search

Azure / azure-powershell

Microsoft Azure PowerShell
Other
4.22k stars 3.83k forks source link

Add-AzureAccount falsely succeeds when ADFS credentials are passed in via -Credential #4691

Closed vicp-iq closed 6 years ago

vicp-iq commented 7 years ago

Cmdlet(s)

Add-AzureAccount

PowerShell Version

5.1.14409.1012

Module Version

4.0.2

OS Version

10.0.14409.1012

Description

After upgrading from V2.1.0 -> 4.0.2, running Add-AzureAccount -Credential $cred fails to initialize my session, but claims to have succeeded

Debug Output

DEBUG: 11:59:03 AM - AddAzureAccount begin processing with ParameterSet 'User'.
DEBUG: 11:59:03 AM - using account id 'vicp@iqmetrix.com'...
DEBUG: [Common.Authentication]: Authenticating using configuration values: Domain: 'Common', Endpoint: 'https://login.microsoftonline.com/', ClientId: '1950a258-2
27b-4e31-a9cf-717495945fc2', ClientRedirect: 'urn:ietf:wg:oauth:2.0:oob', ResourceClientUri: 'https://management.core.windows.net/', ValidateAuthrity: 'True'
DEBUG: [Common.Authentication]: Acquiring token using context with Authority 'https://login.microsoftonline.com/Common/', CorrelationId: '00000000-0000-0000-0000-
000000000000', ValidateAuthority: 'True'
DEBUG: [Common.Authentication]: Acquiring token using AdalConfiguration with Domain: 'Common', AdEndpoint: 'https://login.microsoftonline.com/', ClientId: '1950a2
58-227b-4e31-a9cf-717495945fc2', ClientRedirectUri: urn:ietf:wg:oauth:2.0:oob
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:03: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - AcquireTokenHandlerBase: === Token Acquisition started:
    Authority: https://login.microsoftonline.com/Common/
    Resource: https://management.core.windows.net/
    ClientId: 1950a258-227b-4e31-a9cf-717495945fc2
    CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (1 items)
    Authentication Target: User

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:03: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - TokenCache: Looking up cache for a token...

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:03: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - TokenCache: No matching token was found in the cache

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:03: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - <CreateByDiscoveryAsync>d__0: Sending user realm discovery request to 'https://login.microsofto
nline.com/common/UserRealm/vicp@iqmetrix.com?api-version=1.0'

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:03: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - <PreTokenRequest>d__4: User with hash 'LqPKPsWV2FGw/JjHJL2+JWMAlpih+cO9sYMSPtjWG1g=' detected a
s 'Federated'

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:03: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - <PreTokenRequest>d__4: WS-Trust endpoint 'https://adfs.iqmetrix.com/adfs/services/trust/13/user
namemixed' fetched from MEX at 'https://adfs.iqmetrix.com/adfs/services/trust/mex'

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:04: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - <PreTokenRequest>d__4: Token of type 'urn:oasis:names:tc:SAML:1.0:assertion' acquired from WS-T
rust endpoint

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:04: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - TokenCache: Storing token in the cache...

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:04: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - TokenCache: An item was stored in the cache

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:04: 61cdbf09-1f33-4b52-a6d8-af55c86396ec - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retun
ed:
    Access Token Hash: unr5lOzbxvKXpESuH48Cw3HpIARg2F+ge4QOriseGSo=
    Refresh Token Hash: RahbjcXWSNhRz/cnr0XlSrEc9EPedPF1KPH/Gri/bpQ=
    Expiration Time: 09/29/2017 17:59:03 +00:00
    User Hash: FGlfTafuzEDkQdbrE6BzbDB8/+x00W0lyKQgRClPnZ8=

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:04:  - TokenCache: Serializing token cache with 1 items.

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.core.windows.net/subscriptions

Headers:
x-ms-version                  : 2013-08-01

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
x-ms-servedbyregion           : ussouth3
x-ms-request-id               : e9dc3c26e0260eacb2bf41a4c1f7892d
Cache-Control                 : no-cache
Date                          : Fri, 29 Sep 2017 16:59:05 GMT
Server                        : 1.0.6198.539,(rd_rdfe_stable.170920-1642),Microsoft-HTTPAPI/2.0

Body:
<Subscriptions xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
  <Subscription>
    <SubscriptionID>20b52a03-bf2b-49e5-8e59-2cded9e72c3b</SubscriptionID>
    <SubscriptionName>Performance</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>40</MaxHostedServices>
    <CurrentCoreCount>12</CurrentCoreCount>
    <CurrentHostedServices>20</CurrentHostedServices>
    <CurrentStorageAccounts>11</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>2</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2014-01-03T15:13:36Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>527318ff-bb01-4d83-a64b-5f7426b292aa</SubscriptionID>
    <SubscriptionName>eCommerce</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>0</CurrentHostedServices>
    <CurrentStorageAccounts>0</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2015-06-03T14:34:03Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>5b5548e6-bc85-4308-99b2-4eb61a985c03</SubscriptionID>
    <SubscriptionName>Sandbox</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>40</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>3</CurrentHostedServices>
    <CurrentStorageAccounts>15</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>1</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <CurrentLocalNetworkSites>2</CurrentLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-28T22:12:36Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>88f496cf-72ba-43d8-ace3-4dbad3e16fa1</SubscriptionID>
    <SubscriptionName>General Development</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>8</CurrentHostedServices>
    <CurrentStorageAccounts>2</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>1</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <CurrentDnsServers>1</CurrentDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-08-23T15:28:06Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>a895930f-0bee-4fcf-9048-e91e9543e5d6</SubscriptionID>
    <SubscriptionName>Development</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>43</CurrentCoreCount>
    <CurrentHostedServices>18</CurrentHostedServices>
    <CurrentStorageAccounts>35</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-28T21:53:41Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>c4273606-ec39-4d4d-a9e2-be2ac0cbd78e</SubscriptionID>
    <SubscriptionName>General Production</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>3</CurrentHostedServices>
    <CurrentStorageAccounts>4</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>2</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <CurrentLocalNetworkSites>4</CurrentLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <CurrentDnsServers>7</CurrentDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-09-06T16:22:41Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>f6b060ee-989a-4176-8bd6-0a47758b7e60</SubscriptionID>
    <SubscriptionName>Integration</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>30</MaxHostedServices>
    <CurrentCoreCount>59</CurrentCoreCount>
    <CurrentHostedServices>23</CurrentHostedServices>
    <CurrentStorageAccounts>45</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-21T19:32:38Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>f8b0cad5-79c1-41fc-a52e-76e08315956a</SubscriptionID>
    <SubscriptionName>Production</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>30</MaxHostedServices>
    <CurrentCoreCount>165</CurrentCoreCount>
    <CurrentHostedServices>22</CurrentHostedServices>
    <CurrentStorageAccounts>23</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>6</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <CurrentLocalNetworkSites>14</CurrentLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <CurrentDnsServers>6</CurrentDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-28T22:15:48Z</CreatedTime>
  </Subscription>
</Subscriptions>

DEBUG: [Common.Authentication]: Authenticating using configuration values: Domain: 'b4e19cf5-ed91-44d3-81ce-70c848fa6841', Endpoint: 'https://login.microsoftonlin
e.com/', ClientId: '1950a258-227b-4e31-a9cf-717495945fc2', ClientRedirect: 'urn:ietf:wg:oauth:2.0:oob', ResourceClientUri: 'https://management.core.windows.net/',
 ValidateAuthrity: 'True'
DEBUG: [Common.Authentication]: Acquiring token using context with Authority 'https://login.microsoftonline.com/b4e19cf5-ed91-44d3-81ce-70c848fa6841/', Correlatio
nId: '00000000-0000-0000-0000-000000000000', ValidateAuthority: 'True'
DEBUG: [Common.Authentication]: Acquiring token using AdalConfiguration with Domain: 'b4e19cf5-ed91-44d3-81ce-70c848fa6841', AdEndpoint: 'https://login.microsofto
nline.com/', ClientId: '1950a258-227b-4e31-a9cf-717495945fc2', ClientRedirectUri: urn:ietf:wg:oauth:2.0:oob
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:05: 46edd896-969e-4436-9675-85aa0926b5c2 - AcquireTokenHandlerBase: === Token Acquisition started:
    Authority: https://login.microsoftonline.com/b4e19cf5-ed91-44d3-81ce-70c848fa6841/
    Resource: https://management.core.windows.net/
    ClientId: 1950a258-227b-4e31-a9cf-717495945fc2
    CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (1 items)
    Authentication Target: User

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:05: 46edd896-969e-4436-9675-85aa0926b5c2 - TokenCache: Looking up cache for a token...

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:05: 46edd896-969e-4436-9675-85aa0926b5c2 - TokenCache: An item matching the requested resource was found in the cache

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:05: 46edd896-969e-4436-9675-85aa0926b5c2 - TokenCache: 59.9677079016667 minutes left until token in cache expires

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:05: 46edd896-969e-4436-9675-85aa0926b5c2 - TokenCache: A matching item (access token or refresh token or both) was found in the cache

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:05: 46edd896-969e-4436-9675-85aa0926b5c2 - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retun
ed:
    Access Token Hash: unr5lOzbxvKXpESuH48Cw3HpIARg2F+ge4QOriseGSo=
    Refresh Token Hash: RahbjcXWSNhRz/cnr0XlSrEc9EPedPF1KPH/Gri/bpQ=
    Expiration Time: 09/29/2017 17:59:03 +00:00
    User Hash: FGlfTafuzEDkQdbrE6BzbDB8/+x00W0lyKQgRClPnZ8=

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:05:  - TokenCache: Serializing token cache with 1 items.

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.core.windows.net/subscriptions

Headers:
x-ms-version                  : 2013-08-01

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
x-ms-servedbyregion           : ussouth3
x-ms-request-id               : 54ea747a089f0891abfe3f641fdf881f
Cache-Control                 : no-cache
Date                          : Fri, 29 Sep 2017 16:59:06 GMT
Server                        : 1.0.6198.539,(rd_rdfe_stable.170920-1642),Microsoft-HTTPAPI/2.0

Body:
<Subscriptions xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
  <Subscription>
    <SubscriptionID>20b52a03-bf2b-49e5-8e59-2cded9e72c3b</SubscriptionID>
    <SubscriptionName>Performance</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>40</MaxHostedServices>
    <CurrentCoreCount>12</CurrentCoreCount>
    <CurrentHostedServices>20</CurrentHostedServices>
    <CurrentStorageAccounts>11</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>2</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2014-01-03T15:13:36Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>527318ff-bb01-4d83-a64b-5f7426b292aa</SubscriptionID>
    <SubscriptionName>eCommerce</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>0</CurrentHostedServices>
    <CurrentStorageAccounts>0</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2015-06-03T14:34:03Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>5b5548e6-bc85-4308-99b2-4eb61a985c03</SubscriptionID>
    <SubscriptionName>Sandbox</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>40</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>3</CurrentHostedServices>
    <CurrentStorageAccounts>15</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>1</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <CurrentLocalNetworkSites>2</CurrentLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-28T22:12:36Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>88f496cf-72ba-43d8-ace3-4dbad3e16fa1</SubscriptionID>
    <SubscriptionName>General Development</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>8</CurrentHostedServices>
    <CurrentStorageAccounts>2</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>1</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <CurrentDnsServers>1</CurrentDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-08-23T15:28:06Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>a895930f-0bee-4fcf-9048-e91e9543e5d6</SubscriptionID>
    <SubscriptionName>Development</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>43</CurrentCoreCount>
    <CurrentHostedServices>18</CurrentHostedServices>
    <CurrentStorageAccounts>35</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-28T21:53:41Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>c4273606-ec39-4d4d-a9e2-be2ac0cbd78e</SubscriptionID>
    <SubscriptionName>General Production</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>20</MaxHostedServices>
    <CurrentCoreCount>0</CurrentCoreCount>
    <CurrentHostedServices>3</CurrentHostedServices>
    <CurrentStorageAccounts>4</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>2</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <CurrentLocalNetworkSites>4</CurrentLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <CurrentDnsServers>7</CurrentDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <MaxExtraVIPCount>-1</MaxExtraVIPCount>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-09-06T16:22:41Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>f6b060ee-989a-4176-8bd6-0a47758b7e60</SubscriptionID>
    <SubscriptionName>Integration</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>30</MaxHostedServices>
    <CurrentCoreCount>59</CurrentCoreCount>
    <CurrentHostedServices>23</CurrentHostedServices>
    <CurrentStorageAccounts>45</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-21T19:32:38Z</CreatedTime>
  </Subscription>
  <Subscription>
    <SubscriptionID>f8b0cad5-79c1-41fc-a52e-76e08315956a</SubscriptionID>
    <SubscriptionName>Production</SubscriptionName>
    <SubscriptionStatus>Active</SubscriptionStatus>
    <AccountAdminLiveEmailId>azure@iqmetrix.com</AccountAdminLiveEmailId>
    <ServiceAdminLiveEmailId>azure@iqmetrix.com</ServiceAdminLiveEmailId>
    <MaxCoreCount>350</MaxCoreCount>
    <MaxStorageAccounts>100</MaxStorageAccounts>
    <MaxHostedServices>30</MaxHostedServices>
    <CurrentCoreCount>165</CurrentCoreCount>
    <CurrentHostedServices>22</CurrentHostedServices>
    <CurrentStorageAccounts>23</CurrentStorageAccounts>
    <MaxVirtualNetworkSites>50</MaxVirtualNetworkSites>
    <CurrentVirtualNetworkSites>6</CurrentVirtualNetworkSites>
    <MaxLocalNetworkSites>20</MaxLocalNetworkSites>
    <CurrentLocalNetworkSites>14</CurrentLocalNetworkSites>
    <MaxDnsServers>20</MaxDnsServers>
    <CurrentDnsServers>6</CurrentDnsServers>
    <OfferCategories>Azure_Platform_All;Azure_Paid;Azure_Consumption;Azure_EA;Azure_MS-AZR-0017P;Individual</OfferCategories>
    <AADTenantID>b4e19cf5-ed91-44d3-81ce-70c848fa6841</AADTenantID>
    <CreatedTime>2013-01-28T22:15:48Z</CreatedTime>
  </Subscription>
</Subscriptions>

DEBUG: 11:59:06 AM - AddAzureAccount end processing.
DEBUG: 11:59:06 AM - AddAzureAccount end processing.
DEBUG: 11:59:06 AM - GetAzureLocationCommand begin processing with ParameterSet '__AllParameterSets'.
DEBUG: 11:59:06 AM - using account id 'vicp@iqmetrix.com'...
DEBUG: [Common.Authentication]: Authenticating using Account: 'vicp@iqmetrix.com', environment: 'AzureCloud', tenant: 'b4e19cf5-ed91-44d3-81ce-70c848fa6841'
DEBUG: [Common.Authentication]: Authenticating using configuration values: Domain: 'b4e19cf5-ed91-44d3-81ce-70c848fa6841', Endpoint: 'https://login.microsoftonlin
e.com/', ClientId: '1950a258-227b-4e31-a9cf-717495945fc2', ClientRedirect: 'urn:ietf:wg:oauth:2.0:oob', ResourceClientUri: 'https://management.core.windows.net/',
 ValidateAuthrity: 'True'
DEBUG: [Common.Authentication]: Acquiring token using context with Authority 'https://login.microsoftonline.com/b4e19cf5-ed91-44d3-81ce-70c848fa6841/', Correlatio
nId: '00000000-0000-0000-0000-000000000000', ValidateAuthority: 'True'
DEBUG: [Common.Authentication]: Acquiring token using AdalConfiguration with Domain: 'b4e19cf5-ed91-44d3-81ce-70c848fa6841', AdEndpoint: 'https://login.microsofto
nline.com/', ClientId: '1950a258-227b-4e31-a9cf-717495945fc2', ClientRedirectUri: urn:ietf:wg:oauth:2.0:oob
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:06: 63153ab5-4b21-4e8e-bd9c-9d353935593e - AcquireTokenHandlerBase: === Token Acquisition started:
    Authority: https://login.microsoftonline.com/b4e19cf5-ed91-44d3-81ce-70c848fa6841/
    Resource: https://management.core.windows.net/
    ClientId: 1950a258-227b-4e31-a9cf-717495945fc2
    CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (0 items)
    Authentication Target: User

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:06: 63153ab5-4b21-4e8e-bd9c-9d353935593e - TokenCache: Looking up cache for a token...

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 09/29/2017 16:59:06: 63153ab5-4b21-4e8e-bd9c-9d353935593e - TokenCache: No matching token was found in the cache

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:06:  - WindowsFormsWebAuthenticationDialogBase: Navigating to 'https://login.microsoftonline.com/b4e19cf5-ed91-44d3-81ce-70c848fa6841/oaut
h2/authorize?resource=https://management.core.windows.net/&client_id=1950a258-227b-4e31-a9cf-717495945fc2&response_type=code&haschrome=1&redirect_uri=urn:ietf:wg:
oauth:2.0:oob&login_hint=vicp@iqmetrix.com&client-request-id=63153ab5-4b21-4e8e-bd9c-9d353935593e&prompt=attempt_none&x-client-SKU=.NET&x-client-Ver=2.28.3.860&x-
client-CPU=x64&x-client-OS=Microsoft Windows NT 6.3.9600.0&site_id=501358&display=popup'.

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:06:  - WindowsFormsWebAuthenticationDialogBase: Navigating to 'https://adfs.iqmetrix.com/adfs/ls/?login_hint=vicp@iqmetrix.com&client-requ
est-id=63153ab5-4b21-4e8e-bd9c-9d353935593e&username=vicp@iqmetrix.com&wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=estsredirect=2&estsrequest=rQIIAe
PiMtIzstAz1rMwMxBiNNRiNtQztFIxtDQ1SDQytdA1MjJP0jVJNTbUTbRMTtM1NzQ3sTS1NDFNSzbyYjM1MDQ2tSgS4hLYaiWarOjd57d3zlxTS9NIu0mMrAX5BaUFqxglS4vyrDJTS9KsytOt8hNLSzKsjPQMrPLz
k3YwMl5gZHzByDiJSbAsM7nAIbMwN7WkKLNCLzk_9xYTv78jULERiMgvyqxKfcXEk1hSkppbUBKfl5-XuopZJaOkpKDYSl8_NzEvMT01NzWvBKizKFWvPDMvJb-8WC8vtUR_E7NKkkmqIdDtprqpKZaGuiYmKca6Fo
bJqbrmBskWJhZpiWYWJoY3mBkvsDC-YpHgYBKQkWBWuMOmwWLAbMXJwSbALNHgrcDwg4VxESvQo5OPVJ-yjg12nf5eubvRj43hFKu-a76rpb9lTlZRkX5hWoRRabm3v6e_WaVPlmmQiVuJcaWzT4hFVU5wcbaLp62Z
leEENsZTbCx6fq4huzhxBw4A0'.

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : 
DEBUG: 09/29/2017 16:59:06:  - WindowsFormsWebAuthenticationDialogBase: Navigated to 'https://adfs.iqmetrix.com/adfs/ls/?login_hint=vicp@iqmetrix.com&client-reque
st-id=63153ab5-4b21-4e8e-bd9c-9d353935593e&username=vicp@iqmetrix.com&wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=estsredirect=2&estsrequest=rQIIAeP
iMtIzstAz1rMwMxBiNNRiNtQztFIxtDQ1SDQytdA1MjJP0jVJNTbUTbRMTtM1NzQ3sTS1NDFNSzbyYjM1MDQ2tSgS4hLYaiWarOjd57d3zlxTS9NIu0mMrAX5BaUFqxglS4vyrDJTS9KsytOt8hNLSzKsjPQMrPLzk
3YwMl5gZHzByDiJSbAsM7nAIbMwN7WkKLNCLzk_9xYTv78jULERiMgvyqxKfcXEk1hSkppbUBKfl5-XuopZJaOkpKDYSl8_NzEvMT01NzWvBKizKFWvPDMvJb-8WC8vtUR_E7NKkkmqIdDtprqpKZaGuiYmKca6Fob
JqbrmBskWJhZpiWYWJoY3mBkvsDC-YpHgYBKQkWBWuMOmwWLAbMXJwSbALNHgrcDwg4VxESvQo5OPVJ-yjg12nf5eubvRj43hFKu-a76rpb9lTlZRkX5hWoRRabm3v6e_WaVPlmmQiVuJcaWzT4hFVU5wcbaLp62Zl
eEENsZTbCx6fq4huzhxBw4A0'.

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Error: 4 : 
DEBUG: 09/29/2017 16:59:06: 63153ab5-4b21-4e8e-bd9c-9d353935593e - <RunAsync>d__0: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException: user_interaction
_required: One of two conditions was encountered: 1. The PromptBehavior.Never flag was passed, but the constraint could not be honored, because user interaction w
as required. 2. An error occurred during a silent web authentication that prevented the http authentication flow from completing in a short enough time frame
   at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.SilentWebUI.OnAuthenticate()
   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenInteractiveHandler.<AcquireAuthorization>b__0()
   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenInteractiveHandler.AcquireAuthorization()
   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenInteractiveHandler.PreTokenRequest()
   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.<RunAsync>d__0.MoveNext()
    ErrorCode: user_interaction_required

DEBUG: [Common.Authentication]: Received exception User Interaction is required to authenticate this user. Please authenticate using the log in dialog. In PowerSh
ell, execute Login-AzureRMAccount for Azure Resource Manager cmdlets or Add-AzureAccount for service management cmdlets., while authenticating.
Id                Type Subscriptions                                                                                                                             
--                ---- -------------                                                                                                                             
vicp@iqmetrix.com User 20b52a03-bf2b-49e5-8e59-2cded9e72c3b...                                                                                                   
Get-AzureLocation : Your Azure credentials have not been set up or have expired, please run Add-AzureAccount to set up your Azure credentials.
At C:\Users\vic.peters\Desktop\Scratch.ps1:5 char:1
+ Get-AzureLocation
+ ~~~~~~~~~~~~~~~~~
    + CategoryInfo          : CloseError: (:) [Get-AzureLocation], ArgumentException
    + FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.HostedServices.GetAzureLocationCommand

DEBUG: 11:59:07 AM - GetAzureLocationCommand end processing.
DEBUG: 11:59:07 AM - GetAzureLocationCommand end processing.

Script/Steps for Reproduction

$cred = get-credential #Manually enter ADFS credentials
Add-AzureAccount -Credential $cred
Get-AzureService

I see that the debug output suggests that I use the log-in dialog, but that is not an option because the context that I need to run this in is a DSC process and in that scenario I'm manually building the PSCredential object by passing around a SecureString(which was encrypted during storage and transfer).

vicp-iq commented 6 years ago

I have good news and bad news! The good news is that this turned out to be the same as https://github.com/Azure/azure-powershell/issues/4299 and was fixed by upgrading the AzureRM version.

The bad news is that I only just found out, after investing... way too many hours dealing with so many variants of this problem.