AzureRM Get-AzureRmADServicePrincipal doesn't return error if firewall is blocking graph.windows.net in AzureRM 5.01 and beyond

[paylocity-sflanders]

Description

I noticed that on some of our servers Get-AzureRmADServicePrincipal would not always return service principal info even though the user was able to login using Add-AzureRmAccount. After doing some investigating and building a quick protoype it appears we were getting "The underlying connection was closed: An unexpected error occurred on a send." but the powershell module doesn't report that as error it just doesn't return a response.

Script/Steps for Reproduction

Simply installed AzureRM version 5.0.1 or beyond run Add-AzureRmAccount for service principal run Get-AzureRmADServicePrincipal for service principal if the firewall is blocking "graph.windows.net" you won't get an error even if ErrorAction Stop is added, it just doesn't return data which is not proper behavior.

Module Version

I tested with AzureRM 5.0.1 and 5.2.0

PS C:\Users\SFlanders\scripts> Get-Module -ListAvailable azure*

    Directory: C:\Users\SFlanders\Documents\WindowsPowerShell\Modules

ModuleType Version    Name                                ExportedCommands                                                                                      
---------- -------    ----                                ----------------                                                                                      
Script     0.5.0      Azure.AnalysisServices              {Add-AzureAnalysisServicesAccount, Restart-AzureAnalysisServicesInstance, Export-AzureAnalysisServi...
Script     4.1.0      Azure.Storage                       {Get-AzureStorageTable, New-AzureStorageTableSASToken, New-AzureStorageTableStoredAccessPolicy, New...
Script     4.0.0      Azure.Storage                       {Get-AzureStorageTable, New-AzureStorageTableSASToken, New-AzureStorageTableStoredAccessPolicy, New...
Script     5.2.0      AzureRM                                                                                                                                   
Script     5.0.1      AzureRM                             {Remove-AzureRmTrafficManagerEndpoint, Remove-AzureRmRecoveryServicesVault, Set-AzureRmVmssRollingU...
Script     0.6.2      AzureRM.AnalysisServices            {Resume-AzureRmAnalysisServicesServer, Suspend-AzureRmAnalysisServicesServer, Get-AzureRmAnalysisSe...
Script     0.5.0      AzureRM.AnalysisServices            {Resume-AzureRmAnalysisServicesServer, Suspend-AzureRmAnalysisServicesServer, Get-AzureRmAnalysisSe...
Script     5.1.0      AzureRM.ApiManagement               {Add-AzureRmApiManagementRegion, Get-AzureRmApiManagementSsoToken, New-AzureRmApiManagementHostname...
Script     5.0.1      AzureRM.ApiManagement               {Add-AzureRmApiManagementRegion, Get-AzureRmApiManagementSsoToken, New-AzureRmApiManagementHostname...
Script     0.1.1      AzureRM.ApplicationInsights         {Get-AzureRmApplicationInsights, New-AzureRmApplicationInsights, Remove-AzureRmApplicationInsights,...
Script     0.1.0      AzureRM.ApplicationInsights         {Get-AzureRmApplicationInsights, New-AzureRmApplicationInsights, Remove-AzureRmApplicationInsights,...
Script     4.2.0      AzureRM.Automation                  {Get-AzureRMAutomationHybridWorkerGroup, Get-AzureRmAutomationJobOutputRecord, Import-AzureRmAutoma...
Script     4.0.0      AzureRM.Automation                  {Get-AzureRMAutomationHybridWorkerGroup, Get-AzureRmAutomationJobOutputRecord, Import-AzureRmAutoma...
Script     4.0.2      AzureRM.Backup                      {Backup-AzureRmBackupItem, Enable-AzureRmBackupContainerReregistration, Get-AzureRmBackupContainer,...
Script     4.0.1      AzureRM.Backup                      {Backup-AzureRmBackupItem, Enable-AzureRmBackupContainerReregistration, Get-AzureRmBackupContainer,...
Script     4.0.4      AzureRM.Batch                       {Remove-AzureRmBatchAccount, Get-AzureRmBatchAccount, Get-AzureRmBatchAccountKeys, New-AzureRmBatch...
Script     4.0.1      AzureRM.Batch                       {Remove-AzureRmBatchAccount, Get-AzureRmBatchAccount, Get-AzureRmBatchAccountKeys, New-AzureRmBatch...
Script     0.14.0     AzureRM.Billing                     {Get-AzureRmBillingInvoice, Get-AzureRmBillingPeriod}                                                 
Script     4.1.0      AzureRM.Cdn                         {Get-AzureRmCdnProfile, Get-AzureRmCdnProfileSsoUrl, New-AzureRmCdnProfile, Remove-AzureRmCdnProfil...
Script     4.0.0      AzureRM.Cdn                         {Get-AzureRmCdnProfile, Get-AzureRmCdnProfileSsoUrl, New-AzureRmCdnProfile, Remove-AzureRmCdnProfil...
Script     0.9.1      AzureRM.CognitiveServices           {Get-AzureRmCognitiveServicesAccount, Get-AzureRmCognitiveServicesAccountKey, Get-AzureRmCognitiveS...
Script     0.9.0      AzureRM.CognitiveServices           {Get-AzureRmCognitiveServicesAccount, Get-AzureRmCognitiveServicesAccountKey, Get-AzureRmCognitiveS...
Script     4.2.0      AzureRM.Compute                     {Remove-AzureRmAvailabilitySet, Get-AzureRmAvailabilitySet, New-AzureRmAvailabilitySet, Update-Azur...
Script     4.0.1      AzureRM.Compute                     {Remove-AzureRmAvailabilitySet, Get-AzureRmAvailabilitySet, New-AzureRmAvailabilitySet, Update-Azur...
Script     0.3.0      AzureRM.Consumption                 Get-AzureRmConsumptionUsageDetail                                                                     
Script     0.2.2      AzureRM.ContainerInstance           {New-AzureRmContainerGroup, Get-AzureRmContainerGroup, Remove-AzureRmContainerGroup, Get-AzureRmCon...
Script     0.1.0      AzureRM.ContainerInstance           {New-AzureRmContainerGroup, Get-AzureRmContainerGroup, Remove-AzureRmContainerGroup, Get-AzureRmCon...
Script     1.0.2      AzureRM.ContainerRegistry           {New-AzureRmContainerRegistry, Get-AzureRmContainerRegistry, Update-AzureRmContainerRegistry, Remov...
Script     0.3.0      AzureRM.ContainerRegistry           {New-AzureRmContainerRegistry, Get-AzureRmContainerRegistry, Update-AzureRmContainerRegistry, Remov...
Script     4.1.0      AzureRM.DataFactories               {Remove-AzureRmDataFactory, Get-AzureRmDataFactoryRun, Get-AzureRmDataFactorySlice, Save-AzureRmDat...
Script     4.0.1      AzureRM.DataFactories               {Remove-AzureRmDataFactory, Get-AzureRmDataFactoryRun, Get-AzureRmDataFactorySlice, Save-AzureRmDat...
Script     0.5.0      AzureRM.DataFactoryV2               {Set-AzureRmDataFactoryV2, Update-AzureRmDataFactoryV2, Get-AzureRmDataFactoryV2, Remove-AzureRmDat...
Script     0.3.0      AzureRM.DataFactoryV2               {Set-AzureRmDataFactoryV2, Get-AzureRmDataFactoryV2, Remove-AzureRmDataFactoryV2, Set-AzureRmDataFa...
Script     4.2.0      AzureRM.DataLakeAnalytics           {Get-AzureRmDataLakeAnalyticsDataSource, New-AzureRmDataLakeAnalyticsCatalogCredential, Remove-Azur...
Script     4.0.0      AzureRM.DataLakeAnalytics           {Get-AzureRmDataLakeAnalyticsDataSource, New-AzureRmDataLakeAnalyticsCatalogCredential, Remove-Azur...
Script     5.1.0      AzureRM.DataLakeStore               {Get-AzureRmDataLakeStoreTrustedIdProvider, Remove-AzureRmDataLakeStoreTrustedIdProvider, Remove-Az...
Script     5.0.0      AzureRM.DataLakeStore               {Get-AzureRmDataLakeStoreTrustedIdProvider, Remove-AzureRmDataLakeStoreTrustedIdProvider, Remove-Az...
Script     4.0.1      AzureRM.DevTestLabs                 {Get-AzureRmDtlAllowedVMSizesPolicy, Get-AzureRmDtlAutoShutdownPolicy, Get-AzureRmDtlAutoStartPolic...
Script     4.0.0      AzureRM.DevTestLabs                 {Get-AzureRmDtlAllowedVMSizesPolicy, Get-AzureRmDtlAutoShutdownPolicy, Get-AzureRmDtlAutoStartPolic...
Script     4.0.1      AzureRM.Dns                         {Get-AzureRmDnsRecordSet, New-AzureRmDnsRecordConfig, Remove-AzureRmDnsRecordSet, Set-AzureRmDnsRec...
Script     4.0.0      AzureRM.Dns                         {Get-AzureRmDnsRecordSet, New-AzureRmDnsRecordConfig, Remove-AzureRmDnsRecordSet, Set-AzureRmDnsRec...
Script     0.3.0      AzureRM.EventGrid                   {New-AzureRmEventGridTopic, Get-AzureRmEventGridTopic, Set-AzureRmEventGridTopic, New-AzureRmEventG...
Script     0.2.0      AzureRM.EventGrid                   {New-AzureRmEventGridTopic, Get-AzureRmEventGridTopic, Set-AzureRmEventGridTopic, New-AzureRmEventG...
Script     0.5.1      AzureRM.EventHub                    {New-AzureRmEventHubNamespace, Get-AzureRmEventHubNamespace, Set-AzureRmEventHubNamespace, Remove-A...
Script     0.5.0      AzureRM.EventHub                    {New-AzureRmEventHubNamespace, Get-AzureRmEventHubNamespace, Set-AzureRmEventHubNamespace, Remove-A...
Script     4.0.2      AzureRM.HDInsight                   {Get-AzureRmHDInsightJob, New-AzureRmHDInsightSqoopJobDefinition, Wait-AzureRmHDInsightJob, New-Azu...
Script     4.0.1      AzureRM.HDInsight                   {Get-AzureRmHDInsightJob, New-AzureRmHDInsightSqoopJobDefinition, Wait-AzureRmHDInsightJob, New-Azu...
Script     4.0.1      AzureRM.Insights                    {Get-AzureRmMetricDefinition, Get-AzureRmMetric, Remove-AzureRmLogProfile, Get-AzureRmLogProfile...}  
Script     4.0.0      AzureRM.Insights                    {Get-AzureRmMetricDefinition, Get-AzureRmMetric, Remove-AzureRmLogProfile, Get-AzureRmLogProfile...}  
Script     3.1.0      AzureRM.IotHub                      {Add-AzureRmIotHubKey, Get-AzureRmIotHubEventHubConsumerGroup, Get-AzureRmIotHubConnectionString, G...
Script     3.0.0      AzureRM.IotHub                      {Add-AzureRmIotHubKey, Get-AzureRmIotHubEventHubConsumerGroup, Get-AzureRmIotHubConnectionString, G...
Script     4.1.0      AzureRM.KeyVault                    {Add-AzureKeyVaultCertificate, Set-AzureKeyVaultCertificateAttribute, Stop-AzureKeyVaultCertificate...
Script     4.0.1      AzureRM.KeyVault                    {Add-AzureKeyVaultCertificate, Set-AzureKeyVaultCertificateAttribute, Stop-AzureKeyVaultCertificate...
Script     4.0.1      AzureRM.LogicApp                    {Get-AzureRmIntegrationAccountAgreement, Get-AzureRmIntegrationAccountCallbackUrl, Get-AzureRmInteg...
Script     4.0.0      AzureRM.LogicApp                    {Get-AzureRmIntegrationAccountAgreement, Get-AzureRmIntegrationAccountCallbackUrl, Get-AzureRmInteg...
Script     0.17.0     AzureRM.MachineLearning             {Move-AzureRmMlCommitmentAssociation, Get-AzureRmMlCommitmentAssociation, Get-AzureRmMlCommitmentPl...
Script     0.16.0     AzureRM.MachineLearning             {Move-AzureRmMlCommitmentAssociation, Get-AzureRmMlCommitmentAssociation, Get-AzureRmMlCommitmentPl...
Script     0.4.0      AzureRM.MachineLearningCompute      {Get-AzureRmMlOpCluster, Get-AzureRmMlOpClusterKey, Test-AzureRmMlOpClusterSystemServicesUpdateAvai...
Script     0.2.0      AzureRM.MachineLearningCompute      {Get-AzureRmMlOpCluster, Get-AzureRmMlOpClusterKey, Test-AzureRmMlOpClusterSystemServicesUpdateAvai...
Script     0.2.0      AzureRM.MarketplaceOrdering         {Get-AzureRmMarketplaceTerms, Set-AzureRmMarketplaceTerms}                                            
Script     0.9.0      AzureRM.Media                       {Sync-AzureRmMediaServiceStorageKeys, Set-AzureRmMediaServiceKey, Get-AzureRmMediaServiceKeys, Get-...
Script     0.8.0      AzureRM.Media                       {Sync-AzureRmMediaServiceStorageKeys, Set-AzureRmMediaServiceKey, Get-AzureRmMediaServiceKeys, Get-...
Script     5.1.0      AzureRM.Network                     {Add-AzureRmApplicationGatewayAuthenticationCertificate, Get-AzureRmApplicationGatewayAuthenticatio...
Script     5.0.0      AzureRM.Network                     {Add-AzureRmApplicationGatewayAuthenticationCertificate, Get-AzureRmApplicationGatewayAuthenticatio...
Script     4.1.0      AzureRM.NotificationHubs            {Get-AzureRmNotificationHub, Get-AzureRmNotificationHubAuthorizationRules, Get-AzureRmNotificationH...
Script     4.0.0      AzureRM.NotificationHubs            {Get-AzureRmNotificationHub, Get-AzureRmNotificationHubAuthorizationRules, Get-AzureRmNotificationH...
Script     4.1.0      AzureRM.OperationalInsights         {New-AzureRmOperationalInsightsAzureActivityLogDataSource, New-AzureRmOperationalInsightsCustomLogD...
Script     4.0.0      AzureRM.OperationalInsights         {New-AzureRmOperationalInsightsAzureActivityLogDataSource, New-AzureRmOperationalInsightsCustomLogD...
Script     4.1.2      AzureRM.PowerBIEmbedded             {Remove-AzureRmPowerBIWorkspaceCollection, Get-AzureRmPowerBIWorkspaceCollection, Get-AzureRmPowerB...
Script     4.0.0      AzureRM.PowerBIEmbedded             {Remove-AzureRmPowerBIWorkspaceCollection, Get-AzureRmPowerBIWorkspaceCollection, Get-AzureRmPowerB...
Script     4.2.0      AzureRM.profile                     {Disable-AzureRmDataCollection, Disable-AzureRmContextAutosave, Enable-AzureRmDataCollection, Enabl...
Script     4.0.0      AzureRM.profile                     {Disable-AzureRmDataCollection, Disable-AzureRmContextAutosave, Enable-AzureRmDataCollection, Enabl...
Script     4.0.2      AzureRM.RecoveryServices            {Get-AzureRmRecoveryServicesBackupProperty, Get-AzureRmRecoveryServicesVault, Get-AzureRmRecoverySe...
Script     4.0.1      AzureRM.RecoveryServices            {Get-AzureRmRecoveryServicesBackupProperty, Get-AzureRmRecoveryServicesVault, Get-AzureRmRecoverySe...
Script     4.1.0      AzureRM.RecoveryServices.Backup     {Backup-AzureRmRecoveryServicesBackupItem, Get-AzureRmRecoveryServicesBackupManagementServer, Get-A...
Script     4.0.1      AzureRM.RecoveryServices.Backup     {Backup-AzureRmRecoveryServicesBackupItem, Get-AzureRmRecoveryServicesBackupManagementServer, Get-A...
Script     0.2.1      AzureRM.RecoveryServices.SiteRec... {Edit-AzureRmRecoveryServicesAsrRecoveryPlan, Get-AzureRmRecoveryServicesAsrAlertSetting, Get-Azure...
Script     4.1.0      AzureRM.RedisCache                  {Remove-AzureRmRedisCachePatchSchedule, New-AzureRmRedisCacheScheduleEntry, Get-AzureRmRedisCachePa...
Script     4.0.1      AzureRM.RedisCache                  {Remove-AzureRmRedisCachePatchSchedule, New-AzureRmRedisCacheScheduleEntry, Get-AzureRmRedisCachePa...
Script     0.3.1      AzureRM.Relay                       {New-AzureRmRelayNamespace, Get-AzureRmRelayNamespace, Set-AzureRmRelayNamespace, Remove-AzureRmRel...
Script     0.3.0      AzureRM.Relay                       {New-AzureRmRelayNamespace, Get-AzureRmRelayNamespace, Set-AzureRmRelayNamespace, Remove-AzureRmRel...
Script     5.2.0      AzureRM.Resources                   {Get-AzureRmProviderOperation, Remove-AzureRmRoleAssignment, Get-AzureRmRoleAssignment, New-AzureRm...
Script     5.0.0      AzureRM.Resources                   {Get-AzureRmProviderOperation, Remove-AzureRmRoleAssignment, Get-AzureRmRoleAssignment, New-AzureRm...
Script     0.16.1     AzureRM.Scheduler                   {Disable-AzureRmSchedulerJobCollection, Enable-AzureRmSchedulerJobCollection, Get-AzureRmSchedulerJ...
Script     0.16.0     AzureRM.Scheduler                   {Disable-AzureRmSchedulerJobCollection, Enable-AzureRmSchedulerJobCollection, Get-AzureRmSchedulerJ...
Script     4.1.0      AzureRM.ServerManagement            {Invoke-AzureRmServerManagementPowerShellCommand, Get-AzureRmServerManagementSession, New-AzureRmSe...
Script     4.0.0      AzureRM.ServerManagement            {Invoke-AzureRmServerManagementPowerShellCommand, Get-AzureRmServerManagementSession, New-AzureRmSe...
Script     0.5.1      AzureRM.ServiceBus                  {New-AzureRmServiceBusNamespace, Get-AzureRmServiceBusNamespace, Set-AzureRmServiceBusNamespace, Re...
Script     0.5.0      AzureRM.ServiceBus                  {New-AzureRmServiceBusNamespace, Get-AzureRmServiceBusNamespace, Set-AzureRmServiceBusNamespace, Re...
Script     0.3.1      AzureRM.ServiceFabric               {Add-AzureRmServiceFabricApplicationCertificate, Add-AzureRmServiceFabricClientCertificate, Add-Azu...
Script     0.3.0      AzureRM.ServiceFabric               {Add-AzureRmServiceFabricApplicationCertificate, Add-AzureRmServiceFabricClientCertificate, Add-Azu...
Script     5.0.4      AzureRM.SiteRecovery                {Get-AzureRmSiteRecoveryFabric, New-AzureRmSiteRecoveryFabric, Remove-AzureRmSiteRecoveryFabric, St...
Script     5.0.1      AzureRM.SiteRecovery                {Get-AzureRmSiteRecoveryFabric, New-AzureRmSiteRecoveryFabric, Remove-AzureRmSiteRecoveryFabric, St...
Script     4.2.0      AzureRM.Sql                         {Get-AzureRmSqlDatabaseTransparentDataEncryption, Get-AzureRmSqlDatabaseTransparentDataEncryptionAc...
Script     4.0.1      AzureRM.Sql                         {Get-AzureRmSqlDatabaseTransparentDataEncryption, Get-AzureRmSqlDatabaseTransparentDataEncryptionAc...
Script     4.2.0      AzureRM.Storage                     {Get-AzureRmStorageAccount, Get-AzureRmStorageAccountKey, New-AzureRmStorageAccount, New-AzureRmSto...
Script     4.0.1      AzureRM.Storage                     {Get-AzureRmStorageAccount, Get-AzureRmStorageAccountKey, New-AzureRmStorageAccount, New-AzureRmSto...
Script     4.0.2      AzureRM.StreamAnalytics             {Get-AzureRmStreamAnalyticsFunction, Get-AzureRmStreamAnalyticsDefaultFunctionDefinition, New-Azure...
Script     4.0.1      AzureRM.StreamAnalytics             {Get-AzureRmStreamAnalyticsFunction, Get-AzureRmStreamAnalyticsDefaultFunctionDefinition, New-Azure...
Script     4.0.0      AzureRM.Tags                        {Remove-AzureRmTag, Get-AzureRmTag, New-AzureRmTag}                                                   
Script     4.0.1      AzureRM.TrafficManager              {Disable-AzureRmTrafficManagerEndpoint, Enable-AzureRmTrafficManagerEndpoint, Set-AzureRmTrafficMan...
Script     4.0.0      AzureRM.TrafficManager              {Disable-AzureRmTrafficManagerEndpoint, Enable-AzureRmTrafficManagerEndpoint, Set-AzureRmTrafficMan...
Script     4.0.0      AzureRM.UsageAggregates             Get-UsageAggregates                                                                                   
Script     4.1.0      AzureRM.Websites                    {Get-AzureRmAppServicePlan, Set-AzureRmAppServicePlan, New-AzureRmAppServicePlan, Remove-AzureRmApp...
Script     4.0.0      AzureRM.Websites                    {Get-AzureRmAppServicePlan, Set-AzureRmAppServicePlan, New-AzureRmAppServicePlan, Remove-AzureRmApp...

Environment Data

Name                           Value                                                                                                                            
----                           -----                                                                                                                            
PSVersion                      5.1.14393.1944                                                                                                                   
PSEdition                      Desktop                                                                                                                          
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                                                          
BuildVersion                   10.0.14393.1944                                                                                                                  
CLRVersion                     4.0.30319.42000                                                                                                                  
WSManStackVersion              3.0                                                                                                                              
PSRemotingProtocolVersion      2.3                                                                                                                              
SerializationVersion           1.1.0.1                                                                                                                          

Debug Output

-----------------------------------------------
Debugging info from machine that is blocking and ErrorAction Stop
-----------------------------------------------

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 02/17/2018 15:44:00:  - TokenCache: Serializing token cache with 2 items.

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.windows.net/?????????????????/servicePrincipals?$filter=servicePrincipalNames/any(c: c eq '?????????????????'
)&api-version=1.6

Headers:
x-ms-client-request-id        : 90a022b6-7cb4-4d91-b64e-fd94af650d90
accept-language               : en-US

Body:

DEBUG: AzureQoSEvent: CommandName - Get-AzureRmADServicePrincipal; IsSuccess - True; Duration - 00:00:01.5400919; Exception - ;
DEBUG: Finish sending metric.
DEBUG: 9:44:00 AM - GetAzureADServicePrincipalCommand end processing.
DEBUG: 9:44:00 AM - GetAzureADServicePrincipalCommand end processing.

-----------------------------------------------
Debugging info from machine that is NOT blocking
-----------------------------------------------

DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : 
DEBUG: 02/17/2018 15:45:47:  - TokenCache: Serializing token cache with 2 items.

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.windows.net/?????????????????/servicePrincipals?$filter=servicePrincipalNames/any(c: c eq '?????????????????'
)&api-version=1.6

Headers:
x-ms-client-request-id        : 99882565-56f3-4739-b2e3-efc0d129c071
accept-language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Pragma                        : no-cache
ocp-aad-diagnostics-server-name: ?????????????????
request-id                    : ?????????????????
client-request-id             : ?????????????????
x-ms-dirapi-data-contract-version: 1.6
ocp-aad-session-key           : ?????????????????
X-Content-Type-Options        : nosniff
DataServiceVersion            : 3.0;
Strict-Transport-Security     : max-age=31536000; includeSubDomains
Access-Control-Allow-Origin   : *
Duration                      : 646770
Cache-Control                 : no-cache
Server                        : Microsoft-IIS/8.5
X-AspNet-Version              : 4.0.30319
X-Powered-By                  : ASP.NET,ASP.NET
Date                          : Sat, 17 Feb 2018 15:45:46 GMT

Body:
{
  "odata.metadata": "https://graph.windows.net/?????????????????/$metadata#directoryObjects/Microsoft.DirectoryServices.ServicePrincipal",
  "value": [
    ##### CONTENT REMOVED FOR BREVITY AND SENSITIVITY #####
  ]
}

ServicePrincipalNames : ???????????????
ApplicationId         : ????????????????
DisplayName           : ????????????????????
Id                    : ???????????????????????
Type                  : ServicePrincipal

DEBUG: AzureQoSEvent: CommandName - Get-AzureRmADServicePrincipal; IsSuccess - True; Duration - 00:00:01.7459605; Exception - ;
DEBUG: Finish sending metric.
DEBUG: 9:45:48 AM - GetAzureADServicePrincipalCommand end processing.
DEBUG: 9:45:48 AM - GetAzureADServicePrincipalCommand end processing.

-----------------------------------------------
Custom powershell that does auth directly using Microsoft.IdentityModel.Clients.ActiveDirectory.dll
https://goodworkaround.com/2015/04/10/using-the-azure-ad-graph-api-with-powershell/
-----------------------------------------------

https://graph.windows.net/???????????????.onmicrosoft.com/servicePrincipals?$filter=servicePrincipalNames/any(c: c eq '???????????????')&api-vers
ion=1.6

Invoke-RestMethod : The underlying connection was closed: An unexpected error occurred on a send.
At line:15 char:13
+ $response = Invoke-RestMethod -Uri $url -ContentType "application/jso ...
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

[cormacpayne]

@darshanhs90 Hey Haridarshan, would you mind taking a look at this issue?

[veemvve]

Hi There - Looks like I'm also going through the same issue. When I loop through multiple data factories to add it to Key Vault access policies, I'm able to retrieve MSI without any issue for the first 2 data factories and after that its returning NULL for rest of the iterations. (Get-AzureRmADServicePrincipal -ObjectId $datafactory.Identity.PrincipalId).ApplicationId