Forum Discussion
PowerShell cannot connect with stored credential when legacy auth is disabled
If I disable legacy auth, I don't seem to be able to connect to SharePoint with stored credentials.
Connect-SPOService -Url <adminUrl>-Credential $UserCredential
The cmdlet above is not working anymore as soon as I enable the CA policy to disable legacy auth.
Error: Connect-SPOService : The sign-in name or password does not match one in the Microsoft account system.
However I can still login to AzureAD and Teams.
Using the -Credentials switch for the Connect-SPOService forces it to switch to legacy auth, thus you are getting blocked by the CA policy. You either need to use the interactive login, or configure client secret/cert if you want to do automation. Or exclude the account in question from the CA policy.
- I don't see how I can use a client cert with Connect-SPOService.
However I found a similar case and apparently it's possible to force modern auth with a registry key.
https://blogs.technet.microsoft.com/jasonross/2017/10/04/sharepoint-online-management-shell-forcing-modern-authentication/
I will try this soon. - OK, I see. And it seems to be the same for PnP PowerShell.
It's a bit of a shame, as it's working for Azure AD and Teams, I guess it could work for SharePoint too.
