Automate Connect-AzureAD Powershell script

Question

I have created a script using PowerShell that connects to AzureAD that should automatically connect to AzureAD. Below is my script.

$TenantId = ""
$SecFile = "C:\Azure-AD\Password.txt"
$SecUser = "C:\Azure-AD\UserName.txt"
$MyCredential = New-Object -TypeName System.Management.Automation.PSCredential  -ArgumentList $SecUser,
 (Get-Content $SecFile | ConvertTo-SecureString)

Connect-AzureAD -TenantId $TenantId-credential $MyCredential

I am using the following line to generate to encrypt my password

(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\AzureAD\Password.txt"

When i run my script i get the following error:

PS C:\Azure-AD> .\Azure-Connect.ps1
Connect-AzureAD : One or more errors occurred.:
At C:\BackupTableau\Azure-AD\Azure-Connect.ps1:10 char:1
+ Connect-AzureAD -TenantId $TenantId -credential $MyCredential
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : AuthenticationError: (:) [Connect-AzureAD], AadAuthenticationFailedException
    + FullyQualifiedErrorId : Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

Connect-AzureAD: One or more errors occurred.
At C:\Azure-AD\Azure-Connect.ps1:10 char:1
+ Connect-AzureAD -TenantId $TenantId -credential $MyCredential
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : AuthenticationError: (:) [Connect-AzureAD], AggregateException
    + FullyQualifiedErrorId : Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

Connect-AzureAD :
At C:\Azure-AD\Azure-Connect.ps1:10 char:1
+ Connect-AzureAD -TenantId $TenantId -credential $MyCredential
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : AuthenticationError: (:) [Connect-AzureAD], AdalServiceException
    + FullyQualifiedErrorId : Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

Connect-AzureAD : Response status code does not indicate success: 404 (NotFound).
At C:\Azure-AD\Azure-Connect.ps1:10 char:1
+ Connect-AzureAD -TenantId $TenantId -credential $MyCredential
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : AuthenticationError: (:) [Connect-AzureAD], HttpRequestException
    + FullyQualifiedErrorId : Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

Connect-AzureAD : : Unknown error
At C:\Azure-AD\Azure-Connect.ps1:10 char:1
+ Connect-AzureAD -TenantId $TenantId -credential $MyCredential
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : AuthenticationError: (:) [Connect-AzureAD], AdalException
    + FullyQualifiedErrorId : Connect-AzureAD,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

Connect-AzureAD : One or more errors occurred.:
At C:\Azure-AD\Azure-Connect.ps1:10 char:1
+ Connect-AzureAD -TenantId $TenantId -credential $MyCredential
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Connect-AzureAD], AadAuthenticationFailedException
    + FullyQualifiedErrorId : Microsoft.Open.Azure.AD.CommonLibrary.AadAuthenticationFailedException,Microsoft.Open.Azure.AD.CommonLibrary.ConnectAzureAD

Any solutions on how I can fix the error to make the script run successfully?

Answer 1

Your script, as (initially) written, uses (Get-Content $secFile ...) to retrieve the password from the password files, but merely passes $secUser as the user name, which will just be the filename which contains your user.

Try using (Get-Content $secUser) to get the value of the username from the file.

I think that will help you. Beyond, that, could I interest you in the relatively new modules Microsoft.Powershell.SecretManagement , and Microsoft.Powershell.SecretStore , which allow you to more securely store your credentials without needing to store them as plaintext in files - I use these modules pretty routinely to store personal access tokens that I use in Azure DevOps REST APIs, for example.