Closed CermakPOI closed 3 years ago
The verbose output shows that it is using OAuth2
authentication. It takes the credential provided and creates the body object with grant_type = 'password'
.
VERBOSE: Performing the operation "Requesting OAuth2 token from https://Myinstance.secretservercloud.eu/ with URI of [https://Myinstance.secretservercloud.eu/oauth2/token]" on target "https://Myinstance.secretservercloud.eu/".
What format is the credential you are passing?
My Script has been working befor upgrading the Module to the new version. The old version is still working!
The issue is that it connects to and returns winauthwebservices event though a crendtial Object is passed.
It's PSCredential in this form UserName Password
svcTSS System.Security.SecureString
I am unable to replicate the issue you are seeing. The logical workflow of New-TssSession
has not been changed since version 0.33.1, what is in 0.42.0 still exists as-is in 0.50.1, and in the release pushed out yesterday (0.51.0).
The only way it sets IWA is if a specific parameter is provided:
A small mention, the use of Remove-Module Thycotic.SecretServer
will not completely remove the module from your PowerShell session now that it uses a binary library. The cleanest way with testing between versions will be to restart your PowerShell session.
I'm not able to reproduce this in the latest release. I would recommend a few things to try out:
In a new PowerShell session try the below (based on your example):
Import-Module Thycotic.SecretServer -MinimumVersion 0.51.0
$poitsssession = New-TssSession @paramNewTssSession
$poitsssession | select TokenType
If that still returns the Windows Auth being used verify your $PSDefaultParameterValues
is not trying to default the UseWindowsAuth
parameter.
You can open the module directory in VS Code (with PowerShell ext) and then add a breakpoint on line 105 of the New-TssSession.ps1
file. Start the debugger and run your example code and you will be able to step through the code line by line.
In the next release (0.52.0) I am adding more verbose output to New-TssSession
to help troubleshoot this a bit more. In version 0.48.0 the module had the PowerShell classes converted to a C# library but logically that command has stayed the same since Windows Auth support was added in v0.30.0 on February 2, 2021.
Verified issue does not already exist?
No
What error did you receive
New-TssSession uses winauthwebservices even for credential. In version 0.42.0 it works as expected.
Please run the command using -Verbose
No response
Provide a test case or steps to reproduce
Expected behavior
Use webservices instead of winauthwebservices as in older, working versions.
What Edition of Secret Server?
Cloud Subscription
What version of Secret Server
11.0
What PowerShell host was used when producing this error
Windows PowerShell (powershell)
PowerShell Host Version
Name Value
PSVersion 5.1.14393.4530 PSEdition Desktop PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...} BuildVersion 10.0.14393.4530 CLRVersion 4.0.30319.42000 WSManStackVersion 3.0 PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1