Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The Known Issues of Az.Accounts 3.0.0 and Their Workarounds #25005

Open
msJinLei opened this issue May 28, 2024 · 7 comments
Open

The Known Issues of Az.Accounts 3.0.0 and Their Workarounds #25005

msJinLei opened this issue May 28, 2024 · 7 comments
Labels
Accounts Issues in Az.Accounts except authentication related Discuss

Comments

@msJinLei
Copy link
Contributor

msJinLei commented May 28, 2024
edited
Loading

1. The interactive login method cannot popup window for WAM (Fixed)

Report an error "User canceled authentication" Refer to AzureAD/microsoft-authentication-library-for-python#707

  • Workaround of Az.Accounts 3.0.0
Update-AzConfig -EnableLoginByWam $false

Note

Fixed in Az.Accounts 3.0.1

2. Azure PowerShell cmdlets are unable to run after login with DeviceCode and DeviceCode login methods will fail without -Tenant parameter (Mitigated)

  • Workaround of Az.Accounts 3.0.0
    • Login interactively with the same account on the same machine
    • If 1 is not applicable, disable WAM
Update-AzConfig -EnableLoginByWam $false

Note

Mitigated in Az.Accounts 3.0.1

Root cause

The root cause was found to be an issue with the cache of MSAL. See AzureAD/microsoft-authentication-library-for-dotnet#4786. We are going to integrate the fix into Az.Accounts soon #25618

3. Azure PowerShell cmdlets are unable to run after login with UserName+Password and UserName+Password login methods will fail without -Tenant parameter (Mitigated)

  • Workaround of Az.Accounts 3.0.0
    • Login interactively with the same account on the same machine
    • If 1 is not applicable, disable WAM
Update-AzConfig -EnableLoginByWam $false

Note

Mitigated in Az.Accounts 3.0.1

Root cause

UserName+Password cannot support WAM yet and we are requesting Azure.Identity to add the related interface Azure/azure-sdk-for-net#45439

4. WAM pop-up window to select an account is not easy to find

  • Workaround: minimize other windows to look for the pop-up window carefully

Root case

Fail to get the right console handle. See AzureAD/microsoft-authentication-library-for-dotnet#4887

5 WAM pop-up window doesn't display "Work and school account" option

  • Workaround
Update-AzConfig -EnableLoginByWam $false

Note

MSAL team is working on the issue see AzureAD/microsoft-authentication-library-for-dotnet#4797

6. The interactive login method cannot popup window for WAM in Window PowerShell ISE Console

  • Workaround
Update-AzConfig -EnableLoginByWam $false

Note

Reported to MSAL team, see AzureAD/microsoft-authentication-library-for-dotnet#4796
@msJinLei msJinLei added question The issue doesn't require a change to the product in order to be resolved. Most issues start as that needs-triage This is a new issue that needs to be triaged to the appropriate team. labels May 28, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label May 28, 2024
@msJinLei msJinLei pinned this issue May 28, 2024
@msJinLei msJinLei added Discuss Accounts Issues in Az.Accounts except authentication related and removed question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels May 28, 2024
@slavizh
Copy link

slavizh commented May 29, 2024

What about #25003?

@weyCC81
Copy link

weyCC81 commented May 29, 2024
edited
Loading

In ISE, on Windows 11 mine says the following, does this correlate?

# 12.0.0    Az
# 3.0.0     Az.Accounts
# 6.0.0     Az.KeyVault
Connect-AzAccount -Tenantid [TenantID] -Subscription [Subscription]
# > Connect-AzAccount : InteractiveBrowserCredential authentication failed: A window handle must be configured. See https://aka.ms/msal-net-wam#parent-window-handles 
# > Could not find tenant id for provided tenant domain '[TenantID]'. Please ensure that the provided user is found in the provided tenant domain.

@msJinLei
Copy link
Contributor Author

What about #25003?

Thanks for reporting the issue. I reply in it.

@msJinLei
Copy link
Contributor Author

msJinLei commented May 29, 2024
edited
Loading

In ISE, on Windows 11 mine says the following, does this correlate?

# 12.0.0    Az
# 3.0.0     Az.Accounts
# 6.0.0     Az.KeyVault
Connect-AzAccount -Tenantid [TenantID] -Subscription [Subscription]
# > Connect-AzAccount : InteractiveBrowserCredential authentication failed: A window handle must be configured. See https://aka.ms/msal-net-wam#parent-window-handles 
# > Could not find tenant id for provided tenant domain '[TenantID]'. Please ensure that the provided user is found in the provided tenant domain.

@weyCC81 Thanks for reporting the issue. I shall say yes

Please disable WAM to workaround it firstly

Update-AzConfig -EnableLoginByWam $false

This was referenced May 31, 2024
Closed
Closed
Closed
Open
@msJinLei
Copy link
Contributor Author

msJinLei commented Jun 4, 2024
edited
Loading

In ISE, on Windows 11 mine says the following, does this correlate?

# 12.0.0    Az
# 3.0.0     Az.Accounts
# 6.0.0     Az.KeyVault
Connect-AzAccount -Tenantid [TenantID] -Subscription [Subscription]
# > Connect-AzAccount : InteractiveBrowserCredential authentication failed: A window handle must be configured. See https://aka.ms/msal-net-wam#parent-window-handles 
# > Could not find tenant id for provided tenant domain '[TenantID]'. Please ensure that the provided user is found in the provided tenant domain.

@weyCC81 Yes, we have reported your issue to MSAL AzureAD/microsoft-authentication-library-for-dotnet#4796

@Snozzberries Snozzberries mentioned this issue Jun 21, 2024
Closed
@spongemike2
Copy link

I get the same issue whenever I run from an elevated console window. Running the:

Update-AzConfig -EnableLoginByWam $false

...command fixes it.

@Alex-wdy
Copy link
Contributor

Alex-wdy commented Jul 11, 2024
edited
Loading

We have solved the below issue in the latest version: Az.Accounts 3.0.1

  1. The interactive login method cannot popup window for WAM
    We are still working on other issues and will update the progress gradually.

@isra-fel isra-fel mentioned this issue Aug 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Accounts Issues in Az.Accounts except authentication related Discuss
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@slavizh @weyCC81 @spongemike2 @msJinLei @Alex-wdy