Closed ntdconsulting closed 3 years ago
@ntdconsulting , thank you for reporting the issue.
Could you please share which version of Az.Accounts you are using and the debug stream(please remove sensitive info from the debug stream)?
$DebugPreference='Continue'
Connect-AzAccount
Get-Module
@ntdconsulting , thank you for reporting the issue.
Could you please share which version of Az.Accounts you are using and the debug stream(please remove sensitive info from the debug stream)?
$DebugPreference='Continue' Connect-AzAccount Get-Module
PS C:\WINDOWS\system32> Connect-AzAccount DEBUG: 10:03:14 PM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'. DEBUG: 10:03:14 PM - Autosave setting from startup session: 'CurrentUser' DEBUG: 10:03:14 PM - No autosave setting detected in environment variable 'AzContextAutoSave'. DEBUG: 10:03:14 PM - Using Autosave scope 'CurrentUser' Connect-AzAccount : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account. At line:1 char:1
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], PSInvalidOperat
ionException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccou
ntCommand
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration
2 contextAction) at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwri tePrompt(Action
3 setContextAction)
at
Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at
Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 10:03:15 PM - ConnectAzureRmAccountCommand end processing.
PS C:\WINDOWS\system32> Get-ModuleModuleType Version Name ExportedCommands
Script 2.2.4 Az.Accounts {Add-AzEnvironment, Cl... Script 3.2.0 Az.Resources {Add-AzADGroupMember, ... Script 5.1.2 Azure {Add-AzureAccount, Add... Script 5.8.2 AzureRM.profile Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Con... Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureStr... Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type,... Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disabl... Binary 1.0.0.1 PackageManagement {Find-Package, Find-Pa... Script 1.0.0.1 PowerShellGet {Find-Command, Find-Ds... Script 2.0.0 PSReadline {Get-PSReadLineKeyHand...
PS C:\WINDOWS\system32>
It seems that the content of %USERPROFILE%\.Azure\AzureRmContext.json
is inconsistent, would you mind sending your AzureRmContext.json to me (eriwan@microsoft.com)?
One possible workaround is to first close all PowerShell sessions including Windows PowerShell, then delete the following three files under %USERPROFILE%\.Azure
:
AzureRmContext.json
AzureRmContextSettings.json
TokenCache.dat
Some progress ... I'm not wondering if it is because I have multiple tenants. At least I'm getting a prompt for login now.
PS C:\WINDOWS\system32> $DebugPreference='Continue' PS C:\WINDOWS\system32> Connect-AzAccount DEBUG: Sought all Az modules and got latest version 0.0.0 DEBUG: 8:44:14 AM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'. DEBUG: 8:44:14 AM - Autosave setting from startup session: 'CurrentUser' DEBUG: 8:44:14 AM - No autosave setting detected in environment variable 'AzContextAutoSave'. DEBUG: 8:44:14 AM - Using Autosave scope 'CurrentUser' DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: Request [d7ac8c79-1ae8-421e-babb-e32781efdf8b] GET https://login.microsoftonline.com/common/discovery/instance?api-version=REDACTED&authorization_endpoint=REDACTED x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:d7ac8c79-1ae8-421e-babb-e32781efdf8b x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Response [d7ac8c79-1ae8-421e-babb-e32781efdf8b] 200 OK (00.2s) Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED Access-Control-Allow-Origin:REDACTED Access-Control-Allow-Methods:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED Cache-Control:max-age=86400, private Content-Type:application/json; charset=utf-8 P3P:REDACTED Set-Cookie:REDACTED Date:Thu, 28 Jan 2021 14:44:13 GMT Content-Length:957 DEBUG: Request [ad886863-f23a-41d3-bed1-d634776ef017] POST https://login.microsoftonline.com/organizations/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:ad886863-f23a-41d3-bed1-d634776ef017 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Response [ad886863-f23a-41d3-bed1-d634776ef017] 200 OK (00.2s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Thu, 28 Jan 2021 14:44:19 GMT Content-Length:4892 DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-01-28T15:44:20.0000000+00:00 DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-01-28T15:44:20.0000000+00:00 DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://management.azure.com/tenants?api-version=2019-06-01
Headers: x-ms-client-request-id : 63ea81f2-ceaa-486f-9190-97d2323ad352 accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Pragma : no-cache x-ms-ratelimit-remaining-tenant-reads: 11999 x-ms-request-id : 2d13ef85-f0c4-48c6-b773-4f3ccb43f55e x-ms-correlation-request-id : 2d13ef85-f0c4-48c6-b773-4f3ccb43f55e x-ms-routing-request-id : SOUTHCENTRALUS:20210128T144420Z:2d13ef85-f0c4-48c6-b773-4f3ccb43f55e Strict-Transport-Security : max-age=31536000; includeSubDomains X-Content-Type-Options : nosniff Cache-Control : no-cache Date : Thu, 28 Jan 2021 14:44:19 GMT
Body: { "value": [ { "id": "/tenants/52164ed4-03bf-480b-b436-5df551f9f911", "tenantId": "52164ed4-03bf-480b-b436-5df551f9f911", "countryCode": "US", "displayName": "CMM GROUP LLC", "domains": [ "CMMGROUPLLC.onmicrosoft.com", "ntdconsulting.com" ], "tenantCategory": "Home" }, { "id": "/tenants/08a437af-180f-4d15-a68b-410e52d95ee9", "tenantId": "08a437af-180f-4d15-a68b-410e52d95ee9", "countryCode": "US", "displayName": "Default Directory", "domains": [ "rsmfriscogmail.onmicrosoft.com" ], "tenantCategory": "Home" }, { "id": "/tenants/2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5", "tenantId": "2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5", "countryCode": "US", "displayName": "Fikes Wholesale", "domains": [ "dnseft.onmicrosoft.com" ], "tenantCategory": "Home" } ] }
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 52164ed4-03bf-480b-b436-5df551f9f911
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 52164ed4-03bf-480b-b436-5df551f9f911
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 08a437af-180f-4d15-a68b-410e52d95ee9
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 08a437af-180f-4d15-a68b-410e52d95ee9
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
WARNING: Unable to acquire token for tenant '52164ed4-03bf-480b-b436-5df551f9f911'
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com were found in the cache.
WARNING: Unable to acquire token for tenant '08a437af-180f-4d15-a68b-410e52d95ee9'
WARNING: Unable to acquire token for tenant '2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5'
WARNING: Unable to acquire token for tenant 'organizations'
WARNING: Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session.
DEBUG: Azure.Identity.CredentialUnavailableException: SharedTokenCacheCredential authentication unavailable. Multiple
accounts matching the specified username: ron@ntdconsulting.com were found in the cache.
at Azure.Identity.SharedTokenCacheCredential.1 promptAction, IAzureTokenCache tokenCache, String resourceId) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action
1 promptAction)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account,
IAzureEnvironment environment, SecureString password, String promptBehavior, Action1 promptAction) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, Action
1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>cDisplayClass111_2.
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], CredentialUnavailableException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration - 00:00:07.5173432; Exception -
Azure.Identity.CredentialUnavailableException: SharedTokenCacheCredential authentication unavailable. Multiple accounts
matching the specified username: ron@ntdconsulting.com were found in the cache.
at Azure.Identity.SharedTokenCacheCredential.1 promptAction, IAzureTokenCache tokenCache, String resourceId) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action
1 promptAction)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account,
IAzureEnvironment environment, SecureString password, String promptBehavior, Action1 promptAction) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, Action
1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>cDisplayClass111_2.2 contextAction) at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action
3
setContextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 8:44:22 AM - ConnectAzureRmAccountCommand end processing.
PS C:\WINDOWS\system32> Get-Module
ModuleType Version Name ExportedCommands
Script 2.2.4 Az.Accounts {Add-AzEnvironment, Clear-AzContext, Clear-AzDefault, Conn... Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Con... Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl... Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type, Clear-Variable, Compare-Object...} Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disable-WSManCredSSP, Disconnect-WSMan, En... Script 2.0.0 PSReadline {Get-PSReadLineKeyHandler, Get-PSReadLineOption, Remove-PS...
@ntdconsulting, it seems a bug in Azure.Identity library, I just created one bug https://github.com/Azure/azure-sdk-for-net/issues/18276 to track it. Meanwhile, could you please try if the following steps could mitigate your issue:
Connect-AzAccount -TenantId xxx
AzureRmContext.json
AzureRmContextSettings.json
TokenCache.datThe Clear-AzContext and Connect-AzAccount worked. However, I had tried this multiple times before. The only difference this time is that I was not logged into the portal. I was also able to switch TeneatId and execute Get-AzResourceGroup without any issue. So my observation is that being logged into the portal seems to be an issue when using powershell.
I probably have the same problem. I have the problem since yesterday. I have not made any deliberate changes in Azure, but have installed a Windows Update on my laptop. Previously I got a very similar error as OP. After I followed the tips from @erich-wang I get:
PS C:\Windows\system32> $DebugPreference='Continue' PS C:\Windows\system32> Connect-AzAccount DEBUG: 15:01:10 - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'. DEBUG: 15:01:10 - Autosave setting from startup session: 'CurrentUser' DEBUG: 15:01:10 - No autosave setting detected in environment variable 'AzContextAutoSave'. DEBUG: 15:01:10 - Using Autosave scope 'CurrentUser' DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: Request [8f0766fc-fdd7-43a6-9d38-119029413424] POST https://login.microsoftonline.com/organizations/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:8f0766fc-fdd7-43a6-9d38-119029413424 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Response [8f0766fc-fdd7-43a6-9d38-119029413424] 200 OK (00.5s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Content-Length:4903 Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Sun, 14 Feb 2021 14:01:14 GMT DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-02-14T15:01:13.0000000+00:00 DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-02-14T15:01:13.0000000+00:00 DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://management.azure.com/tenants?api-version=2019-06-01
Headers: x-ms-client-request-id : f25d3b6a-a7a3-44e2-88a7-7906e3bf9976 accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Pragma : no-cache x-ms-ratelimit-remaining-tenant-reads: 11999 x-ms-request-id : ab56317c-87be-42ab-b8e9-21962a0204be x-ms-correlation-request-id : ab56317c-87be-42ab-b8e9-21962a0204be x-ms-routing-request-id : GERMANYWESTCENTRAL:20210214T140115Z:ab56317c-87be-42ab-b8e9-21962a0204be Strict-Transport-Security : max-age=31536000; includeSubDomains X-Content-Type-Options : nosniff Cache-Control : no-cache Date : Sun, 14 Feb 2021 14:01:14 GMT
Body: { "value": [ { "id": "/tenants/2b682de9-a50c-4171-9c3e-70fbe13a28af", "tenantId": "2b682de9-a50c-4171-9c3e-70fbe13a28af", "countryCode": "DE", "displayName": "Az-AD-MarLor-Lab", "domains": [ "MarvinLorenz92outlook.onmicrosoft.com" ], "tenantCategory": "Home" } ] }
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: Request [4e7a7882-63c2-475b-afaf-ccb92b8b15f1] POST https://login.microsoftonline.com/2b682de9-a50c-4171-9c3e-70fbe13a28af/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:4e7a7882-63c2-475b-afaf-ccb92b8b15f1 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Request [cb5cb15c-5ec3-45e4-bbd1-60340a966009] POST https://login.microsoftonline.com/2b682de9-a50c-4171-9c3e-70fbe13a28af/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:cb5cb15c-5ec3-45e4-bbd1-60340a966009 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Error response [4e7a7882-63c2-475b-afaf-ccb92b8b15f1] 400 Bad Request (00.6s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Content-Length:644 Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Sun, 14 Feb 2021 14:01:15 GMT DEBUG: Error response [cb5cb15c-5ec3-45e4-bbd1-60340a966009] 400 Bad Request (00.6s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Content-Length:644 Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Sun, 14 Feb 2021 14:01:15 GMT DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user Marvin.Lorenz92@outlook.de. Ensure that you have authenticated with a developer tool that supports Azure single sign on. DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user Marvin.Lorenz92@outlook.de. Ensure that you have authenticated with a developer tool that supports Azure single sign on. WARNUNG: Unable to acquire token for tenant '2b682de9-a50c-4171-9c3e-70fbe13a28af' WARNUNG: Unable to set default context 'Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureContext'. Connect-AzAccount : Run Connect-AzAccount to login. In Zeile:1 Zeichen:1
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], PSInvalidOperationException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
DEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration - 00:00:05.1295131; Exception - System.Management.Automation.PSInvalidOperationException: Run
Connect-AzAccount to login.
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.get_DefaultContext()
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant)
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain)
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String
subscriptionName, SecureString password, Boolean skipValidation, Action1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation) bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_2.<ExecuteCmdlet>b__4() bei System.Threading.Tasks.Task
1.InnerInvoke()
bei System.Threading.Tasks.Task.Execute()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_0.2 contextAction) bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action
3 setContextAction)
bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
bei Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 15:01:16 - ConnectAzureRmAccountCommand end processing.
PS C:\Windows\system32> Get-Module
ModuleType Version Name ExportedCommands
Script 2.2.5 Az.Accounts {Add-AzEnvironment, Clear-AzContext, Clear-AzDefault, Connect-AzAccount...} Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Content...} Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl, Get-AuthenticodeSignature...} Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type, Clear-Variable, Compare-Object...} Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disable-WSManCredSSP, Disconnect-WSMan, Enable-WSManCredSSP...} Script 2.0.0 PSReadline {Get-PSReadLineKeyHandler, Get-PSReadLineOption, Remove-PSReadLineKeyHandler, Set-PSReadLineKeyHandler...}
Edit: I am not logged into the portal
I'm using Az.Accounts 2.2.6 and having all kinds of issues if Enable-AzContextAutosave
is enabled. If I disable that and run Clear-AzContext
I am able to Connect-AzAccount
. Even after deleting all the files in ~/.Azure, I receive the message:
Connect-AzAccount: SharedTokenCacheCredential authentication unavailable. Multiple accounts matching the specified username: [removed] were found in the cache.
And yes, I've deleted msal.cache repeatedly. It's all about Enable-AzContextAutosave
. If enabled, I can't connect. If disabled, no problem.
I am so tired of basic stuff like authentication breaking in Az pwsh. Just searching for potential issues like this one takes time I don't have away from real work.
Can anyone tell me when the fix linked to this issue will be available in Az.Accounts?
I've just spend the majority of my weekend trying to figure this one out before finding this issue as I was getting:
Connect-AzAccount WARNING: Unable to acquire token for tenant 'TENANT-ID' WARNING: Unable to acquire token for tenant 'organizations' WARNING: Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session. Connect-AzAccount: SharedTokenCacheCredential authentication unavailable. Multiple accounts matching the specified username: username@domain.co.uk were found in the cache.
I can confirm I had the same experience as @yobyot and running Disable-AzContextAutosave -Scope CurrentUser
fixed my issue.
This has only recently started happening so a fix would be great!
Crickets here but on Twitter, at least (https://twitter.com/yobyot/status/1372649532123713547?s=21) the bug is acknowledged and a fix is promised.
The official release of Azure.Identity including this fix will be released around May 7, then Azure PowerShell will release new version around May 25.
The PR 14977 contains the upgraded Azure.Identity, new version will be released on May 25.
The same thing is happening with Az.Accounts 2.9.0
. Identical experience as folks above me.
The error: Unable to acquire token for tenant 'organizations' with error 'InteractiveBrowserCredential authentication failed: Method not found: 'Void Microsoft.Identity.Client.Extensions.Msal.MsalCacheHelper.RegisterCache(Microsoft.Identity.Client.ITokenCache)'.' Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session.
The fix with Disable-AzContextAutosave -Scope CurrentUser
still works though.
Connect-AzAccount : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account. At line:1 char:1
I have reviewed other tickets and have use Clear-AzContext and deleted context.json files in .azure directory but continue to have the same issue. When I use Get-AzContext -ListAvailable and then Select'AzContext I get the following:
Select-AzContext : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account. At line:1 char:1
Would appreciate assistance in what steps to take to get this cleaned up.