Open dkotars opened 1 year ago
Can you provide me with the commands that you ran so I can investigate?
PS C:\WINDOWS\system32> Import-Module PSServicePrincipal PS C:\WINDOWS\system32> New-ServicePrincipalObject -DisplayName 'ExchangeCBAApp' -RegisteredApp -Cba -CreateSingleObject
Ok, one last thing. Can you please run a Get-Module list as well as the last error from powershell after running the command: $e = $error[0].
TIA Dave
From: dkotars @.> Sent: Thursday, April 6, 2023 12:28 PM To: dgoldman-msft/PSServicePrincipal @.> Cc: Dave @.>; Comment @.> Subject: Re: [dgoldman-msft/PSServicePrincipal] [New-ServicePrincipal] Cannot find type [Microsoft.Azure.Commands.ActiveDirectory.PSADPasswordCredential]: verify that the assembly containing this type is loaded. (Issue #39)
PS C:\WINDOWS\system32> Import-Module PSServicePrincipal PS C:\WINDOWS\system32> New-ServicePrincipalObject -DisplayName 'ExchangeCBAApp' -RegisteredApp -Cba -CreateSingleObject
— Reply to this email directly, view it on GitHubhttps://github.com/dgoldman-msft/PSServicePrincipal/issues/39#issuecomment-1499326607, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AJQPRPFHNCCTVNX4PRJB6VDW73VIBANCNFSM6AAAAAAWNLJNVY. You are receiving this because you commented.Message ID: @.**@.>>
Sent from mail.dgoldman.org
PS C:\WINDOWS\system32> get-module
ModuleType Version Name ExportedCommands
Script 2.12.1 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear... Script 6.5.3 Az.Resources {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDeny... Binary 2.0.2.140 AzureAD {Add-AzureADApplicationOwner, Add-AzureADDeviceRegisteredO... Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Con... Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl... Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type, Clear-Variable, Compare-Object...} Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disable-WSManCredSSP, Disconnect-WSMan, En... Manifest 1.0.0.0 pki {Add-CertificateEnrollmentPolicyServer, Export-Certificate... Script 1.7.270 PSFramework {ConvertTo-PSFHashtable, Invoke-PSFCallback, Invoke-PSFPro... Script 1.0.49 PSServicePrincipal {Connect-ToAzureInteractively, Connect-ToCloudTenant, Get-...
WARNING: [16:06:17][Add-ExchangePermsToSPN.ps1] Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'ObjectId'. Specified method is not supported.
I am unable to reproduce that code. The one thing that could cause this is if you do not have the necessary to execute the following permissions. Are you able to execute the following commands manually in a PowerShell session?
Connect-AzureAd $O365SvcPrincipal = Get-AzureADServicePrincipal -All $true | Where-object { $_.DisplayName -eq "Office 365 Exchange Online" } $reqExoAccess = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess" $reqExoAccess.ResourceAppId = $O365SvcPrincipal.AppId $delegatedPermissions = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "dc50a0fb-09a3-484d-be87-e023b12c6440", "Role" # Manage Exchange As Application $reqExoAccess.ResourceAccess = $delegatedPermissions $ADApplication = get-AzureADApplication -SearchString $DisplayName $ADApplication.ObjectId <-- Do you get any results?? Do not paste them in your reply.
I do get results, yes.
In Powershell verion 5.1.22621.963. script generates errors:
[10:03:22][New-ServicePrincipal] Creating SPN with ApplicationID WARNING: [10:03:22][New-ServicePrincipal] Cannot find type [Microsoft.Azure.Commands.ActiveDirectory.PSADPasswordCredential]: verify that the assembly containing this type is loaded. [10:03:22][] Checking current Role Assignment. Waiting for AD Replication
WARNING: [10:03:23][Add-RoleToSPN] Failed to: Applying role assignment: Adding Contributor role to SPN | Cannot
validate argument on parameter 'ApplicationId'. The argument is null or empty. Provide an argument that is not null or
empty, and then try the command again.
[10:03:23][Add-ExchangePermsToSPN.ps1] Exchange.ManageAsApp roll applied to application ExchangeCBAApp. To complete setup go to your application in the Azure portal and Grant Admin Consent.
WARNING: [10:03:24][Add-ExchangePermsToSPN.ps1] Cannot convert 'System.Object[]' to the type 'System.String' required
by parameter 'ObjectId'. Specified method is not supported.
[10:03:24][New-ServicePrincipalObject] Completed. Log saved to: "C:\Users\user\Documents\PSServiecPrincipal Logging".