search

pnp / PnP-PowerShell

SharePoint PnP PowerShell CmdLets
https://pnp.github.io/powershell
Other
990 stars 663 forks source link

Non-commercial App Authentication Connect-PnPOnline #2302

Open gobigfoot opened 4 years ago

gobigfoot commented 4 years ago

Notice: many issues / bugs reported are actually related to the PnP Core Library which is used behind the scenes. Consider carefully where to report an issue:

  1. Are you using Apply-SPOProvisioningTemplate or Get-SPOProvisioningTemplate? The issue is most likely related to the Provisioning Engine. The Provisioning engine is not located in the PowerShell repo. Please report the issue here: https://github.com/officedev/PnP-Sites-Core/issues.
  2. Is the issue related to the cmdlet itself, its parameters, the syntax, or do you suspect it is the code of the cmdlet that is causing the issue? Then please continue reporting the issue in this repo.
  3. If you think that the functionality might be related to the underlying libraries that the cmdlet is calling (We realize that might be difficult to determine), please first double check the code of the cmdlet, which can be found here: https://github.com/OfficeDev/PnP-PowerShell/tree/master/Commands. If related to the cmdlet, continue reporting the issue here, otherwise report the issue at https://github.com/officedev/PnP-Sites-Core/issues

Reporting an Issue or Missing Feature

Please confirm what it is that your reporting

Expected behavior

Connects to non-commercial tenant. Region Tag is used is inConnect-SPOService to specify non-commercial login provider.

Actual behavior

These issues are unique to a non-commercial tenant. Using a personal commercial tenant with identical configuration there is no issue connecting.

Method 1 Using Url Tenant ClientId CertificatePath Appears to connect properly but throws errors when running commands. Get-PnPSite : The remote server returned an error: (401) Unauthorized.

Method 2 Using Url AppId AppSecret Connecting Via SharePoint App registration (App Reg New) Connect-PnPOnline : Invalid JSON primitive: . Fiddler Trace shows it returned an error page Sorry, but we’re having trouble signing you in. AADSTS90038: Tenant 'TenantName (GUID)' request is being redirected to the National Cloud 'microsoftonline.us'.

Steps to reproduce behavior

    # Gov Tenant App Registration -> Cert
    Write-Output "Connecting Via Azure App registration using certificate"
    Connect-PnPOnline `
        -Url "https://TenantName-admin.sharepoint.us" `
        -Tenant "TenantName.com" `
        -ClientId "GUID" `
        -CertificatePath "pathto\pnp.pfx"

    Write-Output "Getting Site"
    Get-PnPSite

    Write-Output "Disconnecting"
    Disconnect-PnPOnline

    # Gov Tenant App Registration -> Using App Reg New
    Write-Output "Connecting Via SharePoint App registration (App Reg New)"
    Connect-PnPOnline `
        -Url "https://TenantName-admin.sharepoint.us" `
        -AppId "GUID" `
        -AppSecret "AppSecret"

    Write-Output "Getting Site"
    Get-PnPSite

    Write-Output "Disconnecting"
    Disconnect-PnPOnline

Which version of the PnP-PowerShell Cmdlets are you using?

What is the version of the Cmdlet module you are running?

(you can retrieve this by executing Get-Module -Name *pnppowershell* -ListAvailable) 3.14.1910.0

How did you install the PnP-PowerShell Cmdlets?

ghost commented 4 years ago

Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.

gobigfoot commented 4 years ago

Submitted a ticket to PnP-Sites-Core because the issue also presents itself in the SharepointPnPCoreOnline NuGet library.

patrickabel commented 4 years ago

What came of this issue? I'm running into this same "Invalid JSON primitive" error trying to use Connect-PnPOnline from an Azure Government Runbook (connecting to a site collection in a GCCH tennant).

This has worked for me a few weeks ago, not sure what's causing this now.