Closed afengli closed 7 years ago
Following are commands that can verify the problem after non-interactive flow logon.
Get-AzureService Get-AzureVM Set-AzureSubscription -SubscriptionId xxx - CurrentStorageAccountName yyy
@markcowl , can we mark this Sprint Candidate?
@afengli It is actually in the current milestone
Fix released in release 4.2.1: https://www.powershellgallery.com/packages/AzureRM/4.2.1. Closing
Please use below line of codes in case still using 4.1.0, You can work around this be doing the following after log in $cdata =[Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.TokenCache.Serialize()
Cmdlet(s)
Add-AzureAccount
PowerShell Version
Instructions: to get PowerShell version, type
$PSVersionTable
and look for the value associated withPSVersion
5.1.14393.1198
Module Version
4.2.0
OS Version
Instructions: to get OS version, type
$PSversionTable
and look for value associated withBuildVersion
5.1.14393.1198Description
Add-AzureAccount does not setup token cache properly in non-interactive flow
An scenario not covered by https://github.com/Azure/azure-powershell/issues/4080
Debug Output
Instructions: to get Debug Output, set
$DebugPreference="Continue"
and then execute the cmdlet or script causing the issuePS C:\test> .\asm.ps1 Executing Remove-AzureAccount and Clear-AzureProfile (Classic)... DEBUG: 12:25:11 AM - GetAzureAccount begin processing with ParameterSet 'AllParameterSets'. DEBUG: 12:25:11 AM - using account id 'admin@fenglihotmailsubad.onmicrosoft.com'... DEBUG: 12:25:11 AM - RemoveAzureAccountCommand begin processing with ParameterSet 'AllParameterSets'. DEBUG: 12:25:11 AM - using account id 'admin@fenglihotmailsubad.onmicrosoft.com'... WARNING: The default subscription is being removed. Use Select-AzureSubscription -Default to select a new default
subscription.
DEBUG: 12:25:11 AM - RemoveAzureAccountCommand end processing.
DEBUG: 12:25:11 AM - RemoveAzureAccountCommand end processing.
DEBUG: 12:25:11 AM - GetAzureAccount end processing.
DEBUG: 12:25:11 AM - GetAzureAccount end processing.
DEBUG: 12:25:11 AM - ClearAzureProfileCommand begin processing with ParameterSet '__AllParameterSets'.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:11: - TokenCache: Deserialized 1 items to token cache.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:11: - TokenCache: Clearing Cache :- 1 items to be removed
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:11: - TokenCache: Successfully Cleared Cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:11: - TokenCache: Serializing token cache with 0 items.
DEBUG: 12:25:11 AM - ClearAzureProfileCommand end processing.
DEBUG: 12:25:11 AM - ClearAzureProfileCommand end processing.
DEBUG: 12:25:11 AM - AddAzureAccount begin processing with ParameterSet 'User'.
DEBUG: [Common.Authentication]: Authenticating using configuration values: Domain: 'Common', Endpoint: 'https://login.microsoftonline.com/',
ClientId: '1950a258-227b-4e31-a9cf-717495945fc2', ClientRedirect: 'urn:ietf:wg:oauth:2.0:oob', ResourceClientUri:
'https://management.core.windows.net/', ValidateAuthrity: 'True'
DEBUG: [Common.Authentication]: Acquiring token using context with Authority 'https://login.microsoftonline.com/Common/', CorrelationId:
'00000000-0000-0000-0000-000000000000', ValidateAuthority: 'True'
DEBUG: [Common.Authentication]: Acquiring token using AdalConfiguration with Domain: 'Common', AdEndpoint:
'https://login.microsoftonline.com/', ClientId: '1950a258-227b-4e31-a9cf-717495945fc2', ClientRedirectUri: urn:ietf:wg:oauth:2.0:oob
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:11: 39256786-a90e-462d-91dc-7b7c12c039bf - AcquireTokenHandlerBase: === Token Acquisition started:
Authority: https://login.microsoftonline.com/Common/
Resource: https://management.core.windows.net/
ClientId: 1950a258-227b-4e31-a9cf-717495945fc2
CacheType: Microsoft.Azure.Commands.Common.Authentication.ProtectedFileTokenCache (0 items)
Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 07/12/2017 00:25:11: 39256786-a90e-462d-91dc-7b7c12c039bf - TokenCache: Looking up cache for a token... DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 07/12/2017 00:25:11: 39256786-a90e-462d-91dc-7b7c12c039bf - TokenCache: No matching token was found in the cache DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 07/12/2017 00:25:11: 39256786-a90e-462d-91dc-7b7c12c039bf -d0: Sending user realm discovery request to
'https://login.microsoftonline.com/common/UserRealm/admin@fenglihotmailsubad.onmicrosoft.com?api-version=1.0'
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:11: 39256786-a90e-462d-91dc-7b7c12c039bf - d 4: User with hash
'aaf8AUYAYjnQ/ncvvmA82umJyACdMhWn3QAziJDXBgI=' detected as 'Managed'
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 07/12/2017 00:25:12: 39256786-a90e-462d-91dc-7b7c12c039bf - TokenCache: Storing token in the cache...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 07/12/2017 00:25:12: 39256786-a90e-462d-91dc-7b7c12c039bf - TokenCache: An item was stored in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/12/2017 00:25:12: 39256786-a90e-462d-91dc-7b7c12c039bf - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An
access token was retuned:
Access Token Hash: avu7ccvhoS2DeYJST4CU3nlxEtnZ6KQpEEsd1T7LsQ0=
Refresh Token Hash: CT1E2WqAjI+F/NEHwFeuCR7QfHPURJ4fcriIkT1rjf4=
Expiration Time: 07/12/2017 00:35:11 +00:00
User Hash: GgNaeXVT4zdXb7PZcZpIx9xxn+NDiENLhlXPhPgff9o=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 07/12/2017 00:25:12: - TokenCache: Serializing token cache with 1 items. DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://management.core.windows.net/subscriptions
Headers: x-ms-version : 2013-08-01
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: x-ms-servedbyregion : ussouth3 x-ms-request-id : cfad064ac5b9a0cd8bf8505507dbe9e7 Cache-Control : no-cache Date : Wed, 12 Jul 2017 00:25:12 GMT Server : 1.0.6198.509,(rd_rdfe_stable.170705-1940),Microsoft-HTTPAPI/2.0
Body: