Powershell New-CsOnlineSession with AccessToken
Hello guys, I am trying to run 'New-CsOnlineSession' with -OAuthAccessToken parameter in a Powershell script. The oauth token comes from a WebApp that authenticates the user. This WebApp uses Microsoft Identity Platform so the user accepts our app to access user's resorces. The WebApp uses OAuth2 to communicate with Microsoft Identity Platform. This WebApp is registered in the Azure Portal. The problem is that I cannot create the session and the error is: "OAuthAccessToken has invalid audience" I've tried to use -OverrideAccessTokenResourceUri parameter too, in conjunction with OAuthAccessToken, but it doesn't allow the script to get a session. When I use New-CsOnlineSession with user/password, everything works fine, I can import the session and use the commands perfectly. Logs: VERBOSE: OAuthAccessToken is provided. VERBOSE: Determining domain to administer VERBOSE: AdminDomain = 'xxxxxxxx.onmicrosoft.com' VERBOSE: Discovering PowerShell endpoint URI VERBOSE: TargetUri = 'https://admin1e.online.lync.com/OcsPowershellOAuth' VERBOSE: AuthUri = 'https://login.windows.net/common/oauth2/authorize', ClientId = 7716031e-6f8b-45a4-b82b-922b1af0fbb4 VERBOSE: Validating authentication token. New-CsOnlineSession : OAuthAccessToken has invalid audience 00000003-0000-0000-c000-000000000000, expected https://admin1e.online.lync.com/OcsPowershellOAuth. At G:\server-8000.ps1:20 char:12 + $session = New-CsOnlineSession -OAuthAccessToken $token -Verbose -Deb ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,New-CsOnlineSession Thanks in advance for any help. Hernan
Assignment of default conferencing policies - Skype Powershell
I've been working a lot recently with both CSConferencingpolicy and CSExternalAccess to assign policies to my users rather than rely solely on the Skype admin portal. My question is related to how defaults policies are applied to new users. There are two of the default system policies that randomly seem to get applied for external access - NoFedarationAndPIC and FederationAndPICDefault. Does anyone know the criteria that decides which gets applied? In probably 95% of cases NoFederation is applied but I found 10 or so users this morning that had the Federation policy applied. We are strictly controlling our external federation by user groups so it's pretty important and currently I'm having to check each new user that's been created what policy has been applied.