question

RickAngel-4713 avatar image
0 Votes"
RickAngel-4713 asked RickAngel-4713 commented

Prompting for Azure credentials in PowerShell script

Several members of our IT team need to regularly connect to multiple Azure Government environments via PowerShell. We usually run this script.

Connect-AzureAD -AzureEnvironmentName AzureUSGovernment
Connect-ExchangeOnline -ExchangeEnvironmentName O365USGovGCCHigh
Connect-MsolService -AzureEnvironment AzureUSGovernmentCloud

However the script requires us to enter our admin credentials multiple times. How can I prompt for username and password at the beginning of the script then pass those credentials through the rest of the script? Thanks.

windows-server-powershell
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered RickAngel-4713 commented

Hi @RickAngel-4713 ,

you can try this please:

 $cred = Get-Credential
 Connect-AzureAD -AzureEnvironmentName AzureUSGovernment -Credential $cred
 Connect-ExchangeOnline -ExchangeEnvironmentName O365USGovGCCHigh -Credential $cred
 Connect-MsolService -AzureEnvironment AzureUSGovernmentCloud -Credential $cred


(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the reply.

I forgot to mention these accounts are using Microsoft MFA. When I run the mods you suggested I get this error "Connect-AzureAD : One or more errors occurred.: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor
authentication to access '00000002-0000-0000-c000-000000000000'."

Is there different syntax to pass through username and password but still prompt for MFA?

0 Votes 0 ·
AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered RickAngel-4713 commented

Hi @RickAngel-4713 ,

I've never tried this ... but maybe working with an Access Token will help:

https://blog.simonw.se/getting-an-access-token-for-azuread-using-powershell-and-device-login-flow/


(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I was not able to resolve with an access token. Still receive some errors.

I decided to leave the initial script to connect to Azure AD, Exchange Online, and MSOL in its original format which prompts three times for login. Then I removed the connection strings from the other scripts we use. So if our IT staff runs the initial script one time before running the other scripts they still have to respond to the three logins, but they do not need to respond each time they run the other scripts. Not ideal but still acceptable solution.

0 Votes 0 ·
RavindraShukla-2370 avatar image
0 Votes"
RavindraShukla-2370 answered

Hi @RickAngel-4713 ,

Did you manage to solve the issue with MFA prompt in powershell script?

If yes, could you share the solution? I am also facing the same.

 Invoke-RestMethod : {"error":"invalid_grant","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor         
 authentication to access '00000003-0000-0000-c000-000000000000'
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.