Forum Discussion
Deleted
Mar 19, 2021Not applicable
401 Error using PnP PowerShell in Azure Runbooks
Trying to get PnP PowerShell cmdlets to work within an Azure Runbook with modern authentication (no username/password).
I tried registering an Azure AD app and a Service Principal (Run as account) from the automation account that hosts the Runbook. Both use a certificate thumbprint and authorization itself doesn't throw an error. Here's the code I'm using:
$connection = Get-AutomationConnection –Name "AzureRunAsConnection"
$tenant = '[tenant].onmicrosoft.com'
$url = 'https://[tenant].sharepoint.com/sites/test'
Connect-PnPOnline -Url $url –Thumbprint $connection.CertificateThumbprint –ClientId $connection.ApplicationID -Tenant $tenant
For every PnP cmdlet this throws the following error.
Get-PnPTenantSite : The remote server returned an error: (401) Unauthorized.
At line:7 char:1
+ Get-PnPTenantSite
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-PnPTenantSite], WebException
+ FullyQualifiedErrorId : System.Net.WebException,PnP.PowerShell.Commands.GetTenantSite
I have also updated the cmdlets from SharePointPnPPowerShellOnline to the newest PnP.PowerShell.
Furthermore, the Azure app and service principal are members of the SharePoint administrators group.
When I attempt to reproduce the issue on a local machine I get the same 401 error.
Any ideas?
Thanks!
- Hi,
I have recent presented at the Scottish summit an example of setting this up in Azure Automation using certificates: https://youtu.be/8qsnhfSilic?t=1234 (i've skipped the intro parts gone straight to the demo)
Hope this helps.
Paul
3 Replies
- TomTVDLCopper ContributorHi,
were you able to find a fix for the problem?
I have the same issue, when trying to authenticate with certificates, authentication doesn't throw any error, but any action afterwards does. The same 401 error as yourself.
I'm certain it's not a matter of the app registration not having enough permissions, since when I use a different authentication method, everything goes fine.- Hi,
I have recent presented at the Scottish summit an example of setting this up in Azure Automation using certificates: https://youtu.be/8qsnhfSilic?t=1234 (i've skipped the intro parts gone straight to the demo)
Hope this helps.
Paul
- Hi, I am not tried that approach before, but I created a sample in the PnP.PowerShell for setting up with Azure Automation with certificates as an alternative approach: https://github.com/pnp/powershell/tree/dev/samples/Connect.AzureAutomation
Of course, pls post here if you find the answer, interested in learning new approaches