New-AzureWebsite after ImportRmContext #4269
Assignees
Labels
Comments
|
@BrenPutzeys you will need to run |
|
Closign as answered, please reopen if you see a recurrence using the appropriate login cmdlet |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Cmdlet(s)
Import-AzureRmContext
New-AzureWebsite
Add-AzureAccount
PowerShell Version
4.0
Module Version
OS Version
6.3.9600.17400
Description
We have some scripts that work with the januari version of powershell.
In these scripts our account data is passed via Save-AzureRmProfile and Select-AzureRmProfile
Now to be compliant with the new version of powershell, we are changing this to Save-AzureRmContext and Import-AzureRmContext.
We already use the workaround from #3954
$ctx = Import-AzureRmContext -Path <path-to-saved-context> $ctx.Context.TokenCache.Deserialize($ctx.Context.TokenCache.CacheData)and tried the other one also
$ctx = Import-AzureRmContext -Path <path-to-saved-context> $session = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance $cacheFile = [System.IO.Path]::Combine($session.ProfileDirectory, $session.TokenCacheFile) if (Test-Path $cacheFile) { $session.DataStore.CopyFile($cacheFile, ($cacheFile + ".bak")) } $session.DataStore.WriteFile( $cacheFile, [System.Security.Cryptography.ProtectedData]::Protect($ctx.Context.TokenCache.CacheData, $null, [System.Security.Cryptography.DataProtectionScope]::CurrentUser)) $session.TokenCache = New-Object -TypeName Microsoft.Azure.Commands.Common.Authentication.ProtectedFileTokenCache -ArgumentList $cacheFile [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext.TokenCache = $session.TokenCacheTo have a working Import-AzureRmContext, however now when we try to create a new-AzureWebsite it throws the add-azureAccount error.
Example code
$ctx = Import-AzureRmContext -Path c:\temp\AzureLogin.json $ctx.Context.TokenCache.Deserialize($ctx.Context.TokenCache.CacheData) Select-AzureRmSubscription -SubscriptionName $global:MySubscriptionName Get-AzureAccount Select-AzureSubscription -SubscriptionName $global:MySubscriptionName ... New-AzureWebSite $projectName -Location $locationIs there some additional code we have to call to make sure the azureAccount is 'active' after calling the import-AzureRmContext ?
Debug Output
DEBUG: 2:03:13 AM - NewAzureWebsiteCommand begin processing with ParameterSet '__AllParameterSets'.
DEBUG: 2:03:15 AM - using account id 'BPutze@ferranti.be'...
DEBUG: [Common.Authentication]: Authenticating using Account: 'BPutze@ferranti.be', environment: 'AzureCloud', tenant: 'a37fb080-fbc2-4a78-a28d-fd191af9240a'
DEBUG: [Common.Authentication]: Authenticating using configuration values: Domain: 'a37fb080-fbc2-4a78-a28d-fd191af9240a', Endpoint: 'https://login.microsoftonline.com/', ClientId: '1950a258-227b-4e31-a
9cf-717495945fc2', ClientRedirect: 'urn:ietf:wg:oauth:2.0:oob', ResourceClientUri: 'https://management.core.windows.net/', ValidateAuthrity: 'True'
DEBUG: [Common.Authentication]: Acquiring token using context with Authority 'https://login.microsoftonline.com/a37fb080-fbc2-4a78-a28d-fd191af9240a/', CorrelationId: '00000000-0000-0000-0000-0000000000
00', ValidateAuthority: 'True'
DEBUG: [Common.Authentication]: Acquiring token using AdalConfiguration with Domain: 'a37fb080-fbc2-4a78-a28d-fd191af9240a', AdEndpoint: 'https://login.microsoftonline.com/', ClientId: '1950a258-227b-4e
31-a9cf-717495945fc2', ClientRedirectUri: urn:ietf:wg:oauth:2.0:oob
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/07/2017 09:03:15: 355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99 - AcquireTokenInteractiveHandler: === Token Acquisition started:
Authority: https://login.microsoftonline.com/a37fb080-fbc2-4a78-a28d-fd191af9240a/
Resource: https://management.core.windows.net/
ClientId: 1950a258-227b-4e31-a9cf-717495945fc2
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (0 items)
Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 07/07/2017 09:03:15: 355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99 - d__0: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 07/07/2017 09:03:15: 355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99 - d__0: No matching token was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 07/07/2017 09:03:15: - WebBrowserEvent: Navigating to 'https://login.microsoftonline.com/a37fb080-fbc2-4a78-a28d-fd191af9240a/oauth2/authorize?resource=https://management.core.windows.net/&clien
t_id=1950a258-227b-4e31-a9cf-717495945fc2&response_type=code&haschrome=1&redirect_uri=urn:ietf:wg:oauth:2.0:oob&login_hint=BPutze@ferranti.be&client-request-id=355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99&promp
t=attempt_none&x-client-SKU=.NET&x-client-Ver=2.28.3.860&x-client-CPU=x64&x-client-OS=Microsoft Windows NT 6.2.9200.0&site_id=501358&display=popup'.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 07/07/2017 09:03:15: - WebBrowserEvent: Navigating to 'https://adfsfarm.ferranti.be/adfs/ls/?login_hint=BPutze@ferranti.be&client-request-id=355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99&username=BPutze@
ferranti.be&wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=estsredirect=2&estsrequest=rQIIAePiMtIzstAz1rMwMxBiNNRiNtQztFIxtDQ1SDQytdA1MjJP0jVJNTbUTbRMTtM1NzQ3sTS1NDFNSzbyYjM1MDQ2tSgS4hJYvDPe9
PGKWS7Tdi97sHVN3MxJjKwF-QWlBasYJUuL8qwyU0vSrMrTrfITS0syrIz0DKzy85N2MDJeYGR8wcg4iUnIKaC0pCrVIS21qCgxryRTLyn1FhO_vyNQtRGIyC_KrEp9xcSTWFKSmltQEp-Xn5e6ilklo6SkoNhKXz83MS8xPTU3Na9ELzm_KFWvPDMvJb-8WC8vtUR_E7N
KorF5WpKBhYFuWlKyka5JormFbqKRRYpuWoqhpWFimqWRiUHiDWbGCyyMr1gkOJgEZCSYFe6wabAYMFtxcrAJMEl8cFdg-MHCuIgV6FMn9y6fnQIpbitfnvnculST4RSrvnOoV1a4s1dBhKGLh4F3pFlgpXm2hVeEo592pIVxuq-lu3Z4RVaKi1t4rq-tmZXhBDbGU2wse
n6uIbs4cYcOAA2'.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 07/07/2017 09:03:15: - RuntimeMethodInfo: Navigated to 'https://adfsfarm.ferranti.be/adfs/ls/?login_hint=BPutze@ferranti.be&client-request-id=355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99&username=BPutze
@ferranti.be&wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=estsredirect=2&estsrequest=rQIIAePiMtIzstAz1rMwMxBiNNRiNtQztFIxtDQ1SDQytdA1MjJP0jVJNTbUTbRMTtM1NzQ3sTS1NDFNSzbyYjM1MDQ2tSgS4hJYvDPe
9PGKWS7Tdi97sHVN3MxJjKwF-QWlBasYJUuL8qwyU0vSrMrTrfITS0syrIz0DKzy85N2MDJeYGR8wcg4iUnIKaC0pCrVIS21qCgxryRTLyn1FhO_vyNQtRGIyC_KrEp9xcSTWFKSmltQEp-Xn5e6ilklo6SkoNhKXz83MS8xPTU3Na9ELzm_KFWvPDMvJb-8WC8vtUR_E7
NKorF5WpKBhYFuWlKyka5JormFbqKRRYpuWoqhpWFimqWRiUHiDWbGCyyMr1gkOJgEZCSYFe6wabAYMFtxcrAJMEl8cFdg-MHCuIgV6FMn9y6fnQIpbitfnvnculST4RSrvnOoV1a4s1dBhKGLh4F3pFlgpXm2hVeEo592pIVxuq-lu3Z4RVaKi1t4rq-tmZXhBDbGU2ws
en6uIbs4cYcOAA2'.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Error: 4 :
DEBUG: 07/07/2017 09:03:15: 355fb9a3-a8e3-449a-96bb-a6e0b5ac5e99 - AsyncMethodBuilderCore: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException: user_interaction_required: One of two conditions
was encountered: 1. The PromptBehavior.Never flag was passed, but the constraint could not be honored, because user interaction was required. 2. An error occurred during a silent web authentication tha
t prevented the http authentication flow from completing in a short enough time frame
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.SilentWebUI.OnAuthenticate()
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenInteractiveHandler.b__0()
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenInteractiveHandler.AcquireAuthorization()
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenInteractiveHandler.PreTokenRequest()
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.d__0.MoveNext()
ErrorCode: user_interaction_required
DEBUG: [Common.Authentication]: Received exception User Interaction is required to authenticate this user. Please authenticate using the log in dialog. In PowerShell, execute Login-AzureRMAccount for Az
ure Resource Manager cmdlets or Add-AzureAccount for service management cmdlets., while authenticating.
New-AzureWebSite : Your Azure credentials have not been set up or have expired, please run Add-AzureAccount to set up your Azure credentials.
At C:\Users\Administrator\Desktop\Untitled3.ps1:94 char:17
DEBUG: 2:03:17 AM - NewAzureWebsiteCommand end processing.
DEBUG: 2:03:17 AM - NewAzureWebsiteCommand end processing.
Script/Steps for Reproduction
setting credentials:
$global:cred = Get-Credential $a = Add-AzureRMAccount -Credential $global:cred -ErrorAction Stop -WarningVariable warningAzure -ErrorVariable errorAzure $b = Add-AzureAccount -Credential $global:cred -ErrorAction Stop -WarningVariable warningAzure -ErrorVariable errorAzure Get-AzureRMSubscription -SubscriptionName $global:MySubscriptionName -ErrorAction Stop Get-AzureSubscription -SubscriptionName $global:MySubscriptionName Save-AzureRmContext -Path c:\temp\AzureLogin.jsonusing credentials
$ctx = Import-AzureRmContext -Path c:\temp\AzureLogin.json $ctx.Context.TokenCache.Deserialize($ctx.Context.TokenCache.CacheData) Select-AzureRmSubscription -SubscriptionName $global:MySubscriptionName Get-AzureAccount Select-AzureSubscription -SubscriptionName $global:MySubscriptionName ... New-AzureWebSite $projectName -Location $locationThe text was updated successfully, but these errors were encountered: