erwinvanhunen
commented
3 years ago Interesting! Let me try to figure out what's going on here.
Closed sympmarc closed 3 years ago
erwinvanhunen
commented
3 years ago Interesting! Let me try to figure out what's going on here.
erwinvanhunen
commented
3 years ago Can you try removing the PnP Management Shell application from your Azure AD? (it's in enterprise applications) and try again? I just tried it here and had no issues, the whole flow went through as expected.
sympmarc
commented
3 years ago @ToddKlindt and I were testing things in two different tenants yesterday. His had the PnP Management Shell installed already, but mine didn't. We both saw the same outcome, but using different entry points - I was using VS Code and he was in a PowerShell shell.
I just deleted the PnP Management Shell from the tenant I'm using and ran through the process again, with the same results. Here are the detailed screenshots going through - though you know what they look like. At the end of the process, I'm not asked for consent - that screen just never comes up.
Run Register-PnPManagementShellAccess
Browser pops up and I paste in the code
Asked for acccount
Enter password
Browser window closes and back to VS Code (just because it was in the background)
sympmarc
commented
3 years ago p.s. If I go to https://microsoft.com/devicelogin in a separate browser tab, I do get the consent pop up, and everything completes as expected, just like yesterday.
erwinvanhunen
commented
3 years ago Right. Could you try again using the 'built-in flow', but while running fiddler? We monitor the urls that the popup/embedded browser is navigating you too and most likely we receive an URL making PnP PS think it can close the browser, basically before the consent occurs. A fiddler trace will help us understand what URL is being received (optionally share the trace privately with me).
erwinvanhunen
commented
3 years ago I tested it with a colleague who was able to reproduce it. I'm looking into a solution now.
sympmarc
commented
3 years ago Good to hear @ToddKlindt and I aren't crazy. Let us know if we can help somehow. Sorry I hadn't gotten to the Fiddler trace yet, but I can still do it if you need it.
erwinvanhunen
commented
3 years ago I actually made a change now where we do not automatically close the popup browser window when executing Register-PnPManagmentShellAccess. This will be available in the upcoming nightly release: 0.3.20-nightly.
sympmarc
commented
3 years ago Would you still like a Fiddler trace?
erwinvanhunen
commented
3 years ago No, that's not needed anymore. Thanks anway :-)
gautamdsheth
commented
3 years ago Verified, fixed with the 3.20-nightly.
@sympmarc or @toddKlindt - can you confirm as well ?
qul-d
commented
3 years ago Reporting an Issue or Missing Feature
Cannot successfully use
Register-PnPManagementShellAccessper the instructionsExpected behavior
@ToddKlindt and I were trying out the process of moving from
SharePointPnPPowerShellOnlinetoPnP.PowerShell. We know it's still a bit early, but we like understanding new stuff. Once I got my machine set up with PowerShell 7 and hadPnP.PowerShellinstalled, I triedConnect-PnPOnline, expecting it wouldn't work on the first try, as shown in VS Code here.
Actual behavior
As shown in the screenshot above, I ran
Register-PnPManagementShellAccessto set things up. The browser window popped up, I logged in, the browser window closed itself, and things just sat where they were in the image. Todd tested in a shell and had the same problem.Instead, Todd tried closing the automatic browser window and manually going to http://microsoft.com/devicelogin in a browser tab. Logging in there took us to the consent dialog and Parker's
PnP Management Shellwas installed in Enterprise Applications.Steps to reproduce behavior
Run
Register-PnPManagementShellAccessand follow the prompts in the popup browser window.What is the version of the Cmdlet module you are running?
0.3.14 nightly
Which operating system/environment are you running PnP PowerShell on?
- [x] Windows
- [ ] Linux
- [ ] MacOS
- [ ] Azure Cloud Shell
- [ ] Azure Functions
- [ ] Other : please specify
ComputerHabit2
commented
2 months ago I'm stuck in a loop trying to get managment shell to work. It won't work. I don't get registration prompt. I just get an error that the app isn't registered. I deleted the existing one but the error persists.
ToddKlindt
commented
2 months ago I'm stuck in a loop trying to get managment shell to work. It won't work. I don't get registration prompt. I just get an error that the app isn't registered. I deleted the existing one but the error persists.
This has changed a bunch since this discussion. Read this thread to see what's changed and what you need to do now.
ComputerHabit2
commented
2 months ago I'm stuck in a loop trying to get managment shell to work. It won't work. I don't get registration prompt. I just get an error that the app isn't registered. I deleted the existing one but the error persists.
AADSTS700016: Application with identifier '31359c7f-bd7e-475c-86db-fdb8c937548e' was not found in the directory 'company'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
ComputerHabit2
commented
2 months ago I'm stuck in a loop trying to get managment shell to work. It won't work. I don't get registration prompt. I just get an error that the app isn't registered. I deleted the existing one but the error persists.
This has changed a bunch since this discussion. Read this thread to see what's changed and what you need to do now.
I just read the article. I think I'd read it before.
The command Register-PnPManagementShellAccess is no longer functional correct?
I should be creating my own Application.
Maybe using the Register-PnPEntraIDApp command. That did seem to work.
The only issue I have right now is I was trying to actually Register-PnPEntraIDApp and then provide permissions.
When I ran Grant-PnPAzureADAppSitePermission it said I need to use -PnPManagementShell to make the change.
sympmarc
commented
2 months ago I'd recommend setting up the app registration manually, as outlined here: https://pnp.github.io/powershell/articles/registerapplication.html This way, you can consent to the permissions you specifically need to run your PnP.PowerShell scripts.
ComputerHabit2
commented
2 months ago I'd recommend setting up the app registration manually, as outlined here: https://pnp.github.io/powershell/articles/registerapplication.html This way, you can consent to the permissions you specifically need to run your PnP.PowerShell scripts.
Ugg.... I so wanted to use the new commands. I've invested so much time into trying to learn this stuff and boooo...
ComputerHabit2
commented
2 months ago Also I have the app and full control and all the permissions and still commands fail.
I'm on to hoping now Install-Module -Name PnP.PowerShell -AllowPrerelease will fix it.
ComputerHabit2
commented
2 months ago Also I have the app and full control and all the permissions and still commands fail.
I'm on to hoping now Install-Module -Name PnP.PowerShell -AllowPrerelease will fix it.
NOPE Install-Package: The version '2.12.18' of the module 'PnP.PowerShell' being installed is not catalog signed. Ensure that the version '2.12.18' of the module 'PnP.PowerShell' has the
sympmarc
commented
2 months ago I'm stuck in a loop trying to get managment shell to work. It won't work. I don't get registration prompt. I just get an error that the app isn't registered. I deleted the existing one but the error persists.
AADSTS700016: Application with identifier '31359c7f-bd7e-475c-86db-fdb8c937548e' was not found in the directory 'company'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
This message tells you that the old app registration is no longer available. This happened on 6 Sep - all tenants lost this app registration based on action by Microsoft at the same time.
For those new cmdlets to work for you, you need to be running PnP.PowerShell v2.12 or greater. Lots of changes in a very short time on this.
sympmarc
commented
2 months ago I
I'd recommend setting up the app registration manually, as outlined here: https://pnp.github.io/powershell/articles/registerapplication.html This way, you can consent to the permissions you specifically need to run your PnP.PowerShell scripts.
Ugg.... I so wanted to use the new commands. I've invested so much time into trying to learn this stuff and boooo...
If you're a Global Admin, the new cmdlets should work for you - if you've upgraded to PnP.PowerShell 2.12+.
ComputerHabit2
commented
2 months ago I'm stuck in a loop trying to get managment shell to work. It won't work. I don't get registration prompt. I just get an error that the app isn't registered. I deleted the existing one but the error persists.
AADSTS700016: Application with identifier '31359c7f-bd7e-475c-86db-fdb8c937548e' was not found in the directory 'company'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
This message tells you that the old app registration is no longer available. This happened on 6 Sep - all tenants lost this app registration based on action by Microsoft at the same time.
For those new cmdlets to work for you, you need to be running PnP.PowerShell v2.12 or greater. Lots of changes in a very short time on this.
Yes I'm stuck still. I'm hoping someone will answer a forum question. https://github.com/pnp/powershell/issues/4250
I made an azure app. It has permissions. I still get access denied even checking my permissions.
sympmarc
commented
2 months ago I don't see a question at that link. Can you be more specific about what you've done and what error(s) you're getting?
ComputerHabit2
commented
2 months ago I don't see a question at that link. Can you be more specific about what you've done and what error(s) you're getting?
I'm having a bad day :) https://github.com/pnp/powershell/discussions/4351
Wrong url in my clip board.
Reporting an Issue or Missing Feature
Cannot successfully use
Register-PnPManagementShellAccessper the instructionsExpected behavior
@ToddKlindt and I were trying out the process of moving from
SharePointPnPPowerShellOnlinetoPnP.PowerShell. We know it's still a bit early, but we like understanding new stuff. Once I got my machine set up with PowerShell 7 and hadPnP.PowerShellinstalled, I triedConnect-PnPOnline, expecting it wouldn't work on the first try, as shown in VS Code here.Actual behavior
As shown in the screenshot above, I ran
Register-PnPManagementShellAccessto set things up. The browser window popped up, I logged in, the browser window closed itself, and things just sat where they were in the image. Todd tested in a shell and had the same problem.Instead, Todd tried closing the automatic browser window and manually going to http://microsoft.com/devicelogin in a browser tab. Logging in there took us to the consent dialog and Parker's
PnP Management Shellwas installed in Enterprise Applications.Steps to reproduce behavior
Run
Register-PnPManagementShellAccessand follow the prompts in the popup browser window.What is the version of the Cmdlet module you are running?
0.3.14 nightly
Which operating system/environment are you running PnP PowerShell on?