<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00005tIeR5SAKOkta Classic EngineOkta Integration NetworkAnswered2024-04-15T09:37:10.000Z2019-01-17T21:37:50.000Z2019-05-09T05:37:35.000Z

00u4hbtfuEzfS17zJ3561.542229149395067E12 (Qorvo Inc.) asked a question.

January 17, 2019 at 9:37 PM
Passing Office 365 powershell credentials to Connect-MsolService

I have a few automated tasks that connect to Office 365 via a service account in powershell. Prior to federating Office365 with Okta, we were using ADFS and were able to connect to Office365 via powershell with no issues. Now on certain workstations, I'm able to connect to the server (Connect-Msolservice -credential $mycredentials but on others, that same command with the same credentials fails.

 

The error that is thrown is:

OperationStopped: (:) [Connect-MsolService], HttpRequestException

 

If I run the command as Connect-MsolService without the credential switch, I will get a browser window that directs me to Okta to sign in. That works correctly no matter which server I do this from. This is problematic for automated scripts since they need to run unattended without prompts. I'm drawing a blank in my Google Searches and was hoping someone in the Okta community has come across this before and know what I need to do to resolve it.

  • 2 answers
  • 4.32K views

  • 00u4hbtfuEzfS17zJ3561.542229149395067E12 (Qorvo Inc.)

    I finally figured it out (had to step away from the problem).

    The issue was due to the TLS version the server was running the automated scripts on. The powershell sessions were using an unsupported version of TLS/SSL (I believe it was SSL)

     

    I need to correct the servers cipher suite order, but for a temporary fix, I have added the .NET accelerator to force a TLS version for that powershell session.

    The .NET accelerator I added was this line:

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

     

    This sets the Powershell Session to use TLS 1.2 which is the currently highest level of TLS Powershell v5.0 supports (at least to my knowledge at the time of this posting).

    Expand Post

  • a2rgs (a2rgs)

    Hi Bill,

     

    THANK YOU SO MUCH!!! For posting the solution, you're one of those really cool people who does that on the internet =) My company's termination script that was handed down to me wasn't removing licenses nor really interacting via the MSONLINE module and this work around will be helpful until we can finish upgrading the rest of the servers.

     

    I'm kind of new to this, but if you have a moment can you expand a bit on what you mean by your server's cipher suite order, my initial impression that you mean the ciphers the server uses to authenticate and the order it choses, and this is ADFS server?

     

    Seriously, thank you again for following up and posting the solution

     

    Darien

    Expand Post
This question is closed.
Loading
Passing Office 365 powershell credentials to Connect-MsolService