cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PowersHell and Basic authentication

Petri X
Bronze Contributor

‎Dec 13 2018 05:50 AM - last edited on ‎Feb 10 2023 02:26 PM by

‎Dec 13 2018 05:50 AM - last edited on ‎Feb 10 2023 02:26 PM by

PowersHell and Basic authentication

Hi there,

I have been trying to get the PowersHell connections to work to Office 365 and current results are:

(AD) Connect-AzureAD: Working

(Exchange) Connect-EXOPSSession: Not working (Basic authentication is currently disabled...)

(Skype) New-csOnlineConnection: Not working (Basic authentication is currently disabled...)

 

Question to you who might know this better: why AzureAD is working while others doesn't? Has AzureAD team done some fixes to their connection and Exchange/Skype team has not? Both of them are asking the MFA credentials, but when I have appoved the authentication request on my phone the error appears.

 

My connections are coming through the proxy and the MFA is enabled on the tenant.

12.2K Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Dec 13 2018 10:49 AM

‎Dec 13 2018 10:49 AM

Re: PowersHell and Basic authentication

Because Exchange and SfBO use "hacks" to connect. They are basically fetching the token via the ADAL controls, but still passing it using Basic authentication. I have some examples on how you can do this on my blog: https://www.michev.info/Blog/Post/1771/hacking-your-way-around-modern-authentication-and-the-powersh...

 

Bottom line is, they do need Basic authentication enabled in WinRM settings.

0 Likes
Reply
Tony Richards

‎May 16 2019 06:41 AM

‎May 16 2019 06:41 AM

Re: PowersHell and Basic authentication

@Vasil Michev"They are basically fetching the token via the ADAL controls, but still passing it using Basic authentication." Is this based on your own investigation or do you have a document that spells this out?

0 Likes
Reply
Vasil Michev

‎May 16 2019 08:33 AM

‎May 16 2019 08:33 AM

Re: PowersHell and Basic authentication

No need for a document, simply look at the way credentials are passed and the connection string.

 

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/PowerShell-LiveId?BasicAuthToOAuthConversion=true -Credential $Ctoken -Authentication Basic -AllowRedirection

0 Likes
Reply