CI/CD --> 'm365' is not recognized as an internal or external command, operable program or batch file.

[martinlingstuyl]

Hi @AkashSatoliya, I created a separate issue for this as the comment trails might overlap otherwise.

---

Hi @martinlingstuyl,

I am also getting the same error. I am trying to create CD pipeline in Azure DevOps to deploy sppkg to SharePoint. I was getting error "The system cannot find the file specified." when running task to login to Sharepoint.

When I tried to login using m365 cli on one of my VM I was getting the same error:

m365 login --authType password --userName user@contoso.com --password ***
The system cannot find the file specified.

When I ran "npm view @pnp/cli-microsoft365" to check details on m365 CLI, I got below output:

C:\Users\User>npm view @pnp/cli-microsoft365

@pnp/cli-microsoft365@5.6.0 | MIT | deps: 24 | versions: 488
Manage Microsoft 365 and SharePoint Framework projects on any platform
https://pnp.github.io/cli-microsoft365/

keywords: office 365, microsoft 365, sharepoint framework, o365, m365, spfx, sha
repoint online, sharepoint, microsoft teams, microsoft graph, microsoft flow, az
ure active directory, azure ad, azure, microsoft

bin: m365, m365_comp, microsoft365

But When I run "m365 version" I'm getting below error:

C:\Windows\system32>m365 version
'm365' is not recognized as an internal or external command,
operable program or batch file.

Nodejs path(C:\Program Files\nodejs) was already included in PATH variable.

nodejs version: V14.15.0 Operating system: Windows Shell: PowerShell

Originally posted by @AkashSatoliya in https://github.com/pnp/cli-microsoft365/issues/3565#issuecomment-1223752643

[AkashSatoliya]

Hi @martinlingstuyl

Thanks for reverting with suggestion.

• Username and passwords are correct as I logged in with same one in interactive login. I tried with m365 login --authType password --userName "someupn@contoso.com" --password "zxc098!@#$%^&*()[]{}" method as well. I tried with exact username case as well but still result is same.
• MFA is already disabled as the account I'm using is a service account.
• As updated earlier, I believe consent is already provided. After Consent I'm able to login interactively.

As you mentioned there might be more scenario's, do we need to setup something in network end?

[martinlingstuyl]

Another thought: I'm assuming you are using the UPN, and not the emailaddress in case UPN and e-mailaddress are not exactly the same?

[martinlingstuyl]

And another one: I'm assuming it's an Azure AD cloud account? Hybrid federation to AD using for example ADFS is not supported, unless pass through auth is enabled.

[AkashSatoliya]

Hi @martinlingstuyl,

The earlier account was an AD account. I'm not sure if pass through auth is enable or not and any changes would require different set of approvals. Hence I have requested new AAD account. Awaiting for new AAD account.

[martinlingstuyl]

Fantastic @AkashSatoliya, we'll wait for it.

[martinlingstuyl]

Any updates on this @AkashSatoliya?

[AkashSatoliya]

Hi @martinlingstuyl ,

Still awaiting for account. Received an updated that I'll get it in couple of days.

[AkashSatoliya]

Hi @martinlingstuyl,

Finally, I've received new account. The new account is an AAD account, MFA disabled and has admin permissions.

I tried for device login using m365 login command. It gave a code which I entered in https://microsoft.com/devicelogin. After that I tried to login using command m365 login -t password -u "someupn@contoso.com" -p "&zxc098!@#$%^*()" in both PowerShell and command prompt. This resulted in below error:

Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token 'zxc098!@#$%^*()' is not recognized as an internal or external command, operable program or batch file.

The password includes & hence I tried adding back tick before & in password like `&zxc098!@#$%^*(). But it still resulted in error

[martinlingstuyl]

Well, that's not the message we were hoping for 😂

There must be some other situation we've not covered. Let me think on this a bit.

I'm really sorry you're having such troubles with this!

[AkashSatoliya]

I was really optimistic that I would be able to log in with my new account, which satisfies all requirements. The error was the last thing I expected to encounter, yet it was the first thing I encountered.😂

Is there anything new on this?

[martinlingstuyl]

Yeah, same here. I've re-read the list of possibilities. We're concerned with the Resource Owner Password Flow here:

https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc

I think we covered all areas there. The password should not contain a trailing or starting space, but I don't suspect it's that easy?

[AkashSatoliya]

The password doesn't contain any trailing or starting space.

I again checked with admin for current permission level for new account. It is as follows:

• Full Control, Limited Access
• Read, Limited Access
• Contribute, Limited Access

[AkashSatoliya]

When I tried the password as '"&zxc098!@#$%^*()"' using single inverted comma before and after " I'm getting below error

Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token

After using single inverted comma, I'm not getting internal/external command related error.

[martinlingstuyl]

Hi @AkashSatoliya,

It doesn't matter what permissions the account has when signing in. You should be able to sign in with any Azure AD account, regardless of permissions, as long as the consent is taken care of and MFA is disabled.

When I tried the password as '"&zxc098!@#$%^*()"' using single inverted comma before and after " I'm getting below error

You would need to write it as follows: '&zxc098!@#$%^*()'. It's a verbatim PowerShell string when using single quotes. You don't need the double quotes in there.

After using single inverted comma, I'm not getting internal/external command related error.

I'm not sure what you mean with this?

[AkashSatoliya]

Hi @martinlingstuyl,

I'm not sure why string interpretation is incorrectly happening with m365 command. I tried same with Write-Host, substring, etc. and it works as usual.

PS C:\Users\User1> m365 login -t password -u "abc@domain.com" -p "&1zxc098!@#$%^()" Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token '1zxc098!@#$%^()' is not recognized as an internal or external command,operable program or batch file.

PS C:\Users\User1> Write-Host "&1zxc098!@#$%^()" &1zxc098!@#$%^()

PS C:\Users\User1>$Pass = "&1zxc098!@#$%^()" PS C:\Users\User1> Write-Host $Pass &1zxc098!@#$%^()

PS C:\Users\User1> $Pass.Substring(1,5) 1zxc0

I'm not sure what is causing it to treat the string as a command while using m365 cli. I tried in both PowerShell and cmd.exe.

[AkashSatoliya]

I tried converting password to a secure string and now I'm not getting the below error:

'1zxc098!@#$%^()' is not recognized as an internal or external command,operable program or batch file.

But still getting this error:

PS C:\Users\User1>$Pass = ConvertTo-SecureString -AsPlainText '&1zxc098!@#$%^()' -Force PS C:\Users\User1>m365 login -t password -u "abc@domain.com" -p $Pass Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token

[martinlingstuyl]

Hi @AkashSatoliya, I don't think you can use a SecureString. that is a .NET object, while the CLI for Microsoft 365 is a Node.JS app.

You should just add the password as a regular string (with single quotes or double quotes should both work the same)

[martinlingstuyl]

Hi @martinlingstuyl,

I'm not sure why string interpretation is incorrectly happening with m365 command. I tried same with Write-Host, substring, etc. and it works as usual.

I'm not sure what is causing it to treat the string as a command while using m365 cli. I tried in both PowerShell and cmd.exe.

By the way @AkashSatoliya, is this literally the error you get when running the command with abc@domain.com and the mentioned password?

I just tried it literally as well, but it just works on my end (except that it won't login because the account is nonexistent) works on both PowerShell 7.2 and 5:

[AkashSatoliya]

Hi @martinlingstuyl ,

I'm getting this error when tried with both abc@domain.com and actual service account credentials.

[martinlingstuyl]

@AkashSatoliya, can you try running the following?

m365 login -t password -u "abc@domain.com" -p '&1zxc098!@#$%^()' --debug

It should give you an extra log line on top, like this:

Executing command login with options {"options":{"authType":"password","userName":"abc@domain.com","password":"&1zxc098!@#$%^()","debug":true,"output":"json"}}

The value in password is what is received by the m365 application. On my end it reads exactly like I'm pasting above here.

[AkashSatoliya]

Hi @martinlingstuyl ,

I'm still getting the same error even with --debug option

[martinlingstuyl]

Hmm, I'm not sure why, but I think you're not using the correct quote symbols here. PowerShell seems to not see your value as a string.

[martinlingstuyl]

What is the code page in use? I think you should be able to query that using one of the following:

[System.Text.Encoding]::Default.EncodingName

chcp

[Console]::InputEncoding

[AkashSatoliya]

Hmm, I'm not sure why, but I think you're not using the correct quote symbols here. PowerShell seems to not see your value as a string.

I've tried to pass password in both Single quotes('') and Double quotes("") but still getting same error.

When tried [System.Text.Encoding]::Default.EncodingName and [Console]::InputEncoding below is the result:

[waldekmastykarz]

If I may chime in, @AkashSatoliya, could you try running:

m365 login -t password -u "abc@domain.com" -p "&1zxc098!@#$%^()" --debug

I saw you tried running it before, but like @martinlingstuyl mentioned, with the --debug flag we should get more information about what's actually being sent over the wire. Last time you tried it with single quotes you got a different error, so perhaps we should get back to double quotes and see if that gets us any closer.

[martinlingstuyl]

I do think you might need to escape (at least) the dollar sign with a backtick:

"&1zxc098!@#`$%^()"

[AkashSatoliya]

Hi @waldekmastykarz and @martinlingstuyl ,

Thank you so much for your reply.

I tried both the command in both ways, like with double quotes with --debug option and single quotes with --debug option and both double and single quotes without --debug option. In all the cases result remains same:

PS C:\Users> m365 login -t password -u "abc@domain.com" -p "&1zxc098!@#$%^()" --debug Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attemptedto reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token '1zxc098!@#$%()' is not recognized as an internal or external command, operable program or batch file.

PS C:\Users> m365 login -t password -u "abc@domain.com" -p '&1zxc098!@#$%^()' --debug Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token '1zxc098!@#$%()' is not recognized as an internal or external command, operable program or batch file.

PS C:\Users> m365 login -t password -u "abc@domain.com" -p "&1zxc098!@#`$ %^()" Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token '1zxc098!@#$%()' is not recognized as an internal or external command, operable program or batch file.

PS C:\Users> m365 login -t password -u "abc@domain.com" -p '&1zxc098!@#$ %^()' Error: network_error: Network request failed. Please check network trace to determine root cause. | Fetch client threw: Error: HTTP status code 400 | Attempted to reach: https://login.microsoftonline.com/organizations/oauth2/v2.0/token'1zxc098!@#$%()' is not recognized as an internal or external command, operable program or batch file.

PS C:\Users>

I have below questions: Do we need any specific character Encoding? Access to any specific port need to be enabled? Anything need to check from network end?

Not sure why every time it is asking for network error?

[martinlingstuyl]

Hi @AkashSatoliya,

As far as I understand, this is not an issue with the CLI for Microsoft 365, but with PowerShell and possibly the input encoding you are using.

PowerShell throws '1zxc098!@#$%()' is not recognized as an internal or external command, operable program or batch file.

PowerShell is apparently interpreting your string password as a command. Possibly it sees the first character & as a reserved character. You can see this because the & is excluded in the string when it says '1zxc098!@#$%()' is not recognized... Which is odd though, it does not do so on my end with & characters.

Could you retry and escape the & character with a backtick?

m365 login -t password -u "abc@domain.com" -p "`&1zxc098!@#`$%^()" --debug

Please copy paste the return exception if it still errors.

Also: Your original intent was to use this in a ci/cd pipeline, wasn't it? You could try if that works now, as you're now using a cloud account, it's possible the pipeline DOES work as intended.

[AkashSatoliya]

Hi @martinlingstuyl ,

You are right. There is some issue with PowerShell. When I tried to login using cmd I am able to login.

I tried in ci/cd pipeline as well but there, even though pipeline was showing as successfully completed. But when I checked the log I am getting below error:

Error: invalid_grant: AADSTS50079: Due to a configuration change made by your administrator, or because you moved to a new location, you must enroll in multi-factor authentication to access 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'.

I believe this must be due to MFA. Let me check admin team internally.

I genuinely appreciate your help in getting this problem resolved.

Thank you so much! :)

[martinlingstuyl]

Error: invalid_grant: AADSTS50079: Due to a configuration change made by your administrator, or because you moved to a new location, you must enroll in multi-factor authentication to access 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'.

Okay, that's clearly MFA indeed. You'll need to ask your IT admins to exclude this account from any conditional access policy that enforces MFA.

I genuinely appreciate your help in getting this problem resolved.

Of course, 🙂 that's what we're here for. I hope we can resolve this issue ASAP.

Could you retry and escape the & character with a backtick?

Did you try escaping the ampersand?

[AkashSatoliya]

Okay, that's clearly MFA indeed. You'll need to ask your IT admins to exclude this account from any conditional access policy that enforces MFA.

Yes, I've again requested IT team to exclude this from MFA.

Of course, 🙂 that's what we're here for. I hope we can resolve this issue ASAP.

That's so nice of you 🙂

Did you try escaping the ampersand?

Nope. I simply tried without escaping the ampersand. Like &1zxc098!@#$%^().

[martinlingstuyl]

Ok, I'm still curious whether that solves it on your local Pc though. Just for future reference. 🤗 who knows, someone else might come up with the same issue.

[AkashSatoliya]

Hi @martinlingstuyl,

Hope you are doing good.

MFA disabling is still in progress. Team is working on it.

While I'm waiting for response from them I was working commands for next steps like adding sppkg package and perform deployment.

I'm able to add the package and deploy it. After deployment I want to copy few files from local drive C:\Users\User1\Downloads\app\temp\ to a folder /sites/Site1/SiteAssets/AppFolder in SharePoint. But I'm getting error Specified path of the file to add does not exist.

C:\Users\User1>m365 spo file add --webUrl https://abc.sharepoint.com/sites/Site1 --folder `/sites/Site1/SiteAssets/AppFolder' --path 'C:\Users\User1\Downloads\app\temp\manifests.js' Error: Specified path of the file to add does not exist

File is available at C:\Users\User1\Downloads\app\temp\manifests.js but still getting this error. Could you please help me with this?

[martinlingstuyl]

Hi @AkashSatoliya, I've been at a conference this week. No time to respond. I'll get back to you!

[AkashSatoliya]

Hi @martinlingstuyl,

Thank you for looking into it.

Thank

[martinlingstuyl]

m365 spo file add --webUrl https://abc.sharepoint.com/sites/Site1 --folder `/sites/Site1/SiteAssets/AppFolder' --path 'C:\Users\User1\Downloads\app\temp\manifests.js' Error: Specified path of the file to add does not exist

Hi @AkashSatoliya, it might just be because it's dummy data, but it seems like you are using different types of quotes here: ` and '

Can you check again with proper quote usage? It might just block you there.

[AkashSatoliya]

Hi @martinlingstuyl ,

My bad while posting the query. Types of quotes are same as below. I tried to upload the file from different location as well but I'm getting same error:

m365 spo file add --webUrl https://abc.sharepoint.com/sites/Site1 --folder '/SiteAssets/AppFolder' --path 'C:\Users\User1\Desktop\upload\manifests.js' Error: Specified path of the file to add does not exist

And the file is not a dummy file. It is actual file containing required data. One thing is that the destination folder /SiteAssets/AppFolder on SharePoint already contains manifests.js file. Do I need to add any option to command to replace the file in destination?

I tried below command as well but getting similar error:

m365 file add --filePath 'C:\Users\User1\Desktop\upload\manifests.js' --folderUrl "https://abc.sharepoint.com/sites/Site1/SiteAssets/AppFolder" Error: Specified source file undefined doesn't exist

[martinlingstuyl]

Could you navigate to the location of the file in your terminal and execute it like this? You can even remove all quotes and see if that works: (replace path-spaces with %20 though)

m365 spo file add --webUrl https://abc.sharepoint.com/sites/Site1 --folder SiteAssets/AppFolder --path manifests.js

[AkashSatoliya]

Hi @martinlingstuyl ,

Thank you so much for suggestion. It worked after navigating to the location of the file in the terminal and executing the command using method mentioned above.

I was trying the command like below referring to this document:

m365 spo file add --webUrl https://contoso.sharepoint.com/sites/project-x --folder 'Shared Documents/Sub Folder 1' --path 'C:\MS365.jpg'

[martinlingstuyl]

Yes, and it should work. Incidentally, it also works on my machine when using the full path. :-) But something odd is going on with your PC and your use of quotes. I'm not sure what or how.

[waldekmastykarz]

Hey @martinlingstuyl @AkashSatoliya, do we have any next steps that we could investigate or have we exhausted all options and we close this issue with all the information that we were able to gather for future reference?

[martinlingstuyl]

MFA disabling is still in progress. Team is working on it.

We got sidetracked, but I think we where waiting on the above to be completed to check if that actually fixed the issue. @AkashSatoliya any updates?

[AkashSatoliya]

Hi @martinlingstuyl ,

Yes, it is correct. The solution provided is to disable MFA. I've raise request to disable MFA for the account. The MFA cannot be disabled and instead they'll whitelist Microsoft DevOps IP addresses which will not ask for MFA. It is still waiting for security approval. I'm not sure how much time it will take to get the approval. Hence if required, please close this thread. I'll Update as soon as I get approval and try the solution.

[waldekmastykarz]

Thank you for the recap. If there are additional things that we're checking, we can keep this thread open. I just want to ensure that it's still active :)

[AkashSatoliya]

Hi @martinlingstuyl,

Disabling MFA worked. After disabling MFA I'm able to deploy the site and upload files to site assets.

Thank you so much @martinlingstuyl and @waldekmastykarz for getting to the bottom of the problem and providing its solution.

[waldekmastykarz]

And thank you for sticking with us and not giving us. I'm sure the information we've got in this thread will help others too.

[martinlingstuyl]

That's great to hear @AkashSatoliya! It took a while, but we finally got there! Thanks a lot for your patience 👍