hawk icon indicating copy to clipboard operation
hawk copied to clipboard
verified publisher icon T0pCyber

Connect-MGGraph error after executing Start-HawkTenantInvestigation

Open blueteamcoffee opened this issue 1 year ago • 10 comments

Describe the bug

  1. Manually installed
  • ExchangeOnlineManagement
  • AzureAD
  • Microsoft.Graph

  1. Successfully Connected to Azure via Connect-AzureAD

  2. Successfully connecte to EXO via Connect-ExchangeOnline

  3. Started investigation via Start-HawkTenantInvestigation --> error came up regarding Connect-MGGraph:

PS C:\temp> Start-HawkTenantInvestigation
Initializing Application Insights
Checking for latest version online
Found Version 3.1.0 Online
Latest Version Installed
Skipping Upgrade
Testing Graph Connection
Connecting to MGGraph using MGGraph Module
Connect-MGGraph : Could not load file or assembly 'file:///C:\Program
Files\WindowsPowerShell\Modules\ExchangeOnlineManagement\3.5.0\netFramework\Azure.Core.dll' or one of its
dependencies. The system cannot find the file specified.
At line:30 char:9
+         Connect-MGGraph -Scopes "User.Read.All","Directory.Read.All"
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Connect-MgGraph], FileNotFoundException
    + FullyQualifiedErrorId : Microsoft.Graph.PowerShell.Authentication.Cmdlets.ConnectMgGraph

Select-MgProfile : The term 'Select-MgProfile' is not recognized as the name of a cmdlet, function, script file, or
operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try
again.
At line:31 char:9
+         Select-MgProfile -Name "v1.0"
+         ~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Select-MgProfile:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Setting Up initial Hawk environment variable


        DISCLAIMER:
        [...]

        [...]

Do you agree with the above disclaimer?
[Y] Yes  [N] No  [?] Help (default is "Y"): y


Please provide an output directory: C:\temp\Hawk
Get-MGDomain : One or more errors occurred.
At line:81 char:9
+         [string]$TenantName = (Get-MGDomain | Where-Object {$_.isDefa ...
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-MgDomain_List], AggregateException
    + FullyQualifiedErrorId : System.AggregateException,Microsoft.Graph.PowerShell.Cmdlets.GetMgDomain_List

PS C:\temp>

To Reproduce Steps to reproduce the behavior: Repeat steps 1-4

Expected behavior Since the error is about a missing file, providing a dependency or additional module installation tip would be usefull.

Additional context Installed the modules not with install-module, but with install-psresource

blueteamcoffee avatar Jun 25 '24 09:06 blueteamcoffee

Could you update the instructions to using Microsoft.Graph? - I am also really struggling with this and have a few questions Right now my solution is to remove and reinstall all the modules each time I want to use Hawk :(

devallllll avatar Jun 25 '24 14:06 devallllll

HAWK only works with the below listed versions of the needed modules: MSOnline 1.1.183.66 (yes it's deprecated, but HAWK still fails without it) ExchangeOnlineManagement 3.4.0 (not sure if 3.5.0 works) AzureAD 2.0.2.180 Microsoft.Graph 1.28.0 (not sure if 1.29.0 works) RobustCloudCommand 2.1.0

If you require other versions of the above modules, then you'll need to import them as needed.

syne0 avatar Jun 25 '24 14:06 syne0

Thx, I will try the next days and report!

blueteamcoffee avatar Jun 26 '24 07:06 blueteamcoffee

It works now, thanks. Beneath the issue of the old(but right) versions there was also a client-side permissions-issue on my windows client.

blueteamcoffee avatar Jun 28 '24 11:06 blueteamcoffee

It works now, thanks. Beneath the issue of the old(but right) versions there was also a client-side permissions-issue on my windows client.

I think this is why I had to uninstall and reinstall all the components - I'm still messing with a PS deployment script

devallllll avatar Jun 28 '24 13:06 devallllll

image

I've verified I've got the correct versions installed.

But I keep getting the follow Warning/Errors:

image

Zoomed in on Errors: image image image

JPFish79 avatar Jul 12 '24 20:07 JPFish79

image

I've verified I've got the correct versions installed.

But I keep getting the follow Warning/Errors:

image

Zoomed in on Errors: image image image

For the error with Select-MgProfile the way I've found to fix it reliably is to comment out that line in the Test_GraphConnection.ps1 function directly in the module's code. It was used for switching between beta graph and the 1.0 release.

Do you have more than 1 version of graph installed, such as the beta ones?

syne0 avatar Jul 14 '24 04:07 syne0

I only have the v1.28.0 Graph installed. I'm still getting The Get-MGDomain error.

JPFish79 avatar Jul 15 '24 17:07 JPFish79

I only have the v1.28.0 Graph installed. I'm still getting The Get-MGDomain error.

Hi there, have you tried connecting to the Graph without using Hawk? Run Disconnect-MGraph and then reconnect with the scope "User.Read.All", "Directory.Read.All". I'm curious if you're having issues connecting. We do need to update the module and have that on the roadmap this summer.

T0pCyber avatar Jul 15 '24 18:07 T0pCyber

Connect with no problems.

JPFish79 avatar Jul 15 '24 19:07 JPFish79

We are consolidating this and other related issues under a new comprehensive ticket: Modernize Authentication in Hawk to Replace AzureAD with Microsoft Graph. This ticket addresses all outdated modules, cmdlets, and dependency problems, including Connect-MGGraph and Select-MgProfile. Please refer to the new ticket for updates and progress. Closing this issue as part of the modernization effort.

jonnybottles avatar Dec 01 '24 23:12 jonnybottles