SOLVED

Cannot login using ServicePrincipal: Application was not found in the directory

Copper Contributor

I'm trying to set up an automation script that allows me to start up and shut down virtual machines in Azure without any user input. I've created an application registration (Web app / API) in Azure AD and in Subscriptions I've assigned the Virtual Machine Contributor role.

 

The application ID is: a8faf7f8-a0c2-4c03-8989-0a2d32915cd9

The tenant ID is: 696c6a65-a325-4af4-bfc4-f67a88425e4b

 

I have assigned a credential to the ServicePrincipal:

New-AzureRmADSpCredential -ServicePrincipalName https://mydomain.com/0f7b7873-2354-48ad-9ee4-9e6cfefd04d4 -Password "mypassword"

I try to log in as follows:

 

 

$applicationid ="a8faf7f8-a0c2-4c03-8989-0a2d32915cd9"
$principalPassword = ConvertTo-SecureString "mypassword" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($applicationid, $principalPassword)
Login-AzureRmAccount -Credential $psCred -ServicePrincipal -TenantId 696c6a65-a325-4af4-bfc4-f67a88425e4b

 

But when I do, I get the following error message: Login-AzureRmAccount : AADSTS70001: Application with identifier '8faf7f8-a0c2-4c03-8989-0a2d32915cd9' was not found in the directory 696c6a65-a325-4af4-bfc4-f67a88425e4b

I am 100% sure that both the Application ID and Tenant ID are correct. What am I doing wrong?

6 Replies

Hello Roy,

 

When you set the credential was it successful?

 

New-AzureRmADSpCredential -ServicePrincipalName https://mydomain.com/0f7b7873-2354-48ad-9ee4-9e6cfefd04d4 -Password "mypassword"

 

Hi Hannel,

 

It did not show any error message when issuing that command. 

best response confirmed by Roy Hochstenbach (Copper Contributor)
Solution

I got an error on the password, below was successful for me

20180118-110343.png

 

 

 

$principalPassword = ConvertTo-SecureString "mypassword123" -AsPlainText -Force
New-AzureRmADSpCredential -ServicePrincipalName https://domain.com/xxxxxxxxxxxxx -Password $principalPassword 

$applicationid ="d35a3b69-98f8-4dbb-abf8-1660ed11fadd"
$psCred = New-Object System.Management.Automation.PSCredential($applicationid, $principalPassword)

Add-AzureRmAccount -Credential $psCred -ServicePrincipal -TenantId 6f0ebec4-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx

 

I'm getting the following error message: 

Add-AzureRmAccount : AADSTS50001: The application named https://login.microsoftonline.com/696c6a65-a325-4af4-bfc4-f67a88425e4b/ was not found in the tenant named 696c6a65-a325-4af4-bfc4-f67a88425e4b. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

 

I've triple checked that I'm using the correct application ID, principle name and tenant ID.

Not sure what's going on, can you send a screenshot of the process like I did?

 

Don't forget to block out tenant and application if they are in production.

 

Also you can get/confirm you tenant name from the Active Directory section.

 

2018-01-18 13_46_03.png

 

 

I just figured out what was causing this. I was using the Linux version of Powershell which was causing this error message. Your instructions did work on the Windows Powershell. Thanks! :)

1 best response

Accepted Solutions
best response confirmed by Roy Hochstenbach (Copper Contributor)
Solution

I got an error on the password, below was successful for me

20180118-110343.png

 

 

 

$principalPassword = ConvertTo-SecureString "mypassword123" -AsPlainText -Force
New-AzureRmADSpCredential -ServicePrincipalName https://domain.com/xxxxxxxxxxxxx -Password $principalPassword 

$applicationid ="d35a3b69-98f8-4dbb-abf8-1660ed11fadd"
$psCred = New-Object System.Management.Automation.PSCredential($applicationid, $principalPassword)

Add-AzureRmAccount -Credential $psCred -ServicePrincipal -TenantId 6f0ebec4-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx

 

View solution in original post