search

pnp / PnP-Sites-Core

Microsoft 365 Dev PnP Core component (.NET) targeted for increasing developer productivity with CSOM based solutions.
Other
415 stars 644 forks source link

[BUG] Apply-PnPTenantTemplate causing AADSTS65001 Error, previous fix no longer working #2744

Open acksoft opened 4 years ago

acksoft commented 4 years ago

Which PnP repository should you use to report the issue?

My code is in powershell, but this is a core issue, I think,

Environment

[x ] Office 365 / SharePoint Online

Expected or Desired Behavior

I ran into this error on 8/21/20. The response I received when trying to execute Apply-PnPTenantTemplate looked like this: Previous-ADError

When I followed the instructions to run the underlined connection command, it first gave me a code to enter, which I did, then it asked me for my credentials. After entering these, I received this dialog box which allowed me to grant the necessary permissions for the Apply of my template when my scripts authenticate using just the URL and my stored credentials in the Windows Credential Manager: Previous-Response

After this, everything went back to working as expected. My current expectation was that when I tried to run my script on a new tenant I would use the same process.

Observed Behavior

On the new tenant, The error message has changed and the process does not result in the above dialog box. The new error looks like this, with no advice on how to fix it: Current-ADError

When I attempt to use the fix suggested by the previous error message above (Connect-PnPOnline -Graph -LaunchBrowser) , I get the dialog for the special code, and then I get asked to log in, but after providing my credentials, the "Permissions Requested" dialog box does not appear. My PowerShell window is frozen, and will not respond, even to Ctrl-C. A full reboot and retry yielded the same result.

Steps to Reproduce

In an environment where these permissions have not yet been granted...

  1. Connect to SharePoint online site with the URL and normal Credential Manager stored identity
  2. Create a new PnP Tenant Template in memory ($t)
  3. Read in the Site Provisioning Templates and add them to the Tenant Template .Templates collection
  4. Add a Sequence to the Tenant Template
  5. Add the PnPTenantSequence*Sites to the Tenant Template .Sequences collection
  6. Apply-PnPTenantTemplate -Template $t

I am on the latest version of the PowerShell module (3.24.2008.1). Perhaps @erwinvanhunen or @PaoloPia might have some idea of what is now needed to make this work? Any help will be greatly appreciated as this seems like it will be an issue with any customer of mine who wants to be able to use my scripts. Thanks in advance.

ghost commented 4 years ago

Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.