azure-powershell icon indicating copy to clipboard operation
azure-powershell copied to clipboard

Published 20 hours ago verified publisher icon Azure

The Known Issues of Az.Accounts 3.0.0 and Their Workarounds

Open msJinLei opened this issue 8 months ago • 9 comments

1. The interactive login method cannot popup window for WAM (Fixed)

Report an error "User canceled authentication" Refer to https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/707

  • Workaround of Az.Accounts 3.0.0
Update-AzConfig -EnableLoginByWam $false

[!NOTE] Fixed in Az.Accounts 3.0.1

2. Azure PowerShell cmdlets are unable to run after login with DeviceCode and DeviceCode login methods will fail without -Tenant parameter (Mitigated)

  • Workaround of Az.Accounts 3.0.0
    • Login interactively with the same account on the same machine
    • If 1 is not applicable, disable WAM
Update-AzConfig -EnableLoginByWam $false

[!NOTE] Mitigated in Az.Accounts 3.0.1

Root cause

The root cause was found to be an issue with the cache of MSAL. See https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4786. We are going to integrate the fix into Az.Accounts soon https://github.com/Azure/azure-powershell/pull/25618

3. Azure PowerShell cmdlets are unable to run after login with UserName+Password and UserName+Password login methods will fail without -Tenant parameter (Mitigated)

  • Workaround of Az.Accounts 3.0.0
    • Login interactively with the same account on the same machine
    • If 1 is not applicable, disable WAM
Update-AzConfig -EnableLoginByWam $false

[!NOTE] Mitigated in Az.Accounts 3.0.1

Root cause

UserName+Password cannot support WAM yet and we are requesting Azure.Identity to add the related interface https://github.com/Azure/azure-sdk-for-net/issues/45439

4. WAM pop-up window to select an account is not easy to find

  • Workaround: minimize other windows to look for the pop-up window carefully

Root case

Fail to get the right console handle. See https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4887

5 WAM pop-up window doesn't display "Work and school account" option

  • Workaround
Update-AzConfig -EnableLoginByWam $false

[!NOTE] MSAL team is working on the issue see https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4797

6. The interactive login method cannot popup window for WAM in Window PowerShell ISE Console

  • Workaround
Update-AzConfig -EnableLoginByWam $false

[!NOTE] Reported to MSAL team, see https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4796

7. The ExportAzSshConfig and EnterAzVMCommand from Az.Ssh are not able to use when WAM is enabled.

  • Workaround
Update-AzConfig -EnableLoginByWam $false
  • Related issue of MSAL.Net https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4909

msJinLei avatar May 28 '24 07:05 msJinLei