Closed reinoutD closed 1 month ago
it seems that VS Code is the problem... However i dunno how to fix it :(
We had the same issue. It seems like the wrong version of Microsoft.Identity.Client.Broker is built in the Dependencies. One quick and dirty fix (without Code change): Visual Studio Code is still not working
Confirm the same issue. The most unpleasant - I use it in Azure Automation and thus very limited in applying workarounds
just another tip, use version 2.4.0 which actually worked for us...
just another tip, use version 2.4.0 which actually worked for us...
Hi Luca, thank you for suggestion. Could you share please how can I install 2.4.0 with Powershell runtime 7.2? I tried to deploy from https://www.powershellgallery.com/ to Azure, but it installs runtime 5.1. I tried to install with New-AzAutomationModule, but it fails.
Having the same issue with versions 2.10 up to 2.15, replacing the DLL didn't help me. Had to drop down to 1.28 for things to work.
What's the status on this?
Also seeing it here.
@timayabi2020 is there any update on this please? Still present in 2.17.0
Facing the same issues til 2.18.0 (and Automation account)
Same issue. tried the latest version and 2.17
Connect-MgGraph -TenantId XXXXX -ClientSecretCredential $Credential
Connect-MgGraph: ClientSecretCredential authentication failed: Could not load type 'Microsoft.Identity.Client.BaseAbstractApplicationBuilder`1' from assembly 'Microsoft.Identity.Client, Version=4.50.0.0, Culture=neutral, PublicKeyToken=0a613f4dd989e8ae'.
Versions tried:
Same for me. Like @tylermontneyacc I can confirm it's still working fine with v1.28. I'm also pretty sure I had it working with 2.11 or some minor version before but had no intention to test that out again.
Would be nice to have this issue at least officially acknowledged and assigned to someone able to fix it. While v1.28 is doing the job for me at the moment, that version is quite old.
I can also confirm I had this issue, however, after deleting the app registration and starting over, my error changed to the following when I use the following command:
Connect-MgGraph -ClientId "###" -TenantId "###" -CertificateThumbprint "###" -NoWelcome
Error: Connect-MgGraph: ClientCertificateCredential authentication failed: Keyset does not exist
Not sure what I did different, but anyway, I'm running 2.19.0 which is the latest version at the time of writing. In the end though, this worked for me...switching to running PowerShell in Administrator mode. I installed the modules so they could be run by all users, but for whatever reason (I'm new to all this and PowerShell in general) it works when PowerShell is running as Administrator, but fails like above when it's just a normal session as the current user. I'm using PowerShell 7, latest version 7.4.2.
Fine for me and for now, but I think there are underlying issues still - clearly as other have the same/similar experience.
That message is because your standard user doesn’t have access to the private key of your certificate.
In certificate management (certlm.msc), you can right-click > manage > all tasks > manage private keys to bring up the ACL.
Ah thank you @david-wedrat-deswik
If I wanted another user to run the script then, would I have to send them the certificate file? I thought that it would have just checked in Azure for the details provided.
I know with PnP.PowerShell you can use a PFX file to authenticate which can be used by any user, but not sure if you can specify a PFX file for use with Connect-MgGraph. If you can that would be great, but like I said, I'm pretty new to all this stuff so just finding my way around. Really appreciate your time.
@GJPAdmin If the user is on the same machine, you'll just need to ensure they're also on the private key ACL.
If they're on a different machine, you'll have to send them the PFX or have them generate their own certificate and add it to the App Registration (you aren't limited to one certificate credential).
To those of you looking at this thread. I found that if you disable the PSScriptAnalyzerSettings.psd1 from the PowerShell 2024.2.2 extension, then connections will not complain about this issue. I do not have time to go into detail as I have wasted too many hours already. Just give it a try and let others know if that fixes the issue for you.
@reinoutD the Microsoft.Identity.Client.Broker
dependency was updated via its root dependency Azure.Identity.Broker
in https://github.com/microsoftgraph/msgraph-sdk-powershell/releases/tag/2.18.0.
For anyone who has updated to the latest SDK, kindly let us know if you are still experiencing the same issue.
This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.
Thanks for reporting the bug. Please ensure you've gone through the following checklist before opening an issue:
Describe the bug ogin with a client certificate fails with the next error: ClientCertificateCredential authentication failed: Could not load type 'Microsoft.Identity.Client.BaseAbstractApplicationBuilder`1' from assembly 'Microsoft.Identity.Client, Version=4.50.0.0, Culture=neutral, | PublicKeyToken=0a613f4dd989xxxx'.
To Reproduce Steps to reproduce the behavior:
$TenantID = eafdf069-4dae-424c-abcd-b49f49f7abcd
$ClientID = b68ae1d0-10ae-4248-abcd-54f3f217abcd
$CertThumbPrint = DC126F33F3FA9B3DE7702F9FD5D1111111111111
$TenantName = 'MyTenant'
Connect-MgGraph -TenantId $TenantId -ClientId $clientId -CertificateThumbprint $CertThumbPrint -NoWelcome
Expected behavior Log in to the environment of Mycystomer with the clientcertificate
Debug Output ClientCertificateCredential.GetToken invoked. Scopes: [ https://graph.microsoft.com/.default ] ParentRequestId: ClientCertificateCredential.GetToken was unable to retrieve an access token. Scopes: [ https://graph.microsoft.com/.default ] ParentRequestId: Exception: Azure.Identity.AuthenticationFailedException (0x80131500): ClientCertificateCredential authentication failed: Could not load type 'Microsoft.Identity.Client.BaseAbstractApplicationBuilder
1' from assembly 'Microsoft.Identity.Client, Version=4.50.0.0, Culture=neutral, PublicKeyToken=0a613f4dd989xxxx'. ---> System.TypeLoadException (0x80131522): Could not load type 'Microsoft.Identity.Client.BaseAbstractApplicationBuilder
1' from assembly 'Microsoft.Identity.Client, Version=4.50.0.0, Culture=neutral, PublicKeyToken=0a613f4dd989xxxx'. Connect-MgGraph: ClientCertificateCredential authentication failed: Could not load type 'Microsoft.Identity.Client.BaseAbstractApplicationBuilder`1' from assembly 'Microsoft.Identity.Client, Version=4.50.0.0, Culture=neutral, PublicKeyToken=0a613f4dd989xxxx'.Module Version
Environment Data Name Value
PSVersion 7.4.0 PSEdition Core GitCommitId 7.4.0 OS Microsoft Windows 10.0.20348 Platform Win32NT PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…} PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1 WSManStackVersion 3.0