Does Azure Automation support Connect-MsolService or Not?

[dodge1350-frp]

We use MFA, as everyone should be using to prevent illegal activity from occurring in their environments. According to the thread, the user that tried to implement the suggested solution was still denied, and it was assumed to be a result of MFA. Is this true? (https://www.reddit.com/r/AZURE/comments/d5yc3t/automation_runbooks_connectmsolservice_using_run/)

What is the solution to implement:

$credential = Get-AutomationPSCredential -Name '' Connect-MsolService -Credential $credential

This shouldn't even have to be asked, as the documentation should provide the method for both ways of connecting via Azure Automation credential, one non-MFA and one MFA, and clear documentation that indicates that their is no way to do it via MFA if that is the case.

If that is the case, then the solution for that should be job 1 of the team that is implementing Azure Automation. Please provide us with updated information on how Connect-MsolService can be implemented in Azure Automation.

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 2f830218-a56b-6a7e-d6e7-7736896d3f91
• Version Independent ID: ae33d704-d0b7-d478-8602-cc787f706d72
• Content: Manage credentials in Azure Automation
• Content Source: articles/automation/shared-resources/credentials.md
• Service: automation
• Sub-service: shared-capabilities
• GitHub Login: @MGoedtel
• Microsoft Alias: magoedte

[BharathNimmala-MSFT]

@dodge1350-frp Thank you for reaching out with your query, we will look into it and get back to you at the earliest.

[BharathNimmala-MSFT]

@dodge1350-frp Thanks again for reaching out, requesting you to please review this documentation on how to "Connect to the Azure AD online service".

Please review the above information and see if that caters on what you are looking for. Please get back to us if you have any further queries. Thank you

I have also reached out to our document author to further review your feedback if we need to update any of our documentation to differentiate between non-MFA and MFA , based on the discussion we take a back log item accordingly.

[dodge1350-frp]

Thanks for that update, but that is only valid for non-MFA based credentials. We use MFA completely, as everyone should. Please review your documentation and update accordingly if possible. Thanks.

Get Outlook for Androidhttps://aka.ms/ghei36

---

From: BharathNimmala-MSFT notifications@github.com Sent: Tuesday, November 17, 2020 7:38:09 PM To: MicrosoftDocs/azure-docs azure-docs@noreply.github.com Cc: Dave Shumate dshumate@foundationrp.com; Mention mention@noreply.github.com Subject: Re: [MicrosoftDocs/azure-docs] Does Azure Automation support Connect-MsolService or Not? (#65971)

@dodge1350-frphttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fdodge1350-frp&data=04%7C01%7Cdshumate%40foundationrp.com%7C99f6f29a0006409fa4ae08d88b5a3953%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637412566925623276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=2jcnG7vhpX2qG56TmpaubrKjo0sUQxvqxWwhHr%2FBw2E%3D&reserved=0 Thanks again for reaching out, requesting you to please review this https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fautomation%2Fmanage-office-365%23connect-to-the-azure-ad-online-service&data=04%7C01%7Cdshumate%40foundationrp.com%7C99f6f29a0006409fa4ae08d88b5a3953%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637412566925633271%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Q7EtsmHySOhrSc%2FVQOyKI6Uo3OkvIagERR91Lx7IfaQ%3D&reserved=0 documentation on how to "Connect to the Azure AD online service".

Please review the above information and get back to us if you have any further queries. Thank you

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fazure-docs%2Fissues%2F65971%23issuecomment-729300485&data=04%7C01%7Cdshumate%40foundationrp.com%7C99f6f29a0006409fa4ae08d88b5a3953%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637412566925643270%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=rPDOeMJiGnCTIOOPYxkvhU4FHx%2FGtn93Pbq%2BDmCu%2Fmc%3D&reserved=0, or unsubscribehttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAOXQXJ4R3ZKKR6RT4I5CFT3SQMJPDANCNFSM4TTI2CAQ&data=04%7C01%7Cdshumate%40foundationrp.com%7C99f6f29a0006409fa4ae08d88b5a3953%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637412566925653263%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=hbkRTbqL%2BLL5gukXAMvQmWAIPtvZHbmDzcNCJdJxU1o%3D&reserved=0.

SPECIAL NOTE RE COVID-19: We are here to help you through these difficult times as best as we can. While we are willing to assist you to the best of our ability, it is our responsibility to inform you of the necessary limitations on our advice. Any statements by an employee of our company, verbally or contained herein, relating to the impact or the potential impact of coronavirus/COVID-19 on federal, state or local relief measures, insurance coverage or any insurance policy are necessarily not legal opinions, warranties or guarantees, and should not be relied upon as such. Our statements are not legal advice and we do not make coverage decisions regarding COVID-19 claims. You should submit all claims to your insurance carriers or authorized representatives for evaluation, as the carriers, not us, will make the final determination. Given the on-going and constantly changing situation with respect to the coronavirus/COVID-19 pandemic, this communication does not necessarily reflect the latest information regarding recently enacted, pending or proposed legislation or guidance that could override, alter or otherwise affect existing insurance coverage. You should give due consideration to hiring an attorney for specific advice in this regard. Thank you and be safe.

[BharathNimmala-MSFT]

@dodge1350-frp We greatly appreciate your feedback, we will take the feedback to our document author and our internal product team and see how we can improve the documentation , with a backlog item.

Once the feedback is reviewed , we will a have a PR to update the live document and link to this thread so that it makes you aware that the feedback as been reflected on the live document.

We will go ahead and close this issue for now, however if you have any further queries/feedback please tag us in your reply and will be happy to reopen the thread and continue the conversation. Thank you

[dodge1350-frp]

This issue isn't closed. Where is the code to use Connect-MsolService via MFA in Azure Automation using credentials? That's the question, and I haven't seen any answer to that effect. This should not be closed until an answer is provided or you say you can't do it and put it into a que to have it fixed. What is going on?

[BharathNimmala-MSFT]

@dodge1350-frp Apologies if the question was not answered, this repo is to drive improvements on Azure documentation and at this point there were no edits needed to the existing documentation linked to this thread . However wanted to take feedback with our internal team and if document enhancement is needed , take it as a backlog item.

Regarding your specific query around Connect-MsolService via MFA in Azure Automation, based on some research Secure Application Model might be a possible way. However I am checking with our internal on Azure Automation supportability for using Connect-MsolService, will keep you updated as I have more information.

[BharathNimmala-MSFT]

@dodge1350-frp Just wanted to keep you updated that I did hear back from our Product team and based on initial analysis MFA is not supported for any cmdlet in Automation. However I have created an internal ticket with our team to further evaluate and see if there is any work around for this scenario. Will keep you updated as I get further information. Thank you

[dodge1350-frp]

Thanks for the info on the token based access for MSOnline, I will give that a try and see if it yields positive results. As for the comment that “based on initial analysis MFA is not supported for any cmdlet in Automation”, that just isn’t true. I have been able to connect to all other cmdlets using MFA credentials as that is well documented in the literature. MSOnline, however, does not support that, so I will try the token based approach and let you know how that goes.

[https://s3.amazonaws.com/htmlsig-assets/spacer.gif] David Shumate | Director of Business Process Design dshumate@foundationrp.commailto:dshumate@foundationrp.com | 386.385.4150 [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] Foundation Risk Partners 1540 Cornerstone Blvd | Suite 230 Daytona Beach, Florida 32117 www.FoundationRP.comhttp://www.foundationrp.com/ [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] [LinkedIn]https://htmlsig.com/t/000001FFB5KK [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] [htmlsig.com]https://htmlsig.com/t/000001FFWAKE [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this communication in error, please delete the original message and do not distribute. Please notify the sender by E-Mail at the address shown. Thank you for your compliance.

From: BharathNimmala-MSFT notifications@github.com Sent: Thursday, November 19, 2020 3:13 AM To: MicrosoftDocs/azure-docs azure-docs@noreply.github.com Cc: Dave Shumate dshumate@foundationrp.com; Mention mention@noreply.github.com Subject: Re: [MicrosoftDocs/azure-docs] Does Azure Automation support Connect-MsolService or Not? (#65971)

@dodge1350-frp Just wanted to keep you updated that I did hear back from our Product team and based on initial analysis MFA is not supported for any cmdlet in Automation. However I have created an internal ticket with our team to further evaluate and see if there is any work around for this scenario. Will keep you updated as I get further information. Thank you

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fazure-docs%2Fissues%2F65971%23issuecomment-730204925&data=04%7C01%7Cdshumate%40foundationrp.com%7C5d6c997767484ff72a6408d88c62eb74%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637413703799700533%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=EGlJKZY65fm5b4X%2FtMFpk%2FoWzuHqOYQr3S6UD9vchBQ%3D&reserved=0, or unsubscribehttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAOXQXJ32VJOXF3YYOHYQHXLSQTHQPANCNFSM4TTI2CAQ&data=04%7C01%7Cdshumate%40foundationrp.com%7C5d6c997767484ff72a6408d88c62eb74%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637413703799710528%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uWoqSN9VDeW3dcbAUcwZgr8iAAJ4m%2FvhJL7zGRQ52wQ%3D&reserved=0.

SPECIAL NOTE RE COVID-19: We are here to help you through these difficult times as best as we can. While we are willing to assist you to the best of our ability, it is our responsibility to inform you of the necessary limitations on our advice. Any statements by an employee of our company, verbally or contained herein, relating to the impact or the potential impact of coronavirus/COVID-19 on federal, state or local relief measures, insurance coverage or any insurance policy are necessarily not legal opinions, warranties or guarantees, and should not be relied upon as such. Our statements are not legal advice and we do not make coverage decisions regarding COVID-19 claims. You should submit all claims to your insurance carriers or authorized representatives for evaluation, as the carriers, not us, will make the final determination. Given the on-going and constantly changing situation with respect to the coronavirus/COVID-19 pandemic, this communication does not necessarily reflect the latest information regarding recently enacted, pending or proposed legislation or guidance that could override, alter or otherwise affect existing insurance coverage. You should give due consideration to hiring an attorney for specific advice in this regard. Thank you and be safe.

[dodge1350-frp]

No success in obtaining access via the proposed solution: Secure Application Model https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fpartnercenter%2Fsecure-app-model%3Fview%3Dpartnercenterps-1.5%23msonline&data=04%7C01%7Cdshumate%40foundationrp.com%7C7f32d545bdc8422eaa3d08d88c2b54dc%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637413465040965577%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=5LElGimHyYMFuLgQREiMwzAt6D2zqN7RdMeaxwiP61w%3D&reserved=0

Error identified: New-PartnerAccessToken : Parameter set cannot be resolved using the specified named parameters.

Reference: https://github.com/microsoft/Partner-Center-PowerShell/issues/153

Seems like you have a lot of unaddressed issues with that particular solution, might want to address them for the fellas that need help. Doesn’t seem to be a good solution for me either.

My two cents?

Connect-MsolService is a very commonly used cmdlet and should be able to be used in Azure Automation so we can AUTOMATE things. It shouldn’t have to be a really hard thing to find out how to do or implement. It should be documented right along side of the non-MFA method of calling. At this point, I have to assume that none of the developers in Microsoft are using MFA, and if they are not, why not? This issue would have been addressed directly when they were working on Azure Automation module integration if they had been.

[https://s3.amazonaws.com/htmlsig-assets/spacer.gif] David Shumate | Director of Business Process Design dshumate@foundationrp.commailto:dshumate@foundationrp.com | 386.385.4150 [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] Foundation Risk Partners 1540 Cornerstone Blvd | Suite 230 Daytona Beach, Florida 32117 www.FoundationRP.comhttp://www.foundationrp.com/ [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] [LinkedIn]https://htmlsig.com/t/000001FFB5KK [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] [htmlsig.com]https://htmlsig.com/t/000001FFWAKE [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] [https://s3.amazonaws.com/htmlsig-assets/spacer.gif] CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this communication in error, please delete the original message and do not distribute. Please notify the sender by E-Mail at the address shown. Thank you for your compliance.

From: BharathNimmala-MSFT notifications@github.com Sent: Thursday, November 19, 2020 3:13 AM To: MicrosoftDocs/azure-docs azure-docs@noreply.github.com Cc: Dave Shumate dshumate@foundationrp.com; Mention mention@noreply.github.com Subject: Re: [MicrosoftDocs/azure-docs] Does Azure Automation support Connect-MsolService or Not? (#65971)

@dodge1350-frphttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fdodge1350-frp&data=04%7C01%7Cdshumate%40foundationrp.com%7C5d6c997767484ff72a6408d88c62eb74%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637413703799700533%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=TKPOjMsLywq4dFORP%2FIvtydp0mCrUDSJRyxp1hHiiTQ%3D&reserved=0 Just wanted to keep you updated that I did hear back from our Product team and based on initial analysis MFA is not supported for any cmdlet in Automation. However I have created an internal ticket with our team to further evaluate and see if there is any work around for this scenario. Will keep you updated as I get further information. Thank you

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fazure-docs%2Fissues%2F65971%23issuecomment-730204925&data=04%7C01%7Cdshumate%40foundationrp.com%7C5d6c997767484ff72a6408d88c62eb74%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637413703799700533%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=EGlJKZY65fm5b4X%2FtMFpk%2FoWzuHqOYQr3S6UD9vchBQ%3D&reserved=0, or unsubscribehttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAOXQXJ32VJOXF3YYOHYQHXLSQTHQPANCNFSM4TTI2CAQ&data=04%7C01%7Cdshumate%40foundationrp.com%7C5d6c997767484ff72a6408d88c62eb74%7C7ba70ca2d9de49119277f5febbf4589c%7C0%7C0%7C637413703799710528%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uWoqSN9VDeW3dcbAUcwZgr8iAAJ4m%2FvhJL7zGRQ52wQ%3D&reserved=0.

SPECIAL NOTE RE COVID-19: We are here to help you through these difficult times as best as we can. While we are willing to assist you to the best of our ability, it is our responsibility to inform you of the necessary limitations on our advice. Any statements by an employee of our company, verbally or contained herein, relating to the impact or the potential impact of coronavirus/COVID-19 on federal, state or local relief measures, insurance coverage or any insurance policy are necessarily not legal opinions, warranties or guarantees, and should not be relied upon as such. Our statements are not legal advice and we do not make coverage decisions regarding COVID-19 claims. You should submit all claims to your insurance carriers or authorized representatives for evaluation, as the carriers, not us, will make the final determination. Given the on-going and constantly changing situation with respect to the coronavirus/COVID-19 pandemic, this communication does not necessarily reflect the latest information regarding recently enacted, pending or proposed legislation or guidance that could override, alter or otherwise affect existing insurance coverage. You should give due consideration to hiring an attorney for specific advice in this regard. Thank you and be safe.

[BharathNimmala-MSFT]

@dodge1350-frp Thank you for your response and candid feedback.

My sincerest apologies for delay in getting back to this thread. Just wanted to keep you updated, that we are working in the back ground to find the right contacts internally who can further help understand your scenario and also review your feedback . Will keep you updated as we get more information on this. Thank you.

[jaycalderwood]

Any updates on this?

[ghost]

@dodge1350-frp Thank you for your response and candid feedback.

My sincerest apologies for delay in getting back to this thread. Just wanted to keep you updated, that we are working in the back ground to find the right contacts internally who can further help understand your scenario and also review your feedback . Will keep you updated as we get more information on this. Thank you.

What is the latest on this case? I also need a solution to this problem

[ZimMike]

Any update on this?

[BharathNimmala-MSFT]

@daisystevens100 , @ZimMike Thank you for reaching out. My sincere apologies for delayed response on this, with incoming volume this one missed my radar. I am further validating with my internal team to see if any of new features will support this scenario or have any other work around. Will keep this thread updated as soon as I have some additional information.

[jsanchez-dattics]

Hi, is the some update on this?

We need this ASAP

[dodge1350-frp]

It's been almost 2 years and yet no solution has been provided or any updates on if they are even attempting to find a solution to this. What about managed identity for Exchange Online? Is there support for that? Would that work?

[ghost]

I've given up on this

Get Outlook for Androidhttps://aka.ms/AAb9ysg

---

From: jsanchez-dattics @.> Sent: Friday, August 19, 2022 6:41:19 PM To: MicrosoftDocs/azure-docs @.> Cc: Daisy Olivia Stevens @.>; Mention @.> Subject: Re: [MicrosoftDocs/azure-docs] Does Azure Automation support Connect-MsolService or Not? (#65971)

Hi, is the some update on this?

We need this ASAP

— Reply to this email directly, view it on GitHubhttps://github.com/MicrosoftDocs/azure-docs/issues/65971#issuecomment-1220879096, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AJTARXNNN5EXBM4OPRRK4PLVZ62K7ANCNFSM4TTI2CAQ. You are receiving this because you were mentioned.Message ID: @.***>

[SnehaSudhirG]

Thanks for your dedication to our documentation. Unfortunately, at this time we have been unable to review your issue in a timely manner and we sincerely apologize for the delayed response. The requested updates have not been made since the creation of this issue, and the timeline for resolution may vary based on resourcing, so we've created an internal work item to incorporate your suggestions. We are closing this issue for now, but feel free to comment here as necessary. #please-close