Azure Devops:值不能为空,参数令牌
[英]Azure Devops: value cannot be null, parameter token
问题描述
I am running an Azure Powershell task in Azure DevOps. 
我在Azure DevOps中运行Azure Powershell任务。 Inside the script I use the following command 在脚本中,我使用以下命令
Get-AzureRmADUser -UserPrincipalName $adusernameNewPermission
But my Release pipeline fails with following error code 但是我的发布管道失败,并显示以下错误代码
##[error]Value cannot be null.
Parameter name: token
First I thought that the command didn't have the right context or enough permission so I've added the defaultprofile. 首先,我认为该命令没有正确的上下文或足够的权限,因此我添加了默认配置文件。
Get-AzureRmADUser -DefaultProfile (Get-AzureRmContext) -UserPrincipalName $adusernameNewPermission
The GetAzureRmContext did go to the right context if I print the output of that command. 如果我打印该命令的输出,则GetAzureRmContext确实转到了正确的上下文。
The command itself didn't had any problem when running locally (with my own user account) So the only reason I think its heading is that the service connection doesn't have the right to perform that action. 该命令本身在本地运行时(使用我自己的用户帐户)没有任何问题,因此,我认为其标题的唯一原因是服务连接无权执行该操作。 But my user account has the least permissions on the tenant whilst the service connnection in azure devops has much more permissions. 但是,我的用户帐户对租户的权限最少,而天蓝色devops中的服务连接具有更多的权限。
It's driving me crazy where the problem lays with this one. 问题的根源让我发疯。 Which token does it mean ? 这是什么意思? No reasonable error message :( Does someone encounter the same problem or knows what I am missing ? 没有合理的错误消息:(有人遇到相同的问题,还是知道我缺少什么?
PS: the $adusernameNewPermission variable works like I said the exact same code runs perfectly on my local machine with the only difference being the user that is logged in. PS:$ adusernameNewPermission变量的工作方式就像我说的一样,完全相同的代码可以在本地计算机上完美运行,唯一的区别是登录的用户。
3 个解决方案
解决方案1
0 2019-09-10 14:35:55
Did you try using Get-azureaduser instead? 您是否尝试过使用Get-azureaduser? This is a command that requires the function to be authenticated against Azure AD. 这是一条命令,需要针对Azure AD对功能进行身份验证。
$azurePassword = ConvertTo-SecureString $env:client_secret -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($env:clientid , $azurePassword)
Connect-AzAccount -Credential $psCred -TenantId $env:tenantid -ServicePrincipal
解决方案2
0 2019-09-17 19:30:36
如果您正在使用“脚本文件路径”的脚本类型,请检查您是否没有尝试传递任何参数(例如-token)。
解决方案3
0 2019-09-23 01:29:05
I'd try 2 things to get back to basics. 我会尝试2件事来恢复基础。 This will let you know if it is actually the AzDO Service Principal or not and the type of object to use in the pipeline. 这将让您知道它是否实际上是AzDO服务主体,以及在管道中使用的对象类型。
- Test the functionality of the command in its simplest form and run it with the account as a string: 以最简单的形式测试命令的功能,并以帐户作为字符串运行它:
Get-AzureRmADUser -UserPrincipalName "achahbar@stankoverflow.com"
#OR
$UPN = "achahbar@stankoverflow.com"
Get-AzureRmADUser -UserPrincipalName $UPN
Assuming this works and depending on what your variable contains you simply need to pass the the UPN/Email object into the command: 假设这可行并且根据变量包含的内容,您只需要将UPN / Email对象传递到命令中:
Get-AzureRmADUser -UserPrincipalName $adusernameNewPermission.UPN
- If this doesn't work pdate your task to Version 4 (Preview) and update your commands to
Get-AzADUserand test step1.again如果这不起作用,请将您的任务更新为版本4(预览),然后将命令更新为Get-AzADUser并再次测试步骤1.。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.