Closed DeusMaximus closed 1 year ago
Same issue.
I also use PIM, and cannot get in with that command. In C:\Program Files\WindowsPowerShell\Modules\IntuneWin32App\1.3.3\Public\Connect-MSIntuneGraph.ps1 there are more mandatory fields for that command than the documentation indicates (it only says to provide the TenantID). I'm guessing that's the problem.
When I try to run the command, I get this warning:
WARNING: An error occurred while attempting to retrieve or refresh access token. Error message: Cannot convert argument "builder", with value: "Microsoft.Identity.Client.PublicClientApplicationBuilder", for "WithDesktopFeatures" to type "Microsoft.Identity.Client.PublicClientApplicationBuilder": "Cannot convert the "Microsoft.Identity.Client.PublicClientApplicationBuilder" value of type "Microsoft.Identity.Client.PublicClientApplicationBuilder" to type "Microsoft.Identity.Client.PublicClientApplicationBuilder"."
However the module won't process any other commands, and Get-PSSession shows no session exists. :(
That's odd because I use it daily with an account where PIM is "enabled" and roles are activated when needed. It feels more like a MSAL.PS issue than the code I've written as it relies on that module for authentication. Is this still an issue?
That's odd because I use it daily with an account where PIM is "enabled" and roles are activated when needed. It feels more like a MSAL.PS issue than the code I've written as it relies on that module for authentication. Is this still an issue?
It is, but my workaround is to run the module on a different machine that doesn't have the issue.
When assigned the Intune Administrator role via privileged identity management in Azure AD, the Connect-MSIntuneGraph script does not recognise this granted access, and instead requests that someone with administrator rights logs in.