Open
Description
Description
When setting-up Az to connect to a local environment like Azure Stack Hub, I am not able to sign-in interactively.
I have tried every variation of cloud parameters and configuration, disabling WAM and disabling the v2 login experience / flow, and it still fails.
Connect-AzAccount : InteractiveBrowserCredential authentication failed: Value cannot be null.
Parameter name: tenantId
Could not find tenant id for provided tenant domain '98b8267d-e97f-426e-8b3f-7956511fd63f'. Please ensure that the provided user is found
in the provided tenant domain.
Issue script & Debug output
PS C:\> $DebugPreference='Continue'
PS C:\> Connect-AzAccount -Environment 'Foo' -Tenant '98b8267d-e97f-426e-8b3f-7956511fd63f' -Verbose
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 1:55:16 AM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True]
.
DEBUG: 1:55:16 AM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 1:55:16 AM - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 1:55:16 AM - Using Autosave scope 'CurrentUser'
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [DefaultSubscriptionForLogin], Module = [], Cmdlet = []. Returning default value [].
VERBOSE: Performing the operation "log in" on target "User account in environment 'Foo'".
DEBUG: 1:55:16 AM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 1:55:16 AM - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 1:55:16 AM - Using Autosave scope 'CurrentUser'
Please select the account you want to login with.
DEBUG: 1:55:16 AM - [InteractiveUserAuthenticator] Calling InteractiveBrowserCredential.AuthenticateAsync with TenantId:'adfs', Scopes:'https
://management.domain/openid', AuthorityHost:'https://login.domain/adfs', RedirectUri:'http://localhost
:8405/'
DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.domain/openid ] ParentRequestId:
DEBUG: Executing interactive authentication workflow inline.
DEBUG: InteractiveBrowserCredential.Authenticate was unable to retrieve an access token. Scopes: [ https://management.domain/openid ] ParentRequestId: Exception: Azure.Identity.AuthenticationFailedException (0x80131500): InteractiveBrowserCredential authentication failed: Value cannot be null.
Parameter name: tenantId
---> System.ArgumentNullException (0x80004003): Value cannot be null.
Parameter name: tenantId
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [EnableErrorRecordsPersistence], Module = [], Cmdlet = []. Returning default value [False].
Connect-AzAccount : InteractiveBrowserCredential authentication failed: Value cannot be null.
Parameter name: tenantId
Could not find tenant id for provided tenant domain '98b8267d-e97f-426e-8b3f-7956511fd63f'. Please ensure that the provided user is found in the provided tenant domain.
At line:1 char:1
+ Connect-AzAccount -Environment 'Foo' -Tenant '98b8267d-e97f-426e ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Connect-AzAccount], ArgumentNullException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True]
.
DEBUG: 1:55:16 AM - [ConfigManager] Got [Off] from [LoginExperienceV2], Module = [], Cmdlet = [].
DEBUG: 1:55:16 AM - [ConfigManager] Got [False] from [EnableLoginByWam], Module = [], Cmdlet = [].
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.Accounts:4.0.0; CommandName: Connect-AzAccount; PSVersion: 5.1.20348.2031; IsSuccess: False; Duration: 00:0
0:00.4483324; SanitizeDuration: 00:00:00; Exception: InteractiveBrowserCredential authentication failed: Value cannot be null.
Parameter name: tenantId
Could not find tenant id for provided tenant domain '98b8267d-e97f-426e-8b3f-7956511fd63f'. Please ensure that the provided user is found in the provided tenant domain.;
DEBUG: 1:55:16 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 1:55:16 AM - ConnectAzureRmAccountCommand end processing.Environment data
PS C:\> $PSVersionTable
Name Value
---- -----
PSVersion 5.1.20348.2031
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.20348.2031
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1Module versions
PS C:\> Get-Module Az*
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Script 4.0.0 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault...}Error output
PS C:\> Resolve-AzError
DEBUG: 2:25:40 AM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:25:40 AM - ResolveError begin processing with ParameterSet 'AnyErrorParameterSet'.
DEBUG: 2:25:40 AM - using account id 'fb05dcc3-f65d-4f89-bc32-b1e0f8cd8378'...
DEBUG: 2:25:40 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:25:40 AM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
HistoryId: 20
Message : InteractiveBrowserCredential authentication failed: Value cannot be null.
Parameter name: tenantId
Could not find tenant id for provided tenant domain '98b8267d-e97f-426e-8b3f-7956511fd63f'. Please ensure that the provided user is found in the provided tenant domain.
StackTrace : at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantIdOrName, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation,
IOpenIDConfiguration openIDConfigDoc, Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation, String authScope, Boolean IsInteractiveContextSelectionEnabled)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass134_2.<ExecuteCmdlet>b__7()
at System.Threading.Tasks.Task`1.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass134_1.<ExecuteCmdlet>b__1(AzureRmProfile localProfile, RMProfileClient profileClient, String name)
at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action`3 setContextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception : System.ArgumentNullException
InvocationInfo : {Connect-AzAccount}
Line : Connect-AzAccount -Environment Foo -Tenant 98b8267d-e97f-426e-8b3f-7956511fd63f -Verbose
Position : At line:1 char:1
+ Connect-AzAccount -Environment Foo -Tenant 98b8267d-e97f-426e ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 20
DEBUG: 2:25:40 AM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
Message : InteractiveBrowserCredential authentication failed: Value cannot be null.
Parameter name: tenantId
StackTrace : at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage, Boolean isCredentialUnavailable)
at Azure.Identity.InteractiveBrowserCredential.<AuthenticateImplAsync>d__51.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.InteractiveBrowserCredential.<AuthenticateAsync>d__48.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.<GetAccessTokenAsync>d__34.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, String promptBehavior, Action`1 promptAction, IAzureTokenCache tokenCache,
String resourceId)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action`1 promptAction, String resourceId)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantIdOrName, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation,
IOpenIDConfiguration openIDConfigDoc, Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation, String authScope, Boolean IsInteractiveContextSelectionEnabled)
Exception : Azure.Identity.AuthenticationFailedException
InvocationInfo : {Connect-AzAccount}
Line : Connect-AzAccount -Environment Foo -Tenant 98b8267d-e97f-426e-8b3f-7956511fd63f -Verbose
Position : At line:1 char:1
+ Connect-AzAccount -Environment Foo -Tenant 98b8267d-e97f-426e ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 20
DEBUG: 2:25:40 AM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
Message : Value cannot be null.
Parameter name: tenantId
StackTrace : at Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder`1.WithTenantId(String tenantId)
at Azure.Identity.MsalPublicClient.<AcquireTokenInteractiveCoreAsync>d__15.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.MsalPublicClient.<AcquireTokenInteractiveAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.InteractiveBrowserCredential.<GetTokenViaBrowserLoginAsync>d__53.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.InteractiveBrowserCredential.<AuthenticateImplAsync>d__51.MoveNext()
Exception : System.ArgumentNullException
InvocationInfo : {Connect-AzAccount}
Line : Connect-AzAccount -Environment Foo -Tenant 98b8267d-e97f-426e-8b3f-7956511fd63f -Verbose
Position : At line:1 char:1
+ Connect-AzAccount -Environment Foo -Tenant 98b8267d-e97f-426e ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 20