Forum Discussion
401 Error using PnP PowerShell in Azure Runbooks
Trying to get PnP PowerShell cmdlets to work within an Azure Runbook with modern authentication (no username/password).
I tried registering an Azure AD app and a Service Principal (Run as account) from the automation account that hosts the Runbook. Both use a certificate thumbprint and authorization itself doesn't throw an error. Here's the code I'm using:
$connection = Get-AutomationConnection –Name "AzureRunAsConnection"
$tenant = '[tenant].onmicrosoft.com'
$url = 'https://[tenant].sharepoint.com/sites/test'
Connect-PnPOnline -Url $url –Thumbprint $connection.CertificateThumbprint –ClientId $connection.ApplicationID -Tenant $tenant
For every PnP cmdlet this throws the following error.
Get-PnPTenantSite : The remote server returned an error: (401) Unauthorized.
At line:7 char:1
+ Get-PnPTenantSite
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-PnPTenantSite], WebException
+ FullyQualifiedErrorId : System.Net.WebException,PnP.PowerShell.Commands.GetTenantSite
I have also updated the cmdlets from SharePointPnPPowerShellOnline to the newest PnP.PowerShell.
Furthermore, the Azure app and service principal are members of the SharePoint administrators group.
When I attempt to reproduce the issue on a local machine I get the same 401 error.
Any ideas?
Thanks!
- Hi,
I have recent presented at the Scottish summit an example of setting this up in Azure Automation using certificates: https://youtu.be/8qsnhfSilic?t=1234 (i've skipped the intro parts gone straight to the demo)
Hope this helps.
Paul
3 Replies
- Hi,
were you able to find a fix for the problem?
I have the same issue, when trying to authenticate with certificates, authentication doesn't throw any error, but any action afterwards does. The same 401 error as yourself.
I'm certain it's not a matter of the app registration not having enough permissions, since when I use a different authentication method, everything goes fine.- Hi,
I have recent presented at the Scottish summit an example of setting this up in Azure Automation using certificates: https://youtu.be/8qsnhfSilic?t=1234 (i've skipped the intro parts gone straight to the demo)
Hope this helps.
Paul
- Hi, I am not tried that approach before, but I created a sample in the PnP.PowerShell for setting up with Azure Automation with certificates as an alternative approach: https://github.com/pnp/powershell/tree/dev/samples/Connect.AzureAutomation
Of course, pls post here if you find the answer, interested in learning new approaches
