Closed alexc307 closed 5 years ago
Hi @alexc307, sorry for the late response on this.
Can you run the following commands and share the output?
PS > $Error.Clear()
PS > $oktaVerbose=$true
PS > oktaGetUserbyID -userName me -Verbose
PS > $Error[0..($Error.count)]
Hi Mark,
Thank you so much for getting back to me.
Here's the output:
Get-Process : A parameter cannot be found that matches parameter name 'userName'. At line:7 char:22
+ CategoryInfo : InvalidArgument: (:) [Get-Process], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.PowerShell.Commands.GetProcessCommand
Also, I tried running the original script again with verbose, and here is what I get:
VERBOSE: GET https://abc.okta.com/api/v1/users?limit=1000 with 0-byte payload WARNING: Unable to find type [Microsoft.PowerShell.Commands.HttpResponseException]. WARNING: Encountered error, returning limited or empty set VERBOSE: This Page returned: 0, we've seen: 0 results so far VERBOSE: 0 results returned, i predict an empty page coming up, lets skip it VERBOSE: We see no or an invalid next link of: False
Thank you, Alex
Ok that first Error is odd...
let's skip that for now. What I'm really interested in is the various errors that are occurring, so we can get to the root issue.
so first we want to clear the list of errors, make sure the verbose settings are on, run a command with the verbose parameter and finally spit out the various error messages that occurred.
Can you run that again... something like this.
PS > $Error.Clear()
PS > $oktaVerbose=$true
PS > #run your command, with the -verbose arg, here
PS > $Error[0..($Error.count)]
Running this:
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass Import-Module OKTA
PS > $Error.Clear()
PS > $oktaVerbose=$true
PS > oktaListUsers -oOrg prod -verbose
PS > $Error[0..($Error.count)]
Error:
Get-Process : A parameter cannot be found that matches parameter name 'oOrg'. At line:7 char:20
+ CategoryInfo : InvalidArgument: (:) [Get-Process], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.PowerShell.Commands.GetProcessCommand
Hi, The commands aren't even executing they are hanging up with a parameter validation. Make sure you are typing the commands right and there are no special characters or some odd copy/paste gremlins.
What i want/need is the verbose output and the error information from a command that errors out with the HttpResponseException
I think I got it:
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass Import-Module OKTA
$Error.Clear()
$oktaVerbose=$true
oktaListUsers -oOrg prod -verbose
$Error[0..($Error.count)]
VERBOSE: GET https://abc.okta.com/api/v1/users?limit=1000 with 0-byte payload WARNING: Unable to find type [Microsoft.PowerShell.Commands.HttpResponseException]. WARNING: Encountered error, returning limited or empty set VERBOSE: This Page returned: 0, we've seen: 0 results so far VERBOSE: 0 results returned, i predict an empty page coming up, lets skip it VERBOSE: We see no or an invalid next link of: False
Unable to find type [Microsoft.PowerShell.Commands.HttpResponseException]. At C:\Program Files\WindowsPowerShell\Modules\OKTA\Okta.psm1:478 char:38
+ CategoryInfo : InvalidOperation: (Microsoft.Power...sponseException:TypeName) [], RuntimeException
+ FullyQualifiedErrorId : TypeNotFound
Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel. At C:\Program Files\WindowsPowerShell\Modules\OKTA\Okta.psm1:461 char:25
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
Looks like an issue negotiating an SSL connection, probably related to Okta moving to TLS1.2 only.
Take a look at this note in the readme. https://github.com/mbegan/Okta-PSModule#a-note-about-tls-12
Will do, thank you very much sir!
WebSession being static to runtime means you cannot switch between two instances with the -oOrg switch - restart powershell and stay to a single instance if error is 401 (unauthorized).. Though that is my belief...
When getting this error in Windows 10 Enviroment: PS C:\Windows\system32> oktaGetUserbyID -uid xxx@xxx.com VERBOSE: GET https://xxx.okta.com/api/v1/users/xxx@xxx.com with 0-byte payload VERBOSE: received -1-byte response of content type application/json WARNING: Unable to find type [Microsoft.PowerShell.Commands.HttpResponseException]. WARNING: Encountered error, returning limited or empty set
The solution is to run the old Internet Explorer 11 for the first time(start>type Explorer and click on old IE icon...) and to accept the recommended settings for IE or change this registry setting: [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main] "DisableFirstRunCustomize"=dword:00000001
I use in my fork this function and call it before I do other commands at the start of a session. My Guess could be the: Add-Type -AssemblyName System.Web
function OktaLoadEnvironment() { param( [Boolean]$Verbose = $false )
$TLSver = $script:TLSver # MUST be from list from PoSH -> Net.SecurityProtocolType.DeclaredMembers.Name
if ($Verbose) {Write-host "[OKTA]`tChecking TLS settings"} if ([Net.ServicePointManager]::SecurityProtocol -eq $TLSver){
if ($Verbose) {Write-host "[OKTA]`t`t...prior set" -foreground green}
} else {
if ($Verbose) {Write-host "[OKTA]t
tCurrently:
$([Net.ServicePointManager]::SecurityProtocol)"}
$tlsVersionCheck = $null
$tlsVersionCheck = [Net.SecurityProtocolType].DeclaredMembers.Name
if ($tlsVersionCheck -ne $null){
if ($Verbose) {Write-host "[OKTA]`t`t`tGot TLS Sec Protocol via
Declared Members"}
} else {
if ($Verbose) {Write-host "[OKTA]t
ttTrying to get TLS Sec Protocol via fallback method"} $tlsVersionCheck = [enum]::GetNames([Net.SecurityProtocolType]) } if ($tlsVersionCheck -contains $TLSver) { if ($Verbose) {Write-host "[OKTA]
t`tAttempting change to $TLSver"}
try {
[Net.ServicePointManager]::SecurityProtocol =
} catch {Write-Warning $_.Exception.Message}
} else {
# Let's leave alone
if ($Verbose) {Write-host "[OKTA]`t`t`t...Do not see $TLSver as
option" -foreground red} }
if ([Net.ServicePointManager]::SecurityProtocol -eq $TLSver){
if ($Verbose) {VerboseMsg -Success -Message "[OKTA]`t`t`t...success"}
} else {
if ($Verbose) {VerboseMsg -Warn -Message "[OKTA]`t`t`t...failed to
set, but will attempt"} } }
if ($Verbose) {Write-host "[OKTA]`tChecking system.Web Type import"}
if ((Get-TypeData -TypeName System.Web.*) -eq $null) {
Add-Type -AssemblyName System.Web
# Validate
if ((Get-TypeData -TypeName System.Web.*) -eq $null) {
if ($Verbose) {write-host "[OKTA]`t`t...FAILED!" -foreground red}
write-host "Could not import System.web assemblies needed by Okta
Powershell" -foreground red
write-host "Please manually attempt 'Add-Type -AssemblyName
System.Web'" -foreground red
write-host "then re-run the script - exiting!" -foreground red
exit
} else {
if ($Verbose) {write-host "[OKTA]t
t...success" -foreground green}
}
} else {
if ($Verbose) {write-host "[OKTA]t
t...prior set" -foreground green}
}
}
On Wed, Jan 18, 2023 at 12:30 PM Srecko Anzic @.***> wrote:
When getting this error in Windows 10 Enviroment: PS C:\Windows\system32> oktaGetUserbyID -uid @. VERBOSE: GET @. with 0-byte payload VERBOSE: received -1-byte response of content type application/json WARNING: Unable to find type [Microsoft.PowerShell.Commands.HttpResponseException]. WARNING: Encountered error, returning limited or empty set
The solution is to run the old Internet Explorer for the first time(start>type Explorer and click on old IE icon...) and to accept the recommended settings for IE or change this registry setting: [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main] "DisableFirstRunCustomize"=dword:00000001
— Reply to this email directly, view it on GitHub https://github.com/mbegan/Okta-PSModule/issues/28#issuecomment-1387741645, or unsubscribe https://github.com/notifications/unsubscribe-auth/AJDA4M6J3VGAMU34DF7NCSLWTBHIBANCNFSM4FY2D3UA . You are receiving this because you commented.Message ID: @.***>
Trying to run the basic
Import-Module Okta
oktaGetUserbyID -oOrg prod -uid xxx@abc.com
Getting
oktaGetUserbyID -oOrg prod -uid xxx@abc.com VERBOSE: GET https://abc.okta.com/api/v1/users/xxx@abc.com with 0-byte payload WARNING: Unable to find type [Microsoft.PowerShell.Commands.HttpResponseException]. WARNING: Encountered error, returning limited or empty set
I feel like I'm missing something, but I cannot tell what.
Thank you kindly!