search

spjeff / office365

Office 365 - cloud tenant administration,standard config, GPO, applied governance, PowerShell, JavaScript
MIT License
0 stars 0 forks source link

Delete-CloudHybridSearchContent - does not support SharePoint Online credentials #2

Open AussieDavo opened 5 years ago

AussieDavo commented 5 years ago

When running Delete-CloudHybridSearchContent.ps1 I am receiving the following error:

`PS D:\Scripts> .\Delete-CloudHybridSearchContent.ps1 -PortalUrl https://tenant.sharepoint.com Exception calling "ExecuteQuery" with "0" argument(s): "Cannot contact web site 'https://tenant.sharepoint.com/' or the web site does not support SharePoint Online credentials. The response status code is 'Unauthorized'. The response headers are 'X-SharePointHealthScore=3, X-MSDAVEXT_Error=917656; Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically., SPRequestGuid=, request-id=, MS-CV=.0, Strict-Transport-Security=max-age=31536000, SPRequestDuration=136, SPIisLatency=0, MicrosoftSharePointTeamServices=16.0.0.8613, X-Content-Type-Options=nosniff, X-MS-InvokeApp=1; RequireReadOnly, X-MSEdge-Ref=Ref A: Ref B: Ref C: 2019-02-27T03:36:39Z, Content-Length=0, Content-Type=text/plain; charset=utf-8, Date=Wed, 27 Feb 2019 03:36:39 GMT, P3P=CP="ALL IND DSP COR ADM CONo CUR IVAo IVDo PSA PSD TAI TELo SAMo CNT COM INT NAV ONL PHY PRE PUR UNI", X-Powered-By=ASP.NET'." At D:\Scripts\Delete-CloudHybridSearchContent.ps1:44 char:1 $context.ExecuteQuery() CategoryInfo : NotSpecified: (:) [], MethodInvocationException FullyQualifiedErrorId : NotSupportedException

Started delete task (id=0)

PS D:\Scripts> `

Do you know of a way to get this working whilst keeping Legacy Authentication disabled within the tenancy?

spjeff commented 5 years ago

Can you connect to tenant with AppID and AppSecret?

Connect-PNPOnline -AppId "e419e703-5293-402c-bb70-3aff593b850b" -AppSecret "secret-here"

AussieDavo commented 5 years ago

Thanks @spjeff ,

I gave Connect-PNPOnline a try with this script: `<# .SYNOPSIS Issue a call to SharePoint Online to delete all metadata from on-premises content that was indexed through cloud hybrid search. This operation is asynchronous. .PARAMETER PortalUrl SharePoint Online portal URL, for example 'https://contoso.sharepoint.com'. .PARAMETER AppID AppID whith access to SharePoint Online. .PARAMETER AppSecret Secret for the App created in SahrePoint Online.

>

param( [Parameter(Mandatory=$true, HelpMessage="SharePoint Online portal URL, for example 'https://contoso.sharepoint.com'.")] [ValidateNotNullOrEmpty()] [String] $PortalUrl, [Parameter(Mandatory=$true, HelpMessage="AppID whith access to SharePoint Online")] [ValidateNotNullOrEmpty()] [String] $AppID, [Parameter(Mandatory=$true, HelpMessage="Secret for the App created in SahrePoint Online")] [ValidateNotNullOrEmpty()] [String] $AppSecret )

$SP_VERSION = "15" $regKey = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Office Server\15.0\Search" -ErrorAction SilentlyContinue if ($regKey -eq $null) { $regKey = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Office Server\16.0\Search" -ErrorAction SilentlyContinue if ($regKey -eq $null) { throw "Unable to detect SharePoint Server installation." } $SP_VERSION = "16" }

Add-Type -AssemblyName ("Microsoft.SharePoint.Client, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c") Add-Type -AssemblyName ("Microsoft.SharePoint.Client.Search, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c") Add-Type -AssemblyName ("Microsoft.SharePoint.Client.Runtime, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c")

Connect-PnPOnline -AppId $AppID -AppSecret $AppSecret -Url $PortalUrl

$context = Get-PnPContext

$manager = New-Object Microsoft.SharePoint.Client.Search.ContentPush.PushTenantManager $context $task = $manager.DeleteAllCloudHybridSearchContent() $context.ExecuteQuery() `

However I am now getting this error: New-Object : Cannot find an overload for "PushTenantManager" and the argument count: "1".

I created and App for this using this URL: https://[tenant].sharepoint.com/_layouts/15/appregnew.aspx

And added the permissions using this URL: https://[tenant]-admin.sharepoint.com/_layouts/15/appinv.aspx With This XML: `

`

Do you have any idea where I could be going wrong? Could it be a permissions issue?

spjeff commented 5 years ago

Haven't see this error before. Steps worked well on my tenant.

spjeff commented 5 years ago

Looking at MS docs I see single parameter constructor.

https://docs.microsoft.com/en-us/dotnet/api/microsoft.sharepoint.client.search.contentpush.pushtenantmanager

AussieDavo commented 5 years ago

Hi @spjeff ,

I ended up enabling legacy authentication temporarily to run the original script as I was under some time pressure. Using the following command: Set-SPOTenant -LegacyAuthProtocolsEnabled $True

It did take over an hour to take affect though.

I would still be interested to get this working as may need to run it again in the future without having to turn Legacy Auth on and off again.

Unfortunately I am not familiar with constructors. Sorry.

You mentioned that it worked well on your tenant. Could that mean that it may be something in my environment (proxy or reverse proxy related)?. I'll setup a new test tenancy and give it a try there too.

Thanks for your help.

BlueBart commented 4 years ago

HI @spjeff @AussieDavo I'm facing same issue, but the -LegacyAuthProtocolsEnabled parameter is already set to true. It also looks like this issue is reproducible at least in two different tenants. Any ideas how to solve it?

NL12143 commented 2 years ago

Above is my experience too with the onboarding and removal scripts. Even with legacy enabled, it is a nogo with a recent tenants. And, using SharePointPnPPowerShellOnline the Connect-PnP ... with -UseWebLogin authenticat works fine, but it fails with Set-PnPcontext to load the object PushTenantManager in the context. With error "overload for "PushTenantManager" and the argument count: "1"."

Found 2 actions to do, to get this done:
1a Use SharePointPnPCoreOnline for modern Authentication (Azure oAuth) 1b Idem, with PnPcore the object "pushTenantManager" loads in the context, without error 2 Use a W2019 for the PreparePushTenant() part. A W2012 under SP2013 lacks .NET, TLS and ciphers.

$AuthenticationManager = New-Object OfficeDevPnP.Core.AuthenticationManager $mctx = $AuthenticationManager.GetWebLoginClientContext($siteUrl)

$pushTenantManager = New-Object Microsoft.SharePoint.Client.Search.ContentPush.PushTenantManager $mctx $pushTenantManager.PreparePushTenant() $mctx.ExecuteQuery()

The scripts are from 4 years ago and use $code=@"...." to get a "SPOAuth2Bearer"-token for $cred. I guess that method is no longer supported by modern AzureAD.

Hope it helps someone.

NL12143 commented 2 years ago

Have one question for myself working with this. We see that SharePointPnPCoreOnline with New-Object OfficeDevPnP.Core.AuthenticationManager is working. But that is deprecated and followed up by PnP Framework. Where is the AuthenticationManager in PnP Framework ?

New-Object OfficeDevPnP.Core.AuthenticationManager or New-Object PnP.Framework.AuthenticationManager both do not seem to work (from PnP Framework)

PnP Framework = PnP.Framework.dll is found in folders netstandard2.0 and net5.0 SharePointPnPCoreOnline = OfficeDevPnP.Core.dll is found in folder net461 We use Add-Type to load these assemblies in powershell.

Found this in Github PnP Framework var authManager = new AuthenticationManager("", "joe@contoso.onmicrosoft.com", "Pwd as SecureString"); using (var context = authManager.GetContext("https://contoso.sharepoint.com")) How to do this in powershell ?