Mar 15 2018 09:24 PM - edited Mar 15 2018 09:28 PM
I need to schedule a task to run this script below. I am able to run the below script when I am logged on the server, however when I schedule this as a task to run as "Run whether the user is logged on or not", it fails.
The script
***********************************************************************
#To record the ps session
Start-Transcript -path c:\temp\PSSession.txt
# Import the Exchange Online module
cd C:\Users\<username>\AppData\Local\Apps\2.0\<GUID>\<GUID>\micr..tion_c8rrr8aa06b0c4a9_0010.0000_48a5c30b19dd2125
Import-Module .\CreateExoPSSession.ps1
# Write output after the exchange online module imported
Write-Output "Importing Module completed"
#Connect to Exchange Online
Connect-EXOPSSession -UserPrincipalName user@domain.com
#Write an output when connected to exchange online
Write-Output "Connecting to Exchange Online completed"
#Exp
Get-UMMailbox <username> | Export-Csv c:\temp\UM_Mailbox.csv
"
************************************************************************
The error I see in the transcript file is;
-------------------------------------------------------------------------
PS>TerminatingError(New-ExoPSSession): "Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application."
>> TerminatingError(New-ExoPSSession): "Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application."
>> TerminatingError(New-ExoPSSession): "Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application."
>> TerminatingError(New-ExoPSSession): "Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application."
Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application.
New-ExoPSSession : Showing a modal dialog box or form when the application is not running in UserInteractive mode is
not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a
service application.
--------------------------------------------------------------------------
I have tried a workaround here,
1. Schedule the script to "Run only when user is logged on"
2. Disconnect or lock the server session
Does anyone has any ideas how we can schedule the script without having to leave the server session open?
Mar 15 2018 11:20 PM
Using the -UserPrincipalName parameter will force the ADAL dialog to show, which is only possible in interactive sessions as the error message suggests. Even if you configure the session as interactive, someone will have to actually enter the credentials before the script completes. Instead, I would suggest you use the -Credential parameter and combine it with one of the methods to securely store credentials for reuse with PowerShell, for example this: https://practical365.com/blog/saving-credentials-for-office-365-powershell-scripts-and-scheduled-tas...
Mar 20 2018 09:21 PM
Thanks Vasil. However as I understand, -Userprincipalname is a mandatory parameter, i cannot skip it. I have tried using
# Enter credential in format user@domain.com
$cred = Get-Credential
Connect-EXOPSSession -Credential $cred
But this fails
New-ExoPSSession : user_realm_discovery_failed: User realm discovery failed
Mar 21 2018 01:19 AM
It's not mandatory anymore, make sure you update your ExO module.
Mar 27 2018 08:57 PM
I went to Office 365 exchange admin center => hybrid
For exchange online powershell module, clicked on configure
then opened the shortcut to Microsoft Exchange Online Powershell Module from desktop
typed the following;
$cred = Get-credential ( Entered credential in the format user@domain.com)
Connect-EXOPSSession -Credential $cred
New-ExoPSSession : wstrust_endpoint_not_found: WS-Trust endpoint not found in metadata document
At C:\Users\<username>\AppData\Local\Apps\2.0\XOB1V3KL.06M\82LDHNN9.8KN\micr..tion_a8dgft24shidhnb0c4a7_0010.0000_46a3c55dd9dd5128\CreateExoP
SSession.ps1:187 char:22
+ ... PSSession = New-ExoPSSession -UserPrincipalName $UserPrincipalName -C ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-ExoPSSession], AdalException
+ FullyQualifiedErrorId : Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException,Microsoft.Exchange.Management.ExoPowershe
llSnapin.NewExoPSSession
Mar 27 2018 11:31 PM
That error indicates an issue on MS side, best open a support case. The module works just fine with -Credentials:
Feb 10 2019 05:17 AM - edited Feb 10 2019 05:18 AM
-Credential only works if you don't have MFA enabled. For those that do, this is what happens:
>Connect-EXOPSSession -credential (Get-Credential user@tenant.onmicrosoft.com)
New-ExoPSSession : AADSTS50076: Due to a configuration change made by your administrator, or
because you moved to a new location, you must use multi-factor authentication to access
'00000002-0000-0ff1-ce00-000000000000'.
Trace ID: 0447ae7b-0eb7-458a-b479-c73b66af5700
Correlation ID: 5a85f56a-8468-4ca3-9739-95496153e12a
Timestamp: 2019-02-10 13:16:30Z
At C:\Users\jerem\AppData\Local\Apps\2.0\BRCQW4A8.VAY\HBOMCBME.APA\micr..tion_1975b8453054a2b5_0010
.0000_10d85008035862c6\CreateExoPSSession.ps1:292 char:30
+ ... PSSession = New-ExoPSSession -UserPrincipalName $UserPrincipalName.Va ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-ExoPSSession], AdalServiceException
+ FullyQualifiedErrorId : Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException
,Microsoft.Exchange.Management.ExoPowershellSnapin.NewExoPSSession
Mar 27 2019 02:34 PM
I got the same error message when I tried to connect with an MFA enabled account. Is the only solution to run (powershell) scheduled task using an account without MFA enabled.
Mar 27 2019 03:13 PM
@Damon Villar Yup, that's correct. I don't think you'll find a way to supply the credentials in your script and then say, have your phone with you while you're out and about so you can approve it in the Authenticator app. That would be kind of cool though.
Sep 23 2019 07:48 AM
Looks I'm running into the same issue.When I execute the powershell scripts which includes Connect-EXOPSSession works fine but when same script scheduled through Task Scheduler is not able to proceed further after Connect-EXOPSSession.It simply says
Task Scheduler successfully completed task "" , instance "{3}" , action "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" with return code 2147942401.
Jul 04 2020 09:14 AM
Microsoft has released EXO V2 preview module for non-interactive PowerShell scripts using Modern authentication/MFA.
https://o365reports.com/2020/07/04/modern-auth-and-unattended-scripts-in-exchange-online-powershell-...