Configuration Pre-Requisites, and Configurations for Converting Basic Authentication to Modern Authentication.
Pre-Requisites:
Install ExchangeOnlineManagement module as pre-requisites (This is completed on the GIG server)
- Install-Module -Name ExchangeOnlineManagement
- TLS Version 1.2 Minimum (https://learn.microsoft.com/en-us/microsoft-365/compliance/prepare-tls-1.2-in-office-365?view=o365-worldwide)
- Microsoft .NET Framework 4.5
- Windows Management Framework 4.0
- MSOnline PowerShell module 1.1.183.66
- ExchangeOnlineManagement PowerShell module 2.0.6
- Microsoft.Graph PowerShell module 1.15.0
Modern Authentication can be configured in two ways:
- Modern authentication with credentials
- Modern authentication using certificate
- To connect with basic or modern authentication using credentials, we will need the office 365 service account name and password.
- To connect with modern authentication using certificate, the extra connected system parameters needed are: private key (corresponding to the certificate), key file password and the registered application id.
For modern authentication to work, an exchange online management module needs to be installed in the identity and provisioning server as a prerequisite. The certificate should be uploaded in the registered application in Microsoft 365 azure portal. You will need its private key and password to configure the connected system using modern auth.
Power Shell Commands to create certificates
- To create self-signed certificate
$cert = New-SelfSignedCertificate -DnsName "fischerdemo.onmicrosoft.com" -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddYears(1) -KeySpec KeyExchange - To Export Pfx private certificate file ‘cert.pfx’ with password. This private key file is used in connected system configuration.
$cert | Export-PfxCertificate -FilePath cert.pfx -Password $(ConvertTo-SecureString -String "Password" -AsPlainText -Force) - To export the certificate file ‘cert.cer’. This certificate should be uploaded in the azure application.
$cert | Export-Certificate -FilePath cert.cer
Microsoft Office 365 Connected System Info
PowerShell System Info with credentials - Designer
Common Errors:
Install ExchangeOnlineManagement module as pre-requisites (This is completed on the GIG server) Is not installed on the GIG Server.
Microsoft updated ExchangeOnlineManagement to version 3.0.0. We have found issues that this version is not working, ensure that EschangeOnlineManagement version 2.0.6.
Fix Action: Install Powershell Module On GIG Server
Uncommon Errors:
- [Ofc365][PowerShell]: *** (1663864547): >>> Exception: Could not load file or assembly 'System.Net.Http, Version=4.2.0.0, Culture=neutral, PublicKeyToken=********* or one of its dependencies. The system cannot find the file specified.
Back ground:
The problem you're facing is related to Visual Studio, especially 2017 which is shipped withSystem.Net.Http v4.2.0.0. However, adopting the new way whereby any references should be done via NuGet, latest version ofSystem.Net.Httpwhich is 4.3.3 contains the dll version 4.1.1.2.
The problem is that VS at build time and at run time as well will ignore your reference and it will try to reference the DLL it knows about.
Fix Actions:
- make sure that any references to System.Net.Http are done via NuGet
- Build time errors:change extension of System.Net.Http.dll (or move it somewhere else...basically get rid of it) that is shipped with VS 2017 (
c:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\MSBuild\Microsoft\Microsoft.NET.Build.Extensions\net461\lib\); if you've got a different version then the path will slightly differ, not much though -
Runtime errors:add an assembly binding redirect
Currently a living Document for Agent Procedures and Customer Troubleshooting.
Updated Pre-Requisites 1/13/23
Comments
1 comment
Updated Pre-Requisites 1/13/23
Please sign in to leave a comment.