Connect-MsolService using graph access tokens failed - powershell-5.1

I usually run a modified version of the script provided by Microsoft on how to “Convert per-user MFA enabled and enforced users to disabled”.
If I run it interactively, the cmdlet “Connect-MsolService” works like a charm. However, as soon as I tried to use the parameters “AdGraphAccessToken” and “MsGraphAccessToken” it throws the following errors:
Connect-MsolService : An unexpected error occurred.
At line:1 char:1
+Connect-MsolService -AdGraphAccessToken $AadAccessToken -MsGraphAcces ...
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+CategoryInfo : OperationStopped: (:) [Connect-MsolService], MicrosoftOnlineException
+FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.InvalidHeaderException,Microsoft.Online.Administration.Automation.ConnectMsolService
Connect-MsolService : Exception of type 'Microsoft.Online.Administration.Automation.MicrosoftOnlineException' was thrown.
At line:1 char:1
+Connect-MsolService -AdGraphAccessToken $AadAccessToken -MsGraphAcces ...
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+CategoryInfo : OperationStopped: (:) [Connect-MsolService], MicrosoftOnlineException
+FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.MicrosoftOnlineException,Microsoft.Online.Administration.Automation.ConnectMsolService
When passing the same tokens to the cmdlet “Connect-AzureAD”, it goes as expected.
I use the following snippet for acquiring the tokens:
$TenantId = 'MyTenantId'
$Authority = 'https://login.microsoftonline.com/{0}/oauth2/v2.0/token' -f $TenantId
$ClientId = 'MyAzureActiveDirectoryAppId'
$ClientSecret = 'MyAzureActiveDirectoryAppSecret'
$Parameters =
#{
Authority = $Authority
ClientId = $ClientId
ClientSecret = (ConvertTo-SecureString -String $ClientSecret -AsPlainText -Force)
}
$AadAccessToken = (Get-MsalToken #Parameters -Scopes 'https://graph.windows.net/.default').AccessToken
$MsAccessToken = (Get-MsalToken #Parameters -Scopes 'https://graph.microsoft.com/.default').AccessToken
#Connect-AzureAD -AadAccessToken $AadAccessToken -MsAccessToken $MsAccessToken -AccountId $ClientId -TenantId $TenantId
Connect-MsolService -AdGraphAccessToken $AadAccessToken -MsGraphAccessToken $MsAccessToken -AzureEnvironment AzureCloud
I know that the modules MSOnline a AzureAD have been deprecated in favor of Microsoft.Graph, but since there is no other programmatic way to Enable per-user MFA I would kindly ask you people for some guidance: am I missing something here?


There is a way to create phoneAuthenticationMethod MFA using the MS graph which is still in beta phase:
https://learn.microsoft.com/en-us/graph/api/authentication-post-phonemethods?view=graph-rest-beta&tabs=powershell

Related

openApiGenerate don`t generate Models

I use gradle plugin
id "org.openapi.generator" version "5.1.1"
and task in gradle.plugin
openApiGenerate {
generatorName = "kotlin"
inputSpec = "$rootDir/src/main/resources/META-INF/resources/API.v1.yaml".toString()
outputDir = "$rootDir/generated".toString()
apiPackage = "org.openapi.example.api"
invokerPackage = "org.openapi.example.invoker"
modelPackage = "org.openapi.example.model"
configOptions = [
dateLibrary: "java8"
]
}
when I call gradlew openApiGenerate
I got
Execution failed for task ':openApiGenerate'.
> There were issues with the specification. The option can be disabled via validateSpec (Maven/Gradle) or --skip-validate-spec (CLI).
| Error count: 244, Warning count: 0
Errors:
-attribute paths.'/v1/pet/{name}/home/'(post).responses.406.content is unexpected
-attribute paths.'/v1/pet/{name}/home'(post).responses.400.content is unexpected
..........
But if I call in CLI version my yaml generate Models and API
Why it call that Exceptions?
Unfortunatelly, I can not add here even a part of my yaml, because site told me "ït looks you add a lot of code"
If I add
skipValidateSpec = true
I get only API without Models. Why?

qupzilla compile error in yocto krogoth version

When I compile qupzilla 2.0 supports qt5.6 base its giving below error.
Project MESSAGE: Using following defines: | Project MESSAGE:
QUPZILLA_SHAREDLIBRARY QUPZILLA_VERSION=\"2.0.2\"
QT_NO_URL_CAST_FROM_STRING QT_USE_QSTRINGBUILDER
USE_LIBPATH=\"/usr/lib\" USE_DATADIR=\"/usr/share/qupzilla\"
GIT_REVISION=\"635d392e66\" QZ_WS_X11 |
Project ERROR: Unknown
module(s) in QT: x11extras |
ERROR: Error calling /home//build/tmp/sysroots/x86_64-linux/usr/bin/qt5/qmake
-makefile -o Makefile -r /home/build/tmp/work/cortexa9hf-neon-phytec-linux-gnueabi/qupzilla/5.6.3+gitAUTOINC+6e445dcc05-r0/git/QupZilla.pro
below is my recipe
DESCRIPTION = "falkon browser https://github.com/Cockatrice/Cockatrice/issues/205"
LICENSE = "GPL-3.0"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=1d4ea452ed7ae778545f2dda5963c9fd"
require recipes-qt/qt5/qt5-git.inc
SRC_URI = "git://github.com/QupZilla/qupzilla.git;branch=v2.0"
SRCREV = "${AUTOREV}"
S = "${WORKDIR}/git"
DEPENDS = " qtbase qtwebengine qtx11extras qtdeclarative"
inherit qmake5
INSANE_SKIP_${PN} += "installed-vs-shipped"
Is anything is missing?

Please ensure that you have x11 in DISTRO_FEATURES and you may also want to add
require recipes-qt/qt5/qt5.inc

to type "System.Int32"Error:"Input string was not in a correct format

I Run the this power shell script
"$InstallPh\Database\bin\mysql.exe" -'uroot' -'e''select status from zibcatalog.zibmonitor where backupset="$BACKUPSET" AND operation="ZIB_BACKUP";' > 'c:\\auto\\firstbackup-result.txt'
Powershell throws this error message:
Cannot convert value "\Database\bin\mysql.exe" to type "System.Int32". Error: "Input string was not in a correct format."
At line:1 char:2
+ "$InstallPh\Database\bin\mysql.exe" -'uroot' -'e''select status from zibcatalog ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvalidCastFromStringToInteger

Your problems the way your trying to execute and pass the parameters to MySQL.exe. Try using the & operator to execute the exe file.
& "$InstallPh\Database\bin\mysql.exe" "-uroot -e'select status from zibcatalog.zibmonitor where backupset=`"$BACKUPSET`" AND operation=`"ZIB_BACKUP`";'" > 'c:\auto\firstbackup-result.txt'

Powershell - Why isn't the exception thrown by Set-CASMailbox getting caught?

I have a Powershell script that is run on a Windows 2008 R2 server with Exchange Server 2010 console installed on it. The script, pmduaactivesync.ps1, is run from Task scheduler, so it has to be called using a weird command rather than just calling it directly. Here is how it is run:
powershell -PSConsoleFile "C:\Program Files\Microsoft\Exchange Server\v14\bin\exshell.psc1" -exec bypass -command ". 'C:\Program Files\Microsoft\Exchange Server\V14\Bin\Exchange.ps1'; &'C:\dev\csom\pmduaactivesync.ps1'"
The script is being run as a service account, and that account has all the access it needs to make changes in the Exchange environment.
Now, in the script, at one point I am trying to set the Exchange ActiveSync attribute on a mailbox to True. Here is that part of the code
# Try setting ActiveSync to true
try {
Set-CASMailbox -Identity $tempUsername -ActiveSyncEnabled $true
if ($?) {
# Set ASChangeValue to 1 (to be used when updating SP List)
$ASChangeValue="1"
} else {
throw $error[0].Exception
}
} catch {
Write-Host "Exception caught with 'Set-CASMailbox -Identity $tempUsername -ActiveSyncEnabled $true' command." -ForegroundColor Red
Write-Host "Exception Type: $($_.Exception.GetType().FullName)" -ForegroundColor Red
Write-Host "Exception Message: $($_.Exception.Message)" -ForegroundColor Red
$ASChangeValue="8"
}
In the script, I'm also creating a transcript using the Start-Transcript cmdlet.
Here is my problem. The Set-CASMailbox cmdlet is throwing an error, shown below:
WARNING: The cmdlet extension agent with the index 1 has thrown an exception in OnComplete(). The exception is:
System.InvalidOperationException: Operation is not valid due to the current state of the object.
at Microsoft.Exchange.Data.Storage.ExchangePrincipal.get_ServerFullyQualifiedDomainName()
at Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(MapiStore linkedStore, LogonType logonType,
ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags,
GenericIdentity auxiliaryIdentity)
at Microsoft.Exchange.Data.Storage.MailboxSession.<>c__DisplayClass12.<CreateMailboxSession>b__10(MailboxSession
mailboxSession)
at Microsoft.Exchange.Data.Storage.MailboxSession.InternalCreateMailboxSession(LogonType logonType,
ExchangePrincipal owner, CultureInfo cultureInfo, String clientInfoString, IAccountingObject budget, Action`1
initializeMailboxSession, InitializeMailboxSessionFailure initializeMailboxSessionFailure)
at Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner,
DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String
clientInfoString, PropertyDefinition[] mailboxProperties, IList`1 foldersToInit, GenericIdentity auxiliaryIdentity,
IAccountingObject budget)
at Microsoft.Exchange.Data.Storage.MailboxSession.ConfigurableOpen(ExchangePrincipal mailbox, MailboxAccessInfo
accessInfo, CultureInfo cultureInfo, String clientInfoString, LogonType logonType, PropertyDefinition[]
mailboxProperties, InitializationFlags initFlags, IList`1 foldersToInit, IAccountingObject budget)
at Microsoft.Exchange.Data.Storage.MailboxSession.OpenAsSystemService(ExchangePrincipal mailboxOwner, CultureInfo
cultureInfo, String clientInfoString)
at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.XsoMailer.Log(AdminLogMessageData data,
LogMessageDelegate logMessage)
at Microsoft.Exchange.ProvisioningAgent.AdminLogProvisioningHandler.OnComplete(Boolean succeeded, Exception e)
at Microsoft.Exchange.Provisioning.ProvisioningLayer.OnComplete(Task task, Boolean succeeded, Exception exception)
I'm not 100% on this, but since the error is referencing "The cmdlet extension agent with the index 1" I ran Get-CmdletExtensionAgent to see what that might be. After running the command, assuming I'm reading it correctly, it is referencing the Query Base DN Agent.
>Get-CmdletExtensionAgent | Format-Table Name, Enabled, Priority
Name Enabled Priority
---- ------- --------
Admin Audit Log Agent True 255
Query Base DN Agent True 1
Rus Agent True 2
Mailbox Resources Management Agent True 3
Provisioning Policy Agent True 4
OAB Resources Management Agent True 5
Scripting Agent False 6
Mailbox Creation Time Agent True 0
Here is my big question,
Why is this exception not getting caught?
Later in my script, $ASChangeValue is still set to 1, as opposed to 8. Any help on this would be appreciated, thanks.

Add -ErrorAction Stop to Set-CASMailbox:
Set-CASMailbox -Identity $tempUsername -ActiveSyncEnabled $true -ErrorAction Stop

Error : Exception calling "MoveTo" with "1" argument(s): "The server is unwilling to process the request. "

I am trying to write a script to move OU of users in AD 2008
$Alias = "hareeshvm"
# Finding the location of the user account harveesm:
$Root = [ADSI]("LDAP://DC=corp,DC=bharatpetroleum,DC=com")
$searcher = new-object System.DirectoryServices.DirectorySearcher($root)
$searcher.filter = "(&(objectClass=user)(mailNickName= $Alias))"
$User = $searcher.findone()
# Binding the user account to $AUser and the OU to move to to $MovetoOU
$ADSPath = $User.Properties.adspath
$MoveToOU = [ADSI]("LDAP://OU=Temp,DC=corp,DC=bharatpetroleum,DC=com")
$AUser = [ADSI]("$ADSPath")
# Command to Do the actual move
$AUser.PSBase.moveto($MoveToOU)
And I am getting below mentioned error
Exception calling "MoveTo" with "1" argument(s): "The server is unwilling to process the request.
"
At D:\Ashish\MS Exchange\New User\newuserscreation.ps1:39 char:21
+ $AUser.PSBase.moveto <<<< ($MoveToOU)
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
thx in advance