search

pnp / PnP-PowerShell

SharePoint PnP PowerShell CmdLets
https://pnp.github.io/powershell
Other
990 stars 663 forks source link

Connect-PnPOnline Error with Some DNS Servers #2813

Open sympmarc opened 4 years ago

sympmarc commented 4 years ago

Reporting an Issue or Missing Feature

My ISP is Cox, and they have one of those annoying custom error pages when there is a DNS error. When I use Connect-PnPOnline with -Credentials, I get a DTD error because of the custom error page. I blogged about this here. The error is thrown because the cmdlet tries to open msoid.tenantname.com.

The error looks something like this:

Connect-PnPOnline : For security reasons DTD is prohibited in this XML document. To enable   
 DTD processing set the DtdProcessing property on XmlReaderSettings to Parse and pass the     
 settings into XmlReader.Create method.
 At line:3 char:1
 Connect-PnPOnline -Url $adminSiteUrl -Credential sympmarc
 <del>~~~~~~~~~~~</del>~~ CategoryInfo          : NotSpecified: (:) [Connect-PnPOnline], XmlException
 FullyQualifiedErrorId : System.Xml.XmlException,SharePointPnP.PowerShell.Commands.Bas  
 e.ConnectOnline

Because of this, I've been using -UseWebLogin. This causes other issues, but it generally gets the job done. Today I switched my DNS provider to Cloudflare which lets me use -Credentials again, so I'm happy.

The question is whether Connect-PnPOnline should be trying to hit the msoid.tenantname.com at all. At least one Microsoft article says msoid is obsolete and shouldn't be used. It's a "bug" in the sense that a crappy DNS provider can block connections. I'm not sure if there's an answer here, but it seemed worth reporting.

Which version of the PnP-PowerShell Cmdlets are you using?

What is the version of the Cmdlet module you are running?

3.23.2007.1

How did you install the PnP-PowerShell Cmdlets?

@ToddKlindt @erwinvanhunen

ToddKlindt commented 4 years ago

If we can't change the behavior of Connect-PnPOnline querying for msoid... can we trap the error better and give the user feedback that it's a DNS error? It probably took Marc and I an hour to get to the bottom of this the first time he encountered it. I would imagine casual users of the PnP don't have the patience to spend that much time troubleshooting.