Getting server timed out error running export command

[sdfarquhar]

Description of the issue

I am running the latest M365 DSC in an Azure Automation to run an export using a managed ID. This worked early last week but appeared to break after updating to 1.23.1101.1 with the error below. I made sure all support Graph modules were updated to 2.8.0 but this has not fixed the issue. Any ideas what might be going on?

Failed Unable to connect to the remote server (Unable to connect to the remote server (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond XXX.XX.XX.XXX:80)

Microsoft 365 DSC Version

1.23.1101.1

Which workloads are affected

Planner

The DSC configuration

##This script when run will extract all Planner config settings and save the files to a SPO site.
Import-Module Orchestrator.AssetManagement.Cmdlets -ErrorAction SilentlyContinue
##Setup path for config file and date to be used in file name
$path = "$env:TEMP"
$CPath = Get-Location
$Date = $(Get-Date -f yyyy-MMM-dd-HHMMtt)

##Start export of M365 functions

Export-M365DSCConfiguration -ManagedIdentity -Mode Full -Workloads @("Planner") -TenantID TenantName.onmicrosoft.com -path $CPath *>&1 | out-host

"All items in current working directory."
$Files = Get-Item $CPath"\*"
$Files

##Connect to SPO site and copy file to the SPO library
$PnPConnection = Connect-PnPOnline -ManagedIdentity -Url "https://TenantName.sharepoint.com/sites/SPOSiteName"

Get-ChildItem $CPath | ForEach-Object {

$FName = $_.FullName
$FName
Connect-PnPOnline -ManagedIdentity -Url "https://TeanantName.sharepoint.com/sites/SPOSiteName"

$SPAddFile = (Add-PnPFile -Folder "Documents/Planner Config/$Date" -Path $FName -Checkout | out-null)
}

Verbose logs showing the problem

Failed
Unable to connect to the remote server (Unable to connect to the remote server (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond XXX.XX.XX.XXX:80)

Exporting function 'Test-M365DSCAgent'.
Exporting function 'Set-M365DSCAgentCertificateConfiguration'.
Exporting function 'Update-M365DSCResourceDocumentationPage'.
Exporting function 'Save-M365DSCPartialExport'.
Exporting function 'New-M365DSCLogEntry'.
Exporting function 'Add-M365DSCEvent'.
Exporting function 'Export-M365DSCDiagnosticData'.
Exporting function 'New-M365DSCNotificationEndPointRegistration'.
Exporting function 'Remove-M365DSCNotificationEndPointRegistration'.
Exporting function 'Get-M365DSCNotificationEndPointRegistration'.
Exporting function 'Assert-M365DSCIsNonInteractiveShell'.
Exporting function 'Set-M365DSCLoggingOption'.
Exporting function 'Get-M365DSCLoggingOption'.
Exporting function 'Get-M365DSCCompiledPermissionList'.
Exporting function 'Update-M365DSCAllowedGraphScopes'.
Exporting function 'Update-M365DSCResourcesSettingsJSON'.
Exporting function 'Update-M365DSCExchangeResourcesSettingsJSON'.
Exporting function 'Update-M365DSCSharePointResourcesSettingsJSON'.
Exporting function 'Update-M365DSCAzureAdApplication'.
Exporting function 'New-M365DSCReportFromConfiguration'.
Exporting function 'Compare-M365DSCConfigurations'.
Exporting function 'New-M365DSCDeltaReport'.
Exporting function 'Start-M365DSCConfigurationExtract'.
Exporting function 'New-M365DSCStubFiles'.
Exporting function 'Add-M365DSCTelemetryEvent'.
Exporting function 'Set-M365DSCTelemetryOption'.
Exporting function 'Get-M365DSCTelemetryOption'.
Exporting function 'Format-M365DSCTelemetryParameters'.
Exporting function 'Get-TeamByName'.
Exporting function 'Convert-M365DscHashtableToString'.
Exporting function 'New-EXOSafeAttachmentRule'.
Exporting function 'New-EXOSafeLinksRule'.
Exporting function 'Confirm-ImportedCmdletIsAvailable'.
Exporting function 'Set-EXOSafeAttachmentRule'.
Exporting function 'Set-EXOSafeLinksRule'.
Exporting function 'Test-M365DSCParameterState'.
Exporting function 'Export-M365DSCConfiguration'.
Exporting function 'Confirm-M365DSCDependencies'.
Exporting function 'Import-M365DSCDependencies'.
Exporting function 'Get-M365DSCTenantDomain'.
Exporting function 'Get-M365DSCOrganization'.
Exporting function 'New-M365DSCConnection'.
Exporting function 'Get-SPOAdministrationUrl'.
Exporting function 'Get-M365TenantName'.
Exporting function 'Split-ArrayByParts'.
Exporting function 'Invoke-M365DSCCommand'.
Exporting function 'Get-SPOUserProfilePropertyInstance'.
Exporting function 'Install-M365DSCDevBranch'.
Exporting function 'Get-AllSPOPackages'.
Exporting function 'Remove-NullEntriesFromHashtable'.
Exporting function 'Assert-M365DSCBlueprint'.
Exporting function 'Test-M365DSCDependenciesForNewVersions'.
Exporting function 'Update-M365DSCDependencies'.
Exporting function 'Uninstall-M365DSCOutdatedDependencies'.
Exporting function 'Remove-EmptyValue'.
Exporting function 'Update-M365DSCExportAuthenticationResults'.
Exporting function 'Get-M365DSCExportContentForResource'.
Exporting function 'Get-M365DSCComponentsForAuthenticationType'.
Exporting function 'Get-M365DSCComponentsWithMostSecureAuthenticationType'.
Exporting function 'Get-M365DSCAllResources'.
Exporting function 'Get-M365DSCWorkloadsListFromResourceNames'.
Exporting function 'Get-M365DSCAuthenticationMode'.
Exporting function 'New-M365DSCCmdletDocumentation'.
Exporting function 'New-M365DSCMissingResourcesExample'.
Exporting function 'Test-M365DSCModuleValidity'.
Exporting function 'Update-M365DSCModule'.
Exporting function 'Write-M365DSCLogEvent'.
Exporting function 'Remove-M365DSCAuthenticationParameter'.
Exporting function 'Get-M365DSCConfigurationConflict'.
Exporting function 'Format-M365DSCString'.
Preparing modules for first use.
Importing cmdlet 'Get-ModuleCmdlet'.
Importing cmdlet 'Get-ScriptCmdlet'.
Importing cmdlet 'Connect-MgGraph'.
Importing cmdlet 'Disconnect-MgGraph'.
Importing cmdlet 'Add-MgEnvironment'.
Importing cmdlet 'Get-MgEnvironment'.
Importing cmdlet 'Remove-MgEnvironment'.
Importing cmdlet 'Set-MgEnvironment'.
Importing cmdlet 'Get-MgContext'.
Importing cmdlet 'Get-MgGraphOption'.
Importing cmdlet 'Invoke-MgGraphRequest'.
Importing cmdlet 'Set-MgGraphOption'.
Importing cmdlet 'Get-MgRequestContext'.
Importing cmdlet 'Set-MgRequestContext'.
Importing alias 'Connect-Graph'.
Importing alias 'Disconnect-Graph'.
Importing alias 'Invoke-GraphRequest'.
Importing alias 'Invoke-MgRestMethod'.
Exporting function 'Find-MgGraphCommand'.
Exporting function 'Find-MgGraphPermission'.
Exporting cmdlet 'Connect-MgGraph'.
Exporting cmdlet 'Disconnect-MgGraph'.
Exporting cmdlet 'Add-MgEnvironment'.
Exporting cmdlet 'Get-MgEnvironment'.
Exporting cmdlet 'Remove-MgEnvironment'.
Exporting cmdlet 'Set-MgEnvironment'.
Exporting cmdlet 'Get-MgContext'.
Exporting cmdlet 'Get-MgGraphOption'.
Exporting cmdlet 'Invoke-MgGraphRequest'.
Exporting cmdlet 'Set-MgGraphOption'.
Exporting cmdlet 'Get-MgRequestContext'.
Exporting cmdlet 'Set-MgRequestContext'.
Exporting alias 'Connect-Graph'.
Exporting alias 'Disconnect-Graph'.
Exporting alias 'Invoke-GraphRequest'.
Exporting alias 'Invoke-MgRestMethod'.
No existing connections to Microsoft Graph
Loading module from path 'C:\usr\src\PSModules\PackageManagement\PackageManagement.psm1'.
Loading module from path 'C:\usr\src\PSModules\PackageManagement\PackageManagement.psd1'.
Loading 'FormatsToProcess' from path 'C:\usr\src\PSModules\PackageManagement\PackageManagement.format.ps1xml'.
Loading module from path 'C:\usr\src\PSModules\PackageManagement\PackageManagement.psm1'.
Loading module from path 'C:\usr\src\PSModules\PackageManagement\fullclr\Microsoft.PackageManagement.dll'.
Loading module from path 'C:\usr\src\PSModules\PackageManagement\fullclr\Microsoft.PowerShell.PackageManagement.dll'.
Importing cmdlet 'Find-Package'.
Importing cmdlet 'Find-PackageProvider'.
Importing cmdlet 'Get-Package'.
Importing cmdlet 'Get-PackageProvider'.
Importing cmdlet 'Get-PackageSource'.
Importing cmdlet 'Import-PackageProvider'.
Importing cmdlet 'Install-Package'.
Importing cmdlet 'Install-PackageProvider'.
Importing cmdlet 'Register-PackageSource'.
Importing cmdlet 'Save-Package'.
Importing cmdlet 'Set-PackageSource'.
Importing cmdlet 'Uninstall-Package'.
Importing cmdlet 'Unregister-PackageSource'.
Exporting cmdlet 'Find-Package'.
Exporting cmdlet 'Find-PackageProvider'.
Exporting cmdlet 'Get-Package'.
Exporting cmdlet 'Get-PackageProvider'.
Exporting cmdlet 'Get-PackageSource'.
Exporting cmdlet 'Import-PackageProvider'.
Exporting cmdlet 'Install-Package'.
Exporting cmdlet 'Install-PackageProvider'.
Exporting cmdlet 'Register-PackageSource'.
Exporting cmdlet 'Save-Package'.
Exporting cmdlet 'Set-PackageSource'.
Exporting cmdlet 'Uninstall-Package'.
Exporting cmdlet 'Unregister-PackageSource'.
Importing cmdlet 'Find-Package'.
Importing cmdlet 'Find-PackageProvider'.
Importing cmdlet 'Get-Package'.
Importing cmdlet 'Get-PackageProvider'.
Importing cmdlet 'Get-PackageSource'.
Importing cmdlet 'Import-PackageProvider'.
Importing cmdlet 'Install-Package'.
Importing cmdlet 'Install-PackageProvider'.
Importing cmdlet 'Register-PackageSource'.
Importing cmdlet 'Save-Package'.
Importing cmdlet 'Set-PackageSource'.
Importing cmdlet 'Uninstall-Package'.
Importing cmdlet 'Unregister-PackageSource'.
Exporting function 'Publish-Module'.
Exporting function 'Find-Module'.
Exporting function 'Save-Module'.
Exporting function 'Install-Module'.
Exporting function 'Update-Module'.
Exporting function 'Uninstall-Module'.
Exporting function 'Get-InstalledModule'.
Exporting function 'Find-DscResource'.
Exporting function 'Find-Command'.
Exporting function 'Find-RoleCapability'.
Exporting function 'Publish-Script'.
Exporting function 'Find-Script'.
Exporting function 'Save-Script'.
Exporting function 'Install-Script'.
Exporting function 'Update-Script'.
Exporting function 'Uninstall-Script'.
Exporting function 'Get-InstalledScript'.
Exporting function 'Register-PSRepository'.
Exporting function 'Set-PSRepository'.
Exporting function 'Unregister-PSRepository'.
Exporting function 'Get-PSRepository'.
Exporting function 'Test-ScriptFileInfo'.
Exporting function 'New-ScriptFileInfo'.
Exporting function 'Update-ScriptFileInfo'.
Exporting function 'Get-PackageProviderName'.
Exporting function 'Get-Feature'.
Exporting function 'Initialize-Provider'.
Exporting function 'Get-DynamicOptions'.
Exporting function 'Add-PackageSource'.
Exporting function 'Resolve-PackageSource'.
Exporting function 'Remove-PackageSource'.
Exporting function 'Find-Package'.
Exporting function 'Download-Package'.
Exporting function 'Install-Package'.
Exporting function 'Uninstall-Package'.
Exporting function 'Get-InstalledPackage'.
Exporting function 'Update-ModuleManifest'.
Exporting alias 'fimo'.
Exporting alias 'inmo'.
Exporting alias 'upmo'.
Exporting alias 'pumo'.
Acquiring providers for assembly: C:\usr\src\PSModules\PackageManagement\fullcl
r\Microsoft.PackageManagement.MsuProvider.dll
Acquiring providers for assembly: C:\usr\src\PSModules\PackageManagement\fullcl
r\Microsoft.PackageManagement.MetaProvider.PowerShell.dll
Acquiring providers for assembly: C:\usr\src\PSModules\PackageManagement\fullcl
r\Microsoft.PackageManagement.ArchiverProviders.dll
Acquiring providers for assembly: C:\usr\src\PSModules\PackageManagement\fullcl
r\Microsoft.PackageManagement.CoreProviders.dll
Acquiring providers for assembly: C:\usr\src\PSModules\PackageManagement\fullcl
r\Microsoft.PackageManagement.MsiProvider.dll
Acquiring providers for assembly: C:\usr\src\PSModules\PackageManagement\fullcl
r\Microsoft.PackageManagement.NuGetProvider.dll
Suppressed Verbose Repository details, Name = 'PSGallery', Location = 
'https://www.powershellgallery.com/api/v2'; IsTrusted = 'False'; IsRegistered 
= 'True'.
Repository details, Name = 'PSGallery', Location = 
'https://www.powershellgallery.com/api/v2'; IsTrusted = 'False'; IsRegistered 
= 'True'.
Using the provider 'PowerShellGet' for searching packages.
Using the specified source names : 'PSGallery'.
Getting the provider object for the PackageManagement Provider 'NuGet'.
The specified Location is 'https://www.powershellgallery.com/api/v2' and 
PackageManagementProvider is 'NuGet'.
Searching repository 'https://www.powershellgallery.com/api/v2/FindPackagesById
()?id='Microsoft365DSC'' for ''.
Total package yield:'1' for the specified package 'Microsoft365DSC'.
Loading module from path 'C:\usr\src\PSModules\Microsoft365DSC\DSCResources\MSF
T_PlannerBucket\MSFT_PlannerBucket.psm1'.
Exporting function 'Get-TargetResource'.
Exporting function 'Set-TargetResource'.
Exporting function 'Test-TargetResource'.
Exporting function 'Export-TargetResource'.
Importing function 'Export-TargetResource'.
Importing function 'Get-TargetResource'.
Importing function 'Set-TargetResource'.
Importing function 'Test-TargetResource'.
Loading module from path 'C:\usr\src\PSModules\Microsoft365DSC\DSCResources\MSF
T_PlannerPlan\MSFT_PlannerPlan.psm1'.
Exporting function 'Get-TargetResource'.
Exporting function 'Set-TargetResource'.
Exporting function 'Test-TargetResource'.
Exporting function 'Export-TargetResource'.
Importing function 'Export-TargetResource'.
Importing function 'Get-TargetResource'.
Importing function 'Set-TargetResource'.
Importing function 'Test-TargetResource'.
Loading module from path 'C:\usr\src\PSModules\Microsoft365DSC\DSCResources\MSF
T_PlannerTask\MSFT_PlannerTask.psm1'.
Exporting function 'Get-TargetResource'.
Exporting function 'Set-TargetResource'.
Exporting function 'Test-TargetResource'.
Exporting function 'Export-TargetResource'.
Importing function 'Export-TargetResource'.
Importing function 'Get-TargetResource'.
Importing function 'Set-TargetResource'.
Importing function 'Test-TargetResource'.
Set environment to @{token_endpoint=https://login.microsoftonline.com/df390aee-
476d-4fa8-a14d-fe72c21624ce/oauth2/v2.0/token; 
token_endpoint_auth_methods_supported=System.Object[]; jwks_uri=https://login.m
icrosoftonline.com/df390aee-476d-4fa8-a14d-fe72c21624ce/discovery/v2.0/keys; 
response_modes_supported=System.Object[]; 
subject_types_supported=System.Object[]; 
id_token_signing_alg_values_supported=System.Object[]; 
response_types_supported=System.Object[]; scopes_supported=System.Object[]; iss
uer=https://login.microsoftonline.com/df390aee-476d-4fa8-a14d-fe72c21624ce/v2.0
; request_uri_parameter_supported=False; 
userinfo_endpoint=https://graph.microsoft.com/oidc/userinfo; authorization_endp
oint=https://login.microsoftonline.com/df390aee-476d-4fa8-a14d-fe72c21624ce/oau
th2/v2.0/authorize; device_authorization_endpoint=https://login.microsoftonline
.com/df390aee-476d-4fa8-a14d-fe72c21624ce/oauth2/v2.0/devicecode; 
http_logout_supported=True; frontchannel_logout_supported=True; end_session_end
point=https://login.microsoftonline.com/df390aee-476d-4fa8-a14d-fe72c21624ce/oa
uth2/v2.0/logout; claims_supported=System.Object[]; kerberos_endpoint=https://l
ogin.microsoftonline.com/df390aee-476d-4fa8-a14d-fe72c21624ce/kerberos; 
tenant_region_scope=NA; cloud_instance_name=microsoftonline.com; 
cloud_graph_host_name=graph.windows.net; msgraph_host=graph.microsoft.com; 
rbac_url=https://pas.windows.net}.tenant_region_sub_scope

Environment Information + PowerShell Version

No response

[sdfarquhar]

I have been doing some additional digging and decided to try and run the test connection commands int he MSCloudLoginAssitant module since this is what is called on from the MS365 DSC modules to make the initial connection.

I tried both commands below for workloads MS Graph and EXO using my Azure Automation managed identity and got connection failures. (I used both the current 1.0.121 version as well as the 1.0.120 version of MSCloudLoginAssistant)

Test-MSCloudLogin -Identity -Platform MicrosoftGraph -TenantID mytenant.onmicrosoft.com -Verbose Test-MSCloudLogin -Identity -Platform ExchangeOnline -TenantID mytenant.onmicrosoft.com -Verbose

Since the 1.0.121 version was working for me last week I am starting to suspect that something may have changed in the way Microsoft is handling managed identities within Azure Automation. Is there a way for someone to verify this or is there additional troubleshooting I can do to get to a root cause?

[andikrueger]

Could you try this example within your runbook:

https://learn.microsoft.com/de-de/azure/automation/enable-managed-identity-for-automation#get-access-token-for-system-assigned-managed-identity-using-http-get

[sdfarquhar]

Thanks for the link. I'm not sure what part I'm supposed to look at but I ran this set of commands and got the output below.

Ensures you do not inherit an AzContext in your runbook

Disable-AzContextAutosave -Scope Process

Connect to Azure with system-assigned managed identity

$AzureContext = (Connect-AzAccount -Identity).context $AzureContext

Set and store context

$AzureContext = Set-AzContext -SubscriptionName $AzureContext.Subscription -DefaultProfile $AzureContext $AzureContext

---

Mode : Process ContextDirectory : ContextFile : CacheDirectory : CacheFile : KeyStoreFile : Settings : {}

Name : Account : MSI@50342 Environment : AzureCloud Subscription : HIDDEN FOR DATA CONCERNS Tenant : HIDDEN FOR DATA CONCERNS TokenCache : VersionProfile : ExtendedProperties : {} Name : Default Account : MSI@50342 Environment : AzureCloud Subscription : HIDDEN FOR DATA CONCERNS Tenant : HIDDEN FOR DATA CONCERNS TokenCache : VersionProfile : ExtendedProperties : {}

---

I also ran the commands referenced in the article to get the access token via HTTP Get and it provided my token:

$resource= "?resource=https://management.azure.com/" $url = $env:IDENTITY_ENDPOINT + $resource $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("X-IDENTITY-HEADER", $env:IDENTITY_HEADER) $Headers.Add("Metadata", "True") $accessToken = Invoke-RestMethod -Uri $url -Method 'GET' -Headers $Headers Write-Output $accessToken.access_token

---

[sdfarquhar]

Ok I did some more testing with the Test-MSCloudlogin command and even tried creating a new Az Automation account to see if something was corrupted in the managed identify. I found that it appears the command fails when I try to use the ExchangeOnline platform but works with AzureAD. Something must have changed recently with the way these workloads allow connections from system managed identities?

[sdfarquhar]

Could you try this example within your runbook:

https://learn.microsoft.com/de-de/azure/automation/enable-managed-identity-for-automation#get-access-token-for-system-assigned-managed-identity-using-http-get

Hello, I was wondering if there was any new information based on what I had tested? I also tested running the "Test-MSCloudlogin" commands in a 7.2 version of PowerShell with the same connection timeout for workloads other than AzureAD. Is it possible MS made a recent change to Azure Automation that is preventing connections using a system managed identity?

UPDATE: I think this might be related to the 2.9 version of the Microsoft.Graph commands. There is a current known bug (https://github.com/microsoftgraph/msgraph-sdk-powershell/issues/2424) that is preventing people from connecting. I tried running connect-mggraph -Identity with the 2.9 version and got a similar connection failure as others. I then downgraded the Microsoft.Graph.Authentication cmdlet to 2.8 and was able to run the connect-mggraph command successfully. I then retried the test-mscloudlogin command however it still times out. I suspect that the the test-mscloudlogin probably is dependent on several of the Microsoft.Graph.* cmdlets.

[sdfarquhar]

See the error below I got running the export command using debug. Its indicating that it can't write to the event log and is failing to get a user response (I am running this in Azure Automation using a system managed identity so there is no ability to provide a user response). This was working 3 weeks ago and then suddenly stopped work with these connection errors. Updating versions of Microsoft365DSC, MS Graph, etc. have not fixed this. Could MS have changed the way the Azure Automation managed identities are working?

*Command I ran: Export-M365DSCConfiguration -ManagedIdentity -Mode Full -Components @("EXOTransportRule") -TenantID mytenant.onmicrosoft.com -path $Cpath >&1 -Verbose -Debug**

PowerShell meta provider initialization failed. Exception calling "SourceExists" with "1" argument(s): "The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security, State." Could not write to event log Source {M365DSCReverse::Test-M365DSCModuleValidity} EntryType {Information} Message {Exception calling "ShouldContinue" with "2" argument(s): "A command that prompts the user failed because the host program or the command type does not support user interaction. The host was attempting to request confirmation with the following message: PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or 'C:\Users\ContainerUser\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and import the NuGet provider now?"} { Exception calling "SourceExists" with "1" argument(s): "The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security, State." } \ at Add-M365DSCEvent, C:\usr\src\PSModules\Microsoft365DSC\modules\M365DSCLogEngine.psm1: line 194 \ at Start-M365DSCConfigurationExtract, C:\usr\src\PSModules\Microsoft365DSC\modules\M365DSCReverse.psm1: line 102 \ at Export-M365DSCConfiguration, C:\usr\src\PSModules\Microsoft365DSC\modules\M365DSCUtil.psm1: line 1320 \ at , : line 31 Exception calling "SourceExists" with "1" argument(s): "The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security, State." Could not write to event log Source {[M365DSCLogEngine]} EntryType {Error} Message {Could not write to event log Source {M365DSCReverse::Test-M365DSCModuleValidity} EntryType {Information} Message {Exception calling "ShouldContinue" with "2" argument(s): "A command that prompts the user failed because the host program or the command type does not support user interaction. The host was attempting to request confirmation with the following message: PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or 'C:\Users\ContainerUser\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and import the NuGet provider now?"}

{ Exception calling "SourceExists" with "1" argument(s): "The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security, State." } \ at Add-M365DSCEvent, C:\usr\src\PSModules\Microsoft365DSC\modules\M365DSCLogEngine.psm1: line 194 \ at Start-M365DSCConfigurationExtract, C:\usr\src\PSModules\Microsoft365DSC\modules\M365DSCReverse.psm1: line 102 \ at Export-M365DSCConfiguration, C:\usr\src\PSModules\Microsoft365DSC\modules\M365DSCUtil.psm1: line 1320 \ at , : line 31} Error Log created at {file://C:/app/1100-M365DSC-ErrorLog.log}

[sdfarquhar]

So I was able to get past this issue by first doing a normal connect to Exchange online before running the extract.

First make a PowerShell connection to EXO using the Azure Automation Managed Identity

Connect-ExchangeOnline -ManagedIdentity -Organization mytenant.onmicrosoft.com

Run the M365 DSC extract

Export-M365DSCConfiguration -ManagedIdentity -Mode Full -Workloads @("EXO") -TenantID mytenant.onmicrosoft.com -path $path *>&1 | out-null

I believe the issues is linked to the MSCloudLoginAssitant 1.1.0, specifically the function, Connect-M365Tenant and one of the ElseIf statements, see code snippet from there below. I believe what is happening is since I already am connected to the EXO workload its bypassing some part of this section that is causing the timeout.

if ($null -eq $Global:MSCloudLoginConnectionProfile) { $Global:MSCloudLoginConnectionProfile = New-Object MSCloudLoginConnectionProfile }

Only validate the parameters if we are not already connected

elseif ( $Global:MSCloudLoginConnectionProfile.$workloadInternalName.Connected `
        -and (Compare-InputParametersForChange -CurrentParamSet $PSBoundParameters))
{
    Write-Verbose -Message 'Resetting connection profile'
    $Global:MSCloudLoginConnectionProfile.$workloadInternalName.Connected = $false
}

[sdfarquhar]

Is there any update if this is going to be fixed? I can work around the SPO and EXO workloads by first running the connect- commands to connect to EXO or SPO however all other workloads do not work.