search

microsoftgraph / powershell-intune-samples

This repository of PowerShell sample scripts show how to access Intune service resources. They demonstrate this by making HTTPS RESTful API requests to the Microsoft Graph API from PowerShell.
MIT License
1.33k stars 653 forks source link

SettingsCatalog/SettingsCatalog_Export.ps1 fails with "Could not load file ... Microsoft.IdentityModel.Clients.ActiveDirectory.dll" error #263

Closed ElizabethGreene closed 4 months ago

ElizabethGreene commented 6 months ago

SettingsCatalog/SettingsCatalog_Export.ps1 on a newly built Windows 11 machine with the default AzureAD module installed fails with the following output.

PS C:\github\powershell-intune-samples\SettingsCatalog> .\SettingsCatalog_Export.ps1

Please specify your user principal name for Azure Authentication: egreene@clutteredlab2.onmicrosoft.com

Checking for AzureAD module...
Exception calling "LoadFrom" with "1" argument(s): "Could not load file or assembly 'file:///C:\Program
Files\WindowsPowerShell\Modules\AzureAD\2.0.2.182\Microsoft.IdentityModel.Clients.ActiveDirectory.dll' or one of its
dependencies. The system cannot find the file specified."
At C:\github\powershell-intune-samples\SettingsCatalog\SettingsCatalog_Export.ps1:87 char:1
+ [System.Reflection.Assembly]::LoadFrom($adal) | Out-Null
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : FileNotFoundException

Exception calling "LoadFrom" with "1" argument(s): "Could not load file or assembly 'file:///C:\Program
Files\WindowsPowerShell\Modules\AzureAD\2.0.2.182\Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll' or
one of its dependencies. The system cannot find the file specified."
At C:\github\powershell-intune-samples\SettingsCatalog\SettingsCatalog_Export.ps1:89 char:1
+ [System.Reflection.Assembly]::LoadFrom($adalforms) | Out-Null
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : FileNotFoundException

Cannot find type [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]: verify that the assembly containing this type is loaded.

The error is because the script expects these ADAL.NET libraries to be installed with the AzureAD module, but ADAL.net is deprecated and no longer included. A workaround (untested) should be to force install an older version of the AzureAD module, but a better solution would be to rewrite this script. Microsoft has guidance on that rewrite process here. Migrate confidential client applications from ADAL.NET to MSAL.NET

ElizabethGreene commented 6 months ago

I didn't realize these samples were deprecated. That explains why they don't work. See the link under "IMPORTANT" on https://github.com/microsoftgraph/powershell-intune-samples for links to the new samples that use the Graph SDK Powershell modules.

ElizabethGreene commented 6 months ago

Since the repo is read-only I'm not submitting a PR for this, but this script, renamed to .txt from .ps1, shows what it looks like to rewrite the authentication function to support either ADAL or MSAL, whichever one is installed. I have thoroughly tested the MSAL workflow, but I have no way to test the ADAL workflow. It's mostly unmodified from the original, but again untested.

SettingsCatalog_Export.ps1.txt

yannara commented 4 months ago

Depricated? I see they were updated 1 month ago... but still not working.

triplanedave commented 4 months ago

The update made last month was to remove the old ClientID out of the Auth section. If you want to continue using the scripts, you'll need to create and supply a new ClientID. See the readme.md for the repo for more details.