search

Azure / azure-powershell

Microsoft Azure PowerShell
Other
4.26k stars 3.86k forks source link

Connect-Azaccount -> WARNING: Unable to acquire token for tenant #13893

Closed skippernl closed 3 years ago

skippernl commented 3 years ago

Updated to latest Az modules removed AzureRmContext.json removed AzureRmContextSettings.json

Steps to reproduce

Connect-Azaccount Authenticate with the browser WARNING: Unable to acquire token for tenant '92255eb7-c12b-47c0-9229-18b8ded02378' This is with a MSP account Running with a Global Admin account is running fine


## Environment data
Name                           Value
----                           -----
PSVersion                      7.2.0-preview.2
PSEdition                      Core
GitCommitId                    7.2.0-preview.2
OS                             Microsoft Windows 10.0.19042
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

## Module versions

<!-- Please run (Get-Module  -ListAvailable) and paste the output in the below code block -->
Version              Name                                Repository           Description
-------              ----                                ----------           -----------
1.0.5                AsBuiltReport.Core                  PSGallery            A PowerShell module which provides the c…
1.1.3                AsBuiltReport.VMware.vSphere        PSGallery            A PowerShell module to generate an as bu…
5.3.0                Az                                  PSGallery            Microsoft Azure PowerShell - Cmdlets to …
2.2.3                Az.Accounts                         PSGallery            Microsoft Azure PowerShell - Accounts cr…
1.1.1                Az.Advisor                          PSGallery            Microsoft Azure PowerShell - Azure Advis…
2.0.1                Az.Aks                              PSGallery            Microsoft Azure PowerShell - Azure manag…
1.1.4                Az.AnalysisServices                 PSGallery            Microsoft Azure PowerShell - Analysis Se…
2.2.0                Az.ApiManagement                    PSGallery            Microsoft Azure PowerShell - Api Managem…
1.0.0                Az.AppConfiguration                 PSGallery            Microsoft Azure PowerShell: AppConfigura…
1.1.0                Az.ApplicationInsights              PSGallery            Microsoft Azure PowerShell - Application…
1.4.1                Az.Automation                       PSGallery            Microsoft Azure PowerShell - Automation …
3.1.0                Az.Batch                            PSGallery            Microsoft Azure PowerShell - Batch servi…
2.0.0                Az.Billing                          PSGallery            Microsoft Azure PowerShell - Billing ser…
1.6.0                Az.Cdn                              PSGallery            Microsoft Azure PowerShell - CDN service…
1.8.0                Az.CognitiveServices                PSGallery            Microsoft Azure PowerShell - Cognitive S…
4.8.0                Az.Compute                          PSGallery            Microsoft Azure PowerShell - Compute ser…
1.0.3                Az.ContainerInstance                PSGallery            Microsoft Azure PowerShell - Container I…
2.1.0                Az.ContainerRegistry                PSGallery            Microsoft Azure PowerShell - Container R…
1.1.0                Az.DataBoxEdge                      PSGallery            Microsoft Azure PowerShell - DataBoxEdge…
1.0.2                Az.Databricks                       PSGallery            Microsoft Azure PowerShell: Databricks c…
1.11.3               Az.DataFactory                      PSGallery            Microsoft Azure PowerShell - Data Factor…
1.0.2                Az.DataLakeAnalytics                PSGallery            Microsoft Azure PowerShell - Data Lake A…
1.3.0                Az.DataLakeStore                    PSGallery            Microsoft Azure PowerShell - Azure Data …
1.0.0                Az.DataShare                        PSGallery            Microsoft Azure PowerShell - DataShare s…
1.1.0                Az.DeploymentManager                PSGallery            PowerShell .Net Core Microsoft Azure Pow…
2.1.1                Az.DesktopVirtualization            PSGallery            Microsoft Azure PowerShell: DesktopVirtu…
1.0.2                Az.DevTestLabs                      PSGallery            Microsoft Azure PowerShell - DevTest Lab…
1.1.2                Az.Dns                              PSGallery            Microsoft Azure PowerShell - DNS service…
1.3.0                Az.EventGrid                        PSGallery            Microsoft Azure PowerShell - Event Grid …
1.7.1                Az.EventHub                         PSGallery            Microsoft Azure PowerShell - Event Hubs …
1.6.1                Az.FrontDoor                        PSGallery            Microsoft Azure PowerShell - Front Door …
2.0.0                Az.Functions                        PSGallery            Microsoft Azure PowerShell - Azure Funct…
4.1.1                Az.HDInsight                        PSGallery            Microsoft Azure PowerShell - HDInsight s…
1.2.0                Az.HealthcareApis                   PSGallery            Microsoft Azure PowerShell - HealthcareA…
2.7.1                Az.IotHub                           PSGallery            Microsoft Azure PowerShell - IoT Hub ser…
3.3.0                Az.KeyVault                         PSGallery            Microsoft Azure PowerShell - Key Vault s…
1.0.1                Az.Kusto                            PSGallery            Microsoft Azure PowerShell: Kusto cmdlets
1.4.0                Az.LogicApp                         PSGallery            Microsoft Azure PowerShell - Logic Apps …
1.1.3                Az.MachineLearning                  PSGallery            Microsoft Azure PowerShell - Machine Lea…
1.1.0                Az.Maintenance                      PSGallery            Microsoft Azure PowerShell - Maintenance…
2.0.0                Az.ManagedServices                  PSGallery            Microsoft Azure PowerShell - ManagedServ…
1.0.2                Az.MarketplaceOrdering              PSGallery            Microsoft Azure PowerShell - Marketplace…
1.1.1                Az.Media                            PSGallery            Microsoft Azure PowerShell - Media servi…
2.3.0                Az.Monitor                          PSGallery            Microsoft Azure PowerShell - Monitor ser…
4.4.0                Az.Network                          PSGallery            Microsoft Azure PowerShell - Networking …
1.1.1                Az.NotificationHubs                 PSGallery            Microsoft Azure PowerShell - Notificatio…
2.3.0                Az.OperationalInsights              PSGallery            Microsoft Azure PowerShell - Operational…
1.4.0                Az.PolicyInsights                   PSGallery            Microsoft Azure PowerShell - Azure Polic…
1.1.2                Az.PowerBIEmbedded                  PSGallery            Microsoft Azure PowerShell - Power BI Em…
1.0.3                Az.PrivateDns                       PSGallery            Microsoft Azure PowerShell - Private DNS…
3.2.0                Az.RecoveryServices                 PSGallery            Microsoft Azure PowerShell - Recovery Se…
1.4.0                Az.RedisCache                       PSGallery            Microsoft Azure PowerShell - Redis Cache…
1.0.3                Az.Relay                            PSGallery            Microsoft Azure PowerShell - Relay servi…
3.1.1                Az.Resources                        PSGallery            Microsoft Azure PowerShell - Azure Resou…
1.4.1                Az.ServiceBus                       PSGallery            Microsoft Azure PowerShell - Service Bus…
2.2.2                Az.ServiceFabric                    PSGallery            Microsoft Azure PowerShell - Service Fab…
1.2.0                Az.SignalR                          PSGallery            Microsoft Azure PowerShell - Azure Signa…
2.14.0               Az.Sql                              PSGallery            Microsoft Azure PowerShell - SQL service…
1.1.0                Az.SqlVirtualMachine                PSGallery            Microsoft Azure PowerShell - SqlVirtualM…
3.2.0                Az.Storage                          PSGallery            Microsoft Azure PowerShell - Storage ser…
1.4.0                Az.StorageSync                      PSGallery            Microsoft Azure PowerShell - Storage Syn…
1.0.1                Az.StreamAnalytics                  PSGallery            Microsoft Azure PowerShell - Stream Anal…
1.0.0                Az.Support                          PSGallery            Microsoft Azure PowerShell - Azure Suppo…
1.0.4                Az.TrafficManager                   PSGallery            Microsoft Azure PowerShell - Traffic Man…
2.1.1                Az.Websites                         PSGallery            Microsoft Azure PowerShell - App Service…

Debug output

DEBUG: Sought all Az modules and got latest version 5.3.0
DEBUG: 11:47:23 - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: 11:47:23 - Autosave setting from startup session: 'CurrentUser'
DEBUG: 11:47:23 - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 11:47:23 - Using Autosave scope 'CurrentUser'
DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: Request [2eb71e9e-8aae-49c6-b028-0afc64acc844] GET https://login.microsoftonline.com/common/discovery/instance?api-version=REDACTED&authorization_endpoint=REDACTED
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-OS:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
x-ms-client-request-id:2eb71e9e-8aae-49c6-b028-0afc64acc844
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.4.0-beta.1,(.NET 5.0.0; Microsoft Windows 10.0.19042)
client assembly: Azure.Identity
DEBUG: Response [2eb71e9e-8aae-49c6-b028-0afc64acc844] 200 OK (00.2s)
Cache-Control:max-age=86400, private
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
Access-Control-Allow-Origin:REDACTED
Access-Control-Allow-Methods:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:REDACTED
x-ms-ests-server:REDACTED
Set-Cookie:REDACTED
Date:Thu, 07 Jan 2021 10:47:23 GMT
Content-Type:application/json; charset=utf-8
Content-Length:957

DEBUG: Request [12deb7df-eee2-4620-aede-f9a005fda3b1] POST https://login.microsoftonline.com/organizations/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-OS:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-PKeyAuth:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
x-ms-client-request-id:12deb7df-eee2-4620-aede-f9a005fda3b1
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.4.0-beta.1,(.NET 5.0.0; Microsoft Windows 10.0.19042)
client assembly: Azure.Identity
DEBUG: Response [12deb7df-eee2-4620-aede-f9a005fda3b1] 200 OK (00.3s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:REDACTED
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
Set-Cookie:REDACTED
Date:Thu, 07 Jan 2021 10:47:28 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:6641

DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:47:27.0000000+00:00
DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:47:27.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/tenants?api-version=2019-06-01

Headers:
x-ms-client-request-id        : 960f0233-d45b-47ea-b59a-a71350324606
Accept-Language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : cc91bc73-4b35-41b7-b237-cdbe79de0027
x-ms-correlation-request-id   : cc91bc73-4b35-41b7-b237-cdbe79de0027
x-ms-routing-request-id       : WESTEUROPE:20210107T104729Z:cc91bc73-4b35-41b7-b237-cdbe79de0027
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 07 Jan 2021 10:47:28 GMT

Body:
{
  "value": [
    {
      "id": "/tenants/cf2a0551-4e21-41aa-84b4-2003d1e444f6",
      "tenantId": "cf2a0551-4e21-41aa-84b4-2003d1e444f6",
      "countryCode": "xx",
      "displayName": "Name",
      "domains": [
        "constoso.com"
      ],
      "tenantCategory": "Home"
    },
    {
      "id": "/tenants/92255eb7-c12b-47c0-9229-18b8ded02378",
      "tenantId": "92255eb7-c12b-47c0-9229-18b8ded02378",
      "countryCode": "NL",
      "displayName": "Secure Connection BV",
      "domains": [
        "secureconnnectionbv.onmicrosoft.com",
        "seccon.nl"
      ],
      "tenantCategory": "Home"
    }
  ]
}

DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:47:27.0000000+00:00
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:47:27.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions?api-version=2019-06-01

Headers:
x-ms-client-request-id        : ba2402fb-1115-4197-a9c2-d61ce68d3593
Accept-Language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : f55bf4fe-49d2-4f71-99ab-d0c64021be79
x-ms-correlation-request-id   : f55bf4fe-49d2-4f71-99ab-d0c64021be79
x-ms-routing-request-id       : WESTEUROPE:20210107T104729Z:f55bf4fe-49d2-4f71-99ab-d0c64021be79
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 07 Jan 2021 10:47:28 GMT

Body:
{
  "value": [],
  "count": {
    "type": "Total",
    "value": 0
  }
}

DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:03:27.0000000+00:00
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:03:27.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions?api-version=2019-06-01

Headers:
x-ms-client-request-id        : f8809ce1-2855-459a-bbcd-8ed8c1b1d0a7
Accept-Language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : 3122693c-a897-4905-b6dd-6f2cd07a6125
x-ms-correlation-request-id   : 3122693c-a897-4905-b6dd-6f2cd07a6125
x-ms-routing-request-id       : WESTEUROPE:20210107T104730Z:3122693c-a897-4905-b6dd-6f2cd07a6125
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 07 Jan 2021 10:47:29 GMT

Body:
{
  "value": [],
  "count": {
    "type": "Total",
    "value": 0
  }
}

DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:03:27.0000000+00:00
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2021-01-07T11:03:27.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions?api-version=2019-06-01

Headers:
x-ms-client-request-id        : d623d732-36a0-4d64-91c6-09e47b1cdff8
Accept-Language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : 7c8347ec-0b2e-4d81-8d86-2ff015e087f9
x-ms-correlation-request-id   : 7c8347ec-0b2e-4d81-8d86-2ff015e087f9
x-ms-routing-request-id       : WESTEUROPE:20210107T104730Z:7c8347ec-0b2e-4d81-8d86-2ff015e087f9
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 07 Jan 2021 10:47:30 GMT

Body:
{
  "value": [],
  "count": {
    "type": "Total",
    "value": 0
  }
}

DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: Request [b95ef668-1e0e-4519-8d82-fe6640309df1] POST https://login.microsoftonline.com/92255eb7-c12b-47c0-9229-18b8ded02378/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-OS:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-PKeyAuth:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
x-ms-client-request-id:b95ef668-1e0e-4519-8d82-fe6640309df1
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.4.0-beta.1,(.NET 5.0.0; Microsoft Windows 10.0.19042)
client assembly: Azure.Identity
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: Request [39958ff1-efce-4ebe-82b5-9e852f2fd80e] POST https://login.microsoftonline.com/92255eb7-c12b-47c0-9229-18b8ded02378/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-OS:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-PKeyAuth:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
x-ms-client-request-id:39958ff1-efce-4ebe-82b5-9e852f2fd80e
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.4.0-beta.1,(.NET 5.0.0; Microsoft Windows 10.0.19042)
client assembly: Azure.Identity
DEBUG: Error response [b95ef668-1e0e-4519-8d82-fe6640309df1] 400 Bad Request (00.3s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:REDACTED
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
Set-Cookie:REDACTED
Date:Thu, 07 Jan 2021 10:47:30 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:659

DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user user@contoso.com. Ensure that you have authenticated with a developer tool that supports Azure single sign on.
DEBUG: Error response [39958ff1-efce-4ebe-82b5-9e852f2fd80e] 400 Bad Request (00.4s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:REDACTED
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
Set-Cookie:REDACTED
Date:Thu, 07 Jan 2021 10:47:30 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:659

DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user user@contoso.com. Ensure that you have authenticated with a developer tool that supports Azure single sign on.
WARNING: Unable to acquire token for tenant '92255eb7-c12b-47c0-9229-18b8ded02378'
Connect-AzAccount: The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account.
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration - 00:00:07.9555634;; Exception - System.Management.Automation.PSInvalidOperationException: The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account.
   at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.get_DefaultContext()
   at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.TrySetDefaultContext(IAzureContext context)
   at Microsoft.Azure.Commands.Common.Authentication.ResourceManager.AzureRmAutosaveProfile.TrySetDefaultContext(IAzureContext context)
   at Microsoft.Azure.Commands.Common.Authentication.ResourceManager.AzureRmAutosaveProfile.TrySetDefaultContext(String name, IAzureContext context)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation)
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_2.<ExecuteCmdlet>b__4()
   at System.Threading.Tasks.Task`1.InnerInvoke()
   at System.Threading.Tasks.Task.<>c.<.cctor>b__277_0(Object obj)
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location ---
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_0.<ExecuteCmdlet>b__1(AzureRmProfile localProfile, RMProfileClient profileClient, String name)
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass118_0.<SetContextWithOverwritePrompt>b__0(AzureRmProfile prof, RMProfileClient client)
   at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action`3 setContextAction)
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
   at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 11:47:31 - ConnectAzureRmAccountCommand end processing.

Error output

Resolve-AzError: The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account.
dingmeng-xue commented 3 years ago

@skippernl , thanks for reporting. How did you trigger Connect-AzAccount? What parameter is used?

skippernl commented 3 years ago

No parameter used. Just connect-azaccount.

Using it with a global admin account on a Tennant goes well.

Using my msp account gives this error. Looking at the log I think logging in to the msp Tennant is fine but an additional domain is not. I do not recognize that domain.

Op ma 11 jan. 2021 12:10 schreef Dingmeng Xue notifications@github.com:

@skippernl https://github.com/skippernl , thanks for reporting. How did you trigger Connect-AzAccount? What parameter is used?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Azure/azure-powershell/issues/13893#issuecomment-757881197, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABIWZN5URJMZFYRUS4WDHLDSZLMCVANCNFSM4VY2GXLA .

erich-wang commented 3 years ago

@skippernl , based on the debug trace, it returns two tenants "cf2a0551-4e21-41aa-84b4-2003d1e444f6" and "92255eb7-c12b-47c0-9229-18b8ded02378" for your account. Could you please check if your account is in "92255eb7-c12b-47c0-9229-18b8ded02378" and has desired permission to subscription?

DEBUG: ============================ HTTP REQUEST ============================
https://management.azure.com/tenants?api-version=2019-06-01

Headers:
x-ms-client-request-id        : 960f0233-d45b-47ea-b59a-a71350324606
Accept-Language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : cc91bc73-4b35-41b7-b237-cdbe79de0027
x-ms-correlation-request-id   : cc91bc73-4b35-41b7-b237-cdbe79de0027
x-ms-routing-request-id       : WESTEUROPE:20210107T104729Z:cc91bc73-4b35-41b7-b237-cdbe79de0027
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 07 Jan 2021 10:47:28 GMT

Body:
{
  "value": [
    {
      "id": "/tenants/cf2a0551-4e21-41aa-84b4-2003d1e444f6",
      "tenantId": "cf2a0551-4e21-41aa-84b4-2003d1e444f6",
      "countryCode": "xx",
      "displayName": "Name",
      "domains": [
        "constoso.com"
      ],
      "tenantCategory": "Home"
    },
    {
      "id": "/tenants/92255eb7-c12b-47c0-9229-18b8ded02378",
      "tenantId": "92255eb7-c12b-47c0-9229-18b8ded02378",
      "countryCode": "NL",
      "displayName": "Secure Connection BV",
      "domains": [
        "secureconnnectionbv.onmicrosoft.com",
        "seccon.nl"
      ],
      "tenantCategory": "Home"
    }
  ]
}
skippernl commented 3 years ago

cf2a0551-4e21-41aa-84b4-2003d1e444f6 should be my company Tennant

Op vr 15 jan. 2021 10:04 schreef erich-wang notifications@github.com:

@skippernl https://github.com/skippernl , based on the debug trace, it returns two tenants "cf2a0551-4e21-41aa-84b4-2003d1e444f6" and "92255eb7-c12b-47c0-9229-18b8ded02378" for your account. Could you please check if your account is in "92255eb7-c12b-47c0-9229-18b8ded02378" and has desired permission to subscription?

DEBUG: ============================ HTTP REQUEST ============================https://management.azure.com/tenants?api-version=2019-06-01

Headers: x-ms-client-request-id : 960f0233-d45b-47ea-b59a-a71350324606 Accept-Language : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code: OK

Headers: Cache-Control : no-cache Pragma : no-cache x-ms-ratelimit-remaining-tenant-reads: 11999 x-ms-request-id : cc91bc73-4b35-41b7-b237-cdbe79de0027 x-ms-correlation-request-id : cc91bc73-4b35-41b7-b237-cdbe79de0027 x-ms-routing-request-id : WESTEUROPE:20210107T104729Z:cc91bc73-4b35-41b7-b237-cdbe79de0027 Strict-Transport-Security : max-age=31536000; includeSubDomains X-Content-Type-Options : nosniff Date : Thu, 07 Jan 2021 10:47:28 GMT

Body: { "value": [ { "id": "/tenants/cf2a0551-4e21-41aa-84b4-2003d1e444f6", "tenantId": "cf2a0551-4e21-41aa-84b4-2003d1e444f6", "countryCode": "xx", "displayName": "Name", "domains": [ "constoso.com" ], "tenantCategory": "Home" }, { "id": "/tenants/92255eb7-c12b-47c0-9229-18b8ded02378", "tenantId": "92255eb7-c12b-47c0-9229-18b8ded02378", "countryCode": "NL", "displayName": "Secure Connection BV", "domains": [ "secureconnnectionbv.onmicrosoft.com", "seccon.nl" ], "tenantCategory": "Home" } ] }

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Azure/azure-powershell/issues/13893#issuecomment-760766606, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABIWZN4EGTTPW6QRJX5KCNDS2AAJXANCNFSM4VY2GXLA .

erich-wang commented 3 years ago

There're two suggestions:

  1. Find out the admin/owner of tenant 92255eb7-c12b-47c0-9229-18b8ded02378(secureconnnectionbv.onmicrosoft.com), remove your account from the tenant.
  2. If option 1 is not feasible, please specify tenant using Connect-AzAccount -TenantId cf2a0551-4e21-41aa-84b4-2003d1e444f6
skippernl commented 3 years ago

For now I am using option 2 (-tennant domain.name) and that is working. Currently looking how I can contact the other organization.

skippernl commented 3 years ago

I have not heard from the other company. will be using the second option for now,

Is there a possiblity for MS to remove the link? If needed I can create a support ticket on our CSP portal

dingmeng-xue commented 3 years ago

@skippernl , my team has no information or process about it. You can raise the ticket and share tenant id to support.

I am closing this ticket and please contact us if you have further question.

arendkolk commented 3 years ago

Can somebody from Microsoft still help us with this issue of not being able to login via Powershell in Docker container

arendkolk commented 3 years ago

I have just deleted the 2 extra Tenants i had created for training purposes.

The issue is now solved for me and i can login again via Powershell from within a Docker container