Mar 19 2021 02:50 AM - edited Mar 19 2021 03:59 AM
Mar 19 2021 02:50 AM - edited Mar 19 2021 03:59 AM
Trying to get PnP PowerShell cmdlets to work within an Azure Runbook with modern authentication (no username/password).
I tried registering an Azure AD app and a Service Principal (Run as account) from the automation account that hosts the Runbook. Both use a certificate thumbprint and authorization itself doesn't throw an error. Here's the code I'm using:
$connection = Get-AutomationConnection –Name "AzureRunAsConnection"
$tenant = '[tenant].onmicrosoft.com'
$url = 'https://[tenant].sharepoint.com/sites/test'
Connect-PnPOnline -Url $url –Thumbprint $connection.CertificateThumbprint –ClientId $connection.ApplicationID -Tenant $tenant
For every PnP cmdlet this throws the following error.
Get-PnPTenantSite : The remote server returned an error: (401) Unauthorized.
At line:7 char:1
+ Get-PnPTenantSite
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-PnPTenantSite], WebException
+ FullyQualifiedErrorId : System.Net.WebException,PnP.PowerShell.Commands.GetTenantSite
I have also updated the cmdlets from SharePointPnPPowerShellOnline to the newest PnP.PowerShell.
Furthermore, the Azure app and service principal are members of the SharePoint administrators group.
When I attempt to reproduce the issue on a local machine I get the same 401 error.
Any ideas?
Thanks!
Mar 25 2021 02:12 PM
Apr 20 2021 01:39 AM
Apr 20 2021 01:54 AM
SolutionApr 20 2021 01:54 AM
Solution