Today, we are happy to announce the Public Preview of a Modern Auth unattended scripting option for use with Exchange Online PowerShell V2. This feature provides customers the ability to run non-inte...
Updated Jul 30, 2020
Version 6.0
Blog Post
As far as I can tell, Connect-ExchangeOnline does not support location of the certificate in anything other than the CurrentUser\My store, which is a major problem for any automated use of PowerShell. In particular, like other PowerShell CmdLets, you should be able to specify the path to the stored cert via, say, "cert:\LocalMachine\My\<thumbprint>". I'm still investigating whether it will just magically work if called from a service running under LocalSystem, but regardless, the overall lack of documentation on the new parameters is disappointing, which leads me to a brief rant...
What was Microsoft thinking by introducing this change to tenants without proper tools and documentation? Yes, the Modern Auth change has been pushed off to the end of next year due to COVID, but as an ISV (yes, Microsoft, there are still ISVs out there), I have to also be concerned about tenants that may have Modern Auth enabled by default, etc.
So, in effect, Modern Auth is production, but this feature is still in preview, and seemingly lacking in functionality.