Closed ntdconsulting closed 3 years ago
erich-wang
commented
3 years ago @ntdconsulting , thank you for reporting the issue.
Could you please share which version of Az.Accounts you are using and the debug stream(please remove sensitive info from the debug stream)?
$DebugPreference='Continue'
Connect-AzAccount
Get-Module
ntdconsulting
commented
3 years ago @ntdconsulting , thank you for reporting the issue.
Could you please share which version of Az.Accounts you are using and the debug stream(please remove sensitive info from the debug stream)?
$DebugPreference='Continue' Connect-AzAccount Get-Module
PS C:\WINDOWS\system32> Connect-AzAccount DEBUG: 10:03:14 PM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'. DEBUG: 10:03:14 PM - Autosave setting from startup session: 'CurrentUser' DEBUG: 10:03:14 PM - No autosave setting detected in environment variable 'AzContextAutoSave'. DEBUG: 10:03:14 PM - Using Autosave scope 'CurrentUser' Connect-AzAccount : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account. At line:1 char:1
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], PSInvalidOperat
ionException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccou
ntCommandDEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration
2 contextAction) at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwri tePrompt(Action3 setContextAction)
at
Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at
Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 10:03:15 PM - ConnectAzureRmAccountCommand end processing.
PS C:\WINDOWS\system32> Get-ModuleModuleType Version Name ExportedCommands
Script 2.2.4 Az.Accounts {Add-AzEnvironment, Cl... Script 3.2.0 Az.Resources {Add-AzADGroupMember, ... Script 5.1.2 Azure {Add-AzureAccount, Add... Script 5.8.2 AzureRM.profile Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Con... Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureStr... Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type,... Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disabl... Binary 1.0.0.1 PackageManagement {Find-Package, Find-Pa... Script 1.0.0.1 PowerShellGet {Find-Command, Find-Ds... Script 2.0.0 PSReadline {Get-PSReadLineKeyHand...
PS C:\WINDOWS\system32>
erich-wang
commented
3 years ago It seems that the content of %USERPROFILE%\.Azure\AzureRmContext.json is inconsistent, would you mind sending your AzureRmContext.json to me (eriwan@microsoft.com)?
One possible workaround is to first close all PowerShell sessions including Windows PowerShell, then delete the following three files under %USERPROFILE%\.Azure:
AzureRmContext.json
AzureRmContextSettings.json
TokenCache.datSome progress ... I'm not wondering if it is because I have multiple tenants. At least I'm getting a prompt for login now.
PS C:\WINDOWS\system32> $DebugPreference='Continue' PS C:\WINDOWS\system32> Connect-AzAccount DEBUG: Sought all Az modules and got latest version 0.0.0 DEBUG: 8:44:14 AM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'. DEBUG: 8:44:14 AM - Autosave setting from startup session: 'CurrentUser' DEBUG: 8:44:14 AM - No autosave setting detected in environment variable 'AzContextAutoSave'. DEBUG: 8:44:14 AM - Using Autosave scope 'CurrentUser' DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: Request [d7ac8c79-1ae8-421e-babb-e32781efdf8b] GET https://login.microsoftonline.com/common/discovery/instance?api-version=REDACTED&authorization_endpoint=REDACTED x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:d7ac8c79-1ae8-421e-babb-e32781efdf8b x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Response [d7ac8c79-1ae8-421e-babb-e32781efdf8b] 200 OK (00.2s) Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED Access-Control-Allow-Origin:REDACTED Access-Control-Allow-Methods:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED Cache-Control:max-age=86400, private Content-Type:application/json; charset=utf-8 P3P:REDACTED Set-Cookie:REDACTED Date:Thu, 28 Jan 2021 14:44:13 GMT Content-Length:957 DEBUG: Request [ad886863-f23a-41d3-bed1-d634776ef017] POST https://login.microsoftonline.com/organizations/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:ad886863-f23a-41d3-bed1-d634776ef017 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Response [ad886863-f23a-41d3-bed1-d634776ef017] 200 OK (00.2s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Thu, 28 Jan 2021 14:44:19 GMT Content-Length:4892 DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-01-28T15:44:20.0000000+00:00 DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-01-28T15:44:20.0000000+00:00 DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://management.azure.com/tenants?api-version=2019-06-01
Headers: x-ms-client-request-id : 63ea81f2-ceaa-486f-9190-97d2323ad352 accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Pragma : no-cache x-ms-ratelimit-remaining-tenant-reads: 11999 x-ms-request-id : 2d13ef85-f0c4-48c6-b773-4f3ccb43f55e x-ms-correlation-request-id : 2d13ef85-f0c4-48c6-b773-4f3ccb43f55e x-ms-routing-request-id : SOUTHCENTRALUS:20210128T144420Z:2d13ef85-f0c4-48c6-b773-4f3ccb43f55e Strict-Transport-Security : max-age=31536000; includeSubDomains X-Content-Type-Options : nosniff Cache-Control : no-cache Date : Thu, 28 Jan 2021 14:44:19 GMT
Body: { "value": [ { "id": "/tenants/52164ed4-03bf-480b-b436-5df551f9f911", "tenantId": "52164ed4-03bf-480b-b436-5df551f9f911", "countryCode": "US", "displayName": "CMM GROUP LLC", "domains": [ "CMMGROUPLLC.onmicrosoft.com", "ntdconsulting.com" ], "tenantCategory": "Home" }, { "id": "/tenants/08a437af-180f-4d15-a68b-410e52d95ee9", "tenantId": "08a437af-180f-4d15-a68b-410e52d95ee9", "countryCode": "US", "displayName": "Default Directory", "domains": [ "rsmfriscogmail.onmicrosoft.com" ], "tenantCategory": "Home" }, { "id": "/tenants/2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5", "tenantId": "2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5", "countryCode": "US", "displayName": "Fikes Wholesale", "domains": [ "dnseft.onmicrosoft.com" ], "tenantCategory": "Home" } ] }
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 52164ed4-03bf-480b-b436-5df551f9f911
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 52164ed4-03bf-480b-b436-5df551f9f911
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 08a437af-180f-4d15-a68b-410e52d95ee9
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 08a437af-180f-4d15-a68b-410e52d95ee9
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com tenantId: 2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5
were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com were found in the cache.
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
WARNING: Unable to acquire token for tenant '52164ed4-03bf-480b-b436-5df551f9f911'
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [
https://management.core.windows.net//.default ] ParentRequestId: Exception:
Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable.
Multiple accounts matching the specified username: ron@ntdconsulting.com were found in the cache.
WARNING: Unable to acquire token for tenant '08a437af-180f-4d15-a68b-410e52d95ee9'
WARNING: Unable to acquire token for tenant '2d78c871-0b4e-41cc-ba1f-ba878f3fd4c5'
WARNING: Unable to acquire token for tenant 'organizations'
WARNING: Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session.
DEBUG: Azure.Identity.CredentialUnavailableException: SharedTokenCacheCredential authentication unavailable. Multiple
accounts matching the specified username: ron@ntdconsulting.com were found in the cache.
at Azure.Identity.SharedTokenCacheCredential.1 promptAction, IAzureTokenCache tokenCache, String resourceId) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action1 promptAction)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account,
IAzureEnvironment environment, SecureString password, String promptBehavior, Action1 promptAction) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, Action1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>cDisplayClass111_2.
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], CredentialUnavailableException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommandDEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration - 00:00:07.5173432; Exception -
Azure.Identity.CredentialUnavailableException: SharedTokenCacheCredential authentication unavailable. Multiple accounts
matching the specified username: ron@ntdconsulting.com were found in the cache.
at Azure.Identity.SharedTokenCacheCredential.1 promptAction, IAzureTokenCache tokenCache, String resourceId) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action1 promptAction)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account,
IAzureEnvironment environment, SecureString password, String promptBehavior, Action1 promptAction) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain) at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, Action1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>cDisplayClass111_2.2 contextAction) at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action3
setContextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 8:44:22 AM - ConnectAzureRmAccountCommand end processing.
PS C:\WINDOWS\system32> Get-Module
ModuleType Version Name ExportedCommands
Script 2.2.4 Az.Accounts {Add-AzEnvironment, Clear-AzContext, Clear-AzDefault, Conn... Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Con... Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl... Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type, Clear-Variable, Compare-Object...} Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disable-WSManCredSSP, Disconnect-WSMan, En... Script 2.0.0 PSReadline {Get-PSReadLineKeyHandler, Get-PSReadLineOption, Remove-PS...
erich-wang
commented
3 years ago @ntdconsulting, it seems a bug in Azure.Identity library, I just created one bug https://github.com/Azure/azure-sdk-for-net/issues/18276 to track it. Meanwhile, could you please try if the following steps could mitigate your issue:
Connect-AzAccount -TenantId xxx
AzureRmContext.json
AzureRmContextSettings.json
TokenCache.datntdconsulting
commented
3 years ago The Clear-AzContext and Connect-AzAccount worked. However, I had tried this multiple times before. The only difference this time is that I was not logged into the portal. I was also able to switch TeneatId and execute Get-AzResourceGroup without any issue. So my observation is that being logged into the portal seems to be an issue when using powershell.
Akuma42
commented
3 years ago I probably have the same problem. I have the problem since yesterday. I have not made any deliberate changes in Azure, but have installed a Windows Update on my laptop. Previously I got a very similar error as OP. After I followed the tips from @erich-wang I get:
PS C:\Windows\system32> $DebugPreference='Continue' PS C:\Windows\system32> Connect-AzAccount DEBUG: 15:01:10 - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'. DEBUG: 15:01:10 - Autosave setting from startup session: 'CurrentUser' DEBUG: 15:01:10 - No autosave setting detected in environment variable 'AzContextAutoSave'. DEBUG: 15:01:10 - Using Autosave scope 'CurrentUser' DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: Request [8f0766fc-fdd7-43a6-9d38-119029413424] POST https://login.microsoftonline.com/organizations/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:8f0766fc-fdd7-43a6-9d38-119029413424 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Response [8f0766fc-fdd7-43a6-9d38-119029413424] 200 OK (00.5s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Content-Length:4903 Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Sun, 14 Feb 2021 14:01:14 GMT DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-02-14T15:01:13.0000000+00:00 DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2021-02-14T15:01:13.0000000+00:00 DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://management.azure.com/tenants?api-version=2019-06-01
Headers: x-ms-client-request-id : f25d3b6a-a7a3-44e2-88a7-7906e3bf9976 accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Pragma : no-cache x-ms-ratelimit-remaining-tenant-reads: 11999 x-ms-request-id : ab56317c-87be-42ab-b8e9-21962a0204be x-ms-correlation-request-id : ab56317c-87be-42ab-b8e9-21962a0204be x-ms-routing-request-id : GERMANYWESTCENTRAL:20210214T140115Z:ab56317c-87be-42ab-b8e9-21962a0204be Strict-Transport-Security : max-age=31536000; includeSubDomains X-Content-Type-Options : nosniff Cache-Control : no-cache Date : Sun, 14 Feb 2021 14:01:14 GMT
Body: { "value": [ { "id": "/tenants/2b682de9-a50c-4171-9c3e-70fbe13a28af", "tenantId": "2b682de9-a50c-4171-9c3e-70fbe13a28af", "countryCode": "DE", "displayName": "Az-AD-MarLor-Lab", "domains": [ "MarvinLorenz92outlook.onmicrosoft.com" ], "tenantCategory": "Home" } ] }
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: DEBUG: Request [4e7a7882-63c2-475b-afaf-ccb92b8b15f1] POST https://login.microsoftonline.com/2b682de9-a50c-4171-9c3e-70fbe13a28af/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:4e7a7882-63c2-475b-afaf-ccb92b8b15f1 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Request [cb5cb15c-5ec3-45e4-bbd1-60340a966009] POST https://login.microsoftonline.com/2b682de9-a50c-4171-9c3e-70fbe13a28af/oauth2/v2.0/token x-client-SKU:REDACTED x-client-Ver:REDACTED x-client-CPU:REDACTED x-client-OS:REDACTED x-client-current-telemetry:REDACTED x-client-last-telemetry:REDACTED x-ms-PKeyAuth:REDACTED x-ms-lib-capability:REDACTED client-request-id:REDACTED return-client-request-id:REDACTED x-app-name:REDACTED x-app-ver:REDACTED x-ms-client-request-id:cb5cb15c-5ec3-45e4-bbd1-60340a966009 x-ms-return-client-request-id:true User-Agent:azsdk-net-Identity/1.4.0-beta.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.18363 ) client assembly: Azure.Identity DEBUG: Error response [4e7a7882-63c2-475b-afaf-ccb92b8b15f1] 400 Bad Request (00.6s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Content-Length:644 Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Sun, 14 Feb 2021 14:01:15 GMT DEBUG: Error response [cb5cb15c-5ec3-45e4-bbd1-60340a966009] 400 Bad Request (00.6s) Pragma:no-cache Strict-Transport-Security:REDACTED X-Content-Type-Options:REDACTED client-request-id:REDACTED x-ms-request-id:REDACTED x-ms-ests-server:REDACTED x-ms-clitelem:REDACTED Content-Length:644 Cache-Control:no-store, no-cache Content-Type:application/json; charset=utf-8 Expires:-1 P3P:REDACTED Set-Cookie:REDACTED Date:Sun, 14 Feb 2021 14:01:15 GMT DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user Marvin.Lorenz92@outlook.de. Ensure that you have authenticated with a developer tool that supports Azure single sign on. DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user Marvin.Lorenz92@outlook.de. Ensure that you have authenticated with a developer tool that supports Azure single sign on. WARNUNG: Unable to acquire token for tenant '2b682de9-a50c-4171-9c3e-70fbe13a28af' WARNUNG: Unable to set default context 'Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureContext'. Connect-AzAccount : Run Connect-AzAccount to login. In Zeile:1 Zeichen:1
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], PSInvalidOperationException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommandDEBUG: AzureQoSEvent: CommandName - Connect-AzAccount; IsSuccess - False; Duration - 00:00:05.1295131; Exception - System.Management.Automation.PSInvalidOperationException: Run
Connect-AzAccount to login.
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.get_DefaultContext()
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListTenants(String tenant)
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListSubscriptions(String tenantIdOrDomain)
bei Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String
subscriptionName, SecureString password, Boolean skipValidation, Action1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation) bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_2.<ExecuteCmdlet>b__4() bei System.Threading.Tasks.Task1.InnerInvoke()
bei System.Threading.Tasks.Task.Execute()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_0.2 contextAction) bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action3 setContextAction)
bei Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
bei Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 15:01:16 - ConnectAzureRmAccountCommand end processing.
PS C:\Windows\system32> Get-Module
ModuleType Version Name ExportedCommands
Script 2.2.5 Az.Accounts {Add-AzEnvironment, Clear-AzContext, Clear-AzDefault, Connect-AzAccount...} Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Content...} Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl, Get-AuthenticodeSignature...} Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type, Clear-Variable, Compare-Object...} Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disable-WSManCredSSP, Disconnect-WSMan, Enable-WSManCredSSP...} Script 2.0.0 PSReadline {Get-PSReadLineKeyHandler, Get-PSReadLineOption, Remove-PSReadLineKeyHandler, Set-PSReadLineKeyHandler...}
Edit: I am not logged into the portal
yobyot
commented
3 years ago I'm using Az.Accounts 2.2.6 and having all kinds of issues if Enable-AzContextAutosave is enabled. If I disable that and run Clear-AzContext I am able to Connect-AzAccount. Even after deleting all the files in ~/.Azure, I receive the message:
Connect-AzAccount: SharedTokenCacheCredential authentication unavailable. Multiple accounts matching the specified username: [removed] were found in the cache.
And yes, I've deleted msal.cache repeatedly. It's all about Enable-AzContextAutosave. If enabled, I can't connect. If disabled, no problem.
I am so tired of basic stuff like authentication breaking in Az pwsh. Just searching for potential issues like this one takes time I don't have away from real work.
Can anyone tell me when the fix linked to this issue will be available in Az.Accounts?
darren-johnson
commented
3 years ago I've just spend the majority of my weekend trying to figure this one out before finding this issue as I was getting:
Connect-AzAccount WARNING: Unable to acquire token for tenant 'TENANT-ID' WARNING: Unable to acquire token for tenant 'organizations' WARNING: Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session. Connect-AzAccount: SharedTokenCacheCredential authentication unavailable. Multiple accounts matching the specified username: username@domain.co.uk were found in the cache.
I can confirm I had the same experience as @yobyot and running Disable-AzContextAutosave -Scope CurrentUser fixed my issue.
This has only recently started happening so a fix would be great!
yobyot
commented
3 years ago Crickets here but on Twitter, at least (https://twitter.com/yobyot/status/1372649532123713547?s=21) the bug is acknowledged and a fix is promised.
erich-wang
commented
3 years ago The official release of Azure.Identity including this fix will be released around May 7, then Azure PowerShell will release new version around May 25.
erich-wang
commented
3 years ago The PR 14977 contains the upgraded Azure.Identity, new version will be released on May 25.
nambonumestinvisibili
commented
2 years ago The same thing is happening with Az.Accounts 2.9.0. Identical experience as folks above me.
The error: Unable to acquire token for tenant 'organizations' with error 'InteractiveBrowserCredential authentication failed: Method not found: 'Void Microsoft.Identity.Client.Extensions.Msal.MsalCacheHelper.RegisterCache(Microsoft.Identity.Client.ITokenCache)'.' Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session.
The fix with Disable-AzContextAutosave -Scope CurrentUser still works though.
Connect-AzAccount : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account. At line:1 char:1
I have reviewed other tickets and have use Clear-AzContext and deleted context.json files in .azure directory but continue to have the same issue. When I use Get-AzContext -ListAvailable and then Select'AzContext I get the following:
Select-AzContext : The default context can no longer be found; please run 'Get-AzContext -ListAvailable' to see all available contexts, 'Select-AzContext' to select a new default context, or 'Connect-AzAccount' to login with a new account. At line:1 char:1
Would appreciate assistance in what steps to take to get this cleaned up.