Control : no-cache Pragma : no-cache x-ms-ratelimit-remaining-subscription-reads: 11992 x-ms-request-id : 878cafe4-fe90-466e-bea6-22c81933e4ba x-ms-correlation-request-id : 878cafe4-fe90-466e-bea6-22c81933e4ba x-ms-routing-request-id : SWITZERLANDNORTH:20201113T100557Z:878cafe4-fe90-466e-bea6-22c81933e4ba Strict-Transport-Security : max-age=31536000; includeSubDomains X-Content-Type-Options : nosniff Date : Fri, 13 Nov 2020 10:05:57 GMT
Body:
{
"id": "/subscriptions/
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - True; Duration - 00:00:04.4417275; DEBUG: Finish sending metric. DEBUG: 11:05:56 - ConnectAzureRmAccountCommand end processing. Account SubscriptionName TenantId Environment
@mcurko, this seems a different issue, could you please file new file and provide detail info as described in bug template?
Close the issue as it has been addressed in Az.Accounts 2.2 which will be released on Nov 17.
Description
When calling Connect-AzAccount with no parameters, I get the following warning and error:
If I revert back to Az.Accounts v1.9.5, it works.
Steps to reproduce
(Uninstall-Module for all Az.* modules/versions)
(get error)
In case it is relevant, without the -AllowClobber, I get the following error:
Environment data
Module versions
Debug output
Error output