EXO Connectivity broken with release 1.24.522.1

[YenNantes]

Description of the issue

Assert-M365DSCBlueprint cannot connect anymore to Exchange online when using cert auth (see verbose logs section). It was working fine with the previous version (I tried it just before upgrading).

Microsoft 365 DSC Version

1.24.522.1

Which workloads are affected

Exchange Online

The DSC configuration

Assert-M365DSCBlueprint -BluePrintUrl .\M365Baseline-iteurofinseu.m365 -OutputReportPath .\reports\M365DSCReport-iteurofinseu-$date.json -ApplicationId $ApplicationId -CertificateThumbprint $CertificateThumbprint -TenantId $TenantDomain -ExcludedProperties ID -Type json

Verbose logs showing the problem

Selected BluePrint contains (51) components to assess.
Initiating the Export of those (51) components from the tenant...
Exporting Microsoft 365 configuration for Components: AADAuthenticationContextClassReference, AADAuthorizationPolicy, AADConditionalAccessPolicy, AADCrossTenantAccessPolicyConfigurationDefault, AADExternalIdentityPolicy, AADGroupLifecyclePolicy, AADGroupsNamingPolicy, AADGroupsSettings, AADSecurityDefaults, EXOAntiPhishPolicy, EXODkimSigningConfig, EXOHostedContentFilterPolicy, EXOMalwareFilterPolicy, EXOManagementRole, EXOOrganizationConfig, EXOQuarantinePolicy, EXOSafeAttachmentPolicy, EXOSafeAttachmentRule, EXOSafeLinksPolicy, EXOSafeLinksRule, EXOTransportConfig, O365AdminAuditLogConfig, O365OrgCustomizationSetting, O365OrgSettings, ODSettings, SCLabelPolicy, SCSensitivityLabel, TeamsAppPermissionPolicy, TeamsChannelsPolicy, TeamsClientConfiguration, TeamsFederationConfiguration, TeamsGuestMeetingConfiguration, TeamsGuestMessagingConfiguration, TeamsMeetingPolicy, TeamsMessagingPolicy, IntuneAppProtectionPolicyAndroid, IntuneAppProtectionPolicyiOS, IntuneDeviceCompliancePolicyAndroidWorkProfile, IntuneDeviceCompliancePolicyiOs, IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10, IntuneDeviceConfigurationCustomPolicyWindows10, IntuneDeviceConfigurationEndpointProtectionPolicyWindows10, IntuneDeviceConfigurationIdentityProtectionPolicyWindows10, IntuneDeviceConfigurationPolicyAndroidWorkProfile, IntuneDeviceConfigurationPolicyiOS, IntuneDeviceConfigurationPolicyWindows10, IntuneDeviceEnrollmentPlatformRestriction, IntuneSettingCatalogCustomPolicyWindows10, IntuneWindowsAutopilotDeploymentProfileAzureADJoined, IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10, IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10

Authentication methods specified:
- Service Principal with Certificate Thumbprint

Connecting to {ExchangeOnline}...❌
Partial Export file was saved at: C:\Users\T2ADM_~3\AppData\Local\Temp\f1c6b1cb-aa7b-40f0-8c92-834dcf610af4.partial.ps1
IDX12729: Unable to decode the header '[PII of type 'System.String' is hidden. For more details, see
https://aka.ms/IdentityModel/PII.]' as Base64Url encoded string.
At C:\Program
Files\WindowsPowerShell\Modules\ExchangeOnlineManagement\3.5.0\netFramework\ExchangeOnlineManagement.psm1:762 char:21
+                     throw $_.Exception.InnerException;
+                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [], ArgumentException
    + FullyQualifiedErrorId : IDX12729: Unable to decode the header '[PII of type 'System.String' is hidden. For more
   details, see https://aka.ms/IdentityModel/PII.]' as Base64Url encoded string.

Environment Information + PowerShell Version

No response

[Tom-DB]

I'm facing the same issue.

[hvdbrink]

I'm having the same issue with with both Exchange and Security&Compliance.

[ChristianGlockner]

Yes, same issue with Exchange and Security&Compliance.

[NikCharlebois]

The exchange team is investigating. This is only happening when you first connect to Microsoft Graph and then attempt to connect to Exchange. We will circle back.