Closed CW-RKR closed 1 month ago
Snozzberries
commented
1 month ago Thanks for the additional context @CW-RKR, unfortunately this is a limitation of the ExchangeOnlineModule. Until that module is update we won't have capabilities to support device code authentication flow with Exchange Online. A good alternative is to use a Service Principal with a certificate.
CW-RKR
commented
1 month ago Just out of curiosity. Why do you use Device Code Authentication? Is there no other way under 5.1 besides this or setting up an app registration with certificates?
Snozzberries
commented
1 month ago Generally, Microsoft does not recommend using device code flow. Though it is still valuable when testing in a headless interactive scenario. Like interactively running it from a Linux node or docker image that does not have a window manager and browser. For a production deployment though where you want to run it noninteractive then certificate authentication as a Service Principal is recommended.
ExchangeOnlineModule in PowerShell 5.1 supports interactive authentication and certificate authentication methods. In PowerShell 7+ it also supports device code flow.
Maester does not require a specific authentication method though. You can connect to Exchange Online using any of the supported methods of their connection function and Maester will utilize that connection.
Error: PS C:\Temp\maester> Connect-Maester -Service ExchangeOnline Connect-ExchangeOnline : A parameter cannot be found that matches parameter name 'Device'.
Interactiv logon with Connect-ExchangeOnline works fine. I am aware of this issue https://github.com/maester365/maester/issues/261.
But in my env. only PS 5.1 is permitted. And I know a lot of (German) customers with the same policy. So please find a way to fix this.