Forum Discussion
Authenticating to O365 using Powershell without MFA
Hi All,
We've got ADFS and SSO enabled without MFA for the Admins, strong authentication is enabled and when trying to connect via PowerShell was able to connect when try to give the credentials manually, however when tried to store the credentials and try to pass it was not authenticating.
When I tried to pass the credentials to string – “$cred=Get-credential” and “connect-msolservice -credential $cred”. It throws an authentication error
Is anyone else also facing with similar problem and have you had any fix found, please help.
PS C:\Users\system32> $cred=Get-Credential
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
Credential
PS C:\Users\system32> Connect-MsolService -Credential $cred
Connect-MsolService : Authentication Error: Unexpected authentication failure- At line: 1 char: 1
+ Connect-MsolService -Credential $cred
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) (Connect-MsolService:String), Exception
+ FullyQualifiedErrorId : System.Exception,Microsoft.Online.Administration.Automation.ConnectMsolService
- Hi All, I had managed to resolve the issue by having a cloud only admin account. We were trying to install a management tool and for that tool, it was looking for the O365 admin credentials, when provided it was failing, we have troubleshooted and found that when we run some powershell command lets we had an option to key in the credentials manually, however the tool page does not have an option to do the same, hence we had to bypass by giving the cloud only admin credentials and the tool installation was successful. Thanks to everyone for their support.
If you want to store credentials and avoid having to type username/password every time you run the script, do the following:
1. Run this line only once, to store encrypted password of "admin@yourdomain.com":
Read-Host -assecurestring | convertfrom-securestring | out-file C:\string.txt
2. Then put the following lines at the beginning of your script:
$password = Get-Content 'C:\string.txt' | ConvertTo-SecureString $username = "admin@yourdomain.com" $credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $password Connect-MsolService -Credential $credObject
well, storing encrypted password in C:\ isn't exposing anything to the internet, but yes, you could also store credentials in credential manager, with a name (let's say O365), install the module and import your credentials:
Install-Module -Name CredentialManager $Credentials = Get-StoredCredential -Target O365 Connect-msolService -Credential $Credentials
Here is a good example of connecting to Online
https://technet.microsoft.com/nl-be/library/fp161372.aspx
i think this helps you
And it seems you did not fill in any credentials or only a username instead of Username and password
