question

skiphofmann-5016 avatar image
0 Votes"
skiphofmann-5016 asked ChowdhuryHrishikeshonbehalfofMace-3990 commented

Automated powershell scripts modern authentication

Hello all

We have many powershell scripts that authenticate to O365 and Azure using an onprem service account. When Microsoft starts forcing modern auth, how do we configure are scripts to authenticate ?

azure-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

michev avatar image
0 Votes"
michev answered ChowdhuryHrishikeshonbehalfofMace-3990 commented

Which services exactly? Currently, pretty much only Azure AD tasks can be automated with Modern auth, every other O365 related script will either have to use basic auth, or to have a person manually interact with the modern auth prompt. Updates are coming, but currently no ETAs.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Michev,

I have same question. We have few powershell scripts that authenticate to O365 using an onprem service account and if we go to Azure sign in logs its coming under legacy authentication logs -- So if Basic auth is going to be retired on October 2022 hope this will be impacted ? Why I am asking because automated telemetry data regarding basic auth we are receiving from MS stating we are using Remote powershell that needs to be reviewed. Could you please suggest how to convert this to be used with Modern Auth ? Thanks

Below section describes the auth part of the script:


region USES ENCRYPTED CREDENTIALS FOR CONNECTION


$password= Get-Content "C:\Scripts\Scheduled scripts\Office 365\O365-RPS02.txt" | ConvertTo-SecureString
$userid='SAO365RPS02@**.com'
$cred=New-Object System.Management.Automation.PSCredential $userid,$password

region CREATES PSSESSION TO EXCHANGE ONLINE (Here you can see "Basic" is being used as auth method)



$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-liveid/" -Credential $cred -Authentication "Basic" -AllowRedirection
Import-PSSession $ExchangeSession -AllowClobber



Thanks in advance.

0 Votes 0 ·
skiphofmann-5016 avatar image
0 Votes"
skiphofmann-5016 answered

Hi Thanks again for the quick reply. These are all scripts that interact with Exchange online. How do we incorporate modern auth into our scripts ?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

skiphofmann-5016 avatar image
0 Votes"
skiphofmann-5016 answered michev commented

Sorry i know how to use modern auth for the powershell script. What i am trying to understand is how can the script be used for an automated task if MFA is being enforced ?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

You cannot, yet. The team is working on support for automated tasks, but the current version doesn't support it.

1 Vote 1 ·