Forum Discussion
Connecting to multiple Microsoft services with the same session
Hi guys. Working on a script that needs to connect to ExchangeOnlineManagement, TeamsOnlineManagement, SharePointOnlineManagement.... The script will be used across many different tenants, and I also plan to make it publicly available, so 1) I don't really want to pre-configure some complicated key setup and 2) I don't really want to have login pop-ups over and over again... For ExchangeOnline, I learned (accidentally), if I do this:
$upn = Read-Host -Prompt "input yer wahawha"
Connect-ExchangeOnline -userprimaryname $upn
Connect-IPPSsession -userprimaryname $upnAnd login to MY tenant, I don't get prompted for login. I think likely because my device is Entra-joined, and it's using my Microsoft account.
But even if I use a different account, it will only prompt me once - reusing it for the other.
This is great, and exactly how I wanted things to flow - but now I'm trying to do Connect-SPOService (sharepoint) and Connect-MicrosoftTeams... and while both of these are part of the tenant, they don't take the -userprimaryname param - so I can specify to use the account I'm logged into my PC with.. The end-goal is to have this script run with minimal user input. I've SORT OF found a workaround for SharePoint, where I can get the SharePointSite from ExchangeOnline, then modify it a bit and use it as input for Connect-SPOService... but Teams, while it doesn't have the URL param requirement, DOES prompt me to login again.
Is there a way to use the existing session for either of these, like I've done with ExchangeOnline / IPPSSession?
We have MFA enabled, though not required from within our company network - but when I try to use Get-Credential, it errors me out because it wants MFA.
7 Replies
Maybe you want to incorporate the PowerShell Module M365PSProfile that keeps the M365 PowerShell Modules up to date
https://www.powershellgallery.com/packages/M365PSprofile/0.9.0
https://github.com/fabrisodotps1/M365PSProfile
Kind Regards
Andres
I've been having the same issue on my PC. Logging in with an application works fine though. The quick solution in your case would be to minimize all windows for the login window. It does not appear via alt + tab.
Hi underQualifried ,
I found this by chance this morning:
Connect to all Microsoft 365 Services using PowerShell
Maybe this leads you to a helpful solution.Hey underQualifried is there any update you've found?
BR Schnittlauch
Hey Schnittlauch unfortunately not. The -inlinecredential param doesn't seem to work, as we have MFA enabled. Fails on even Connect-ExchangeOnline. Preconfiguring a cert won't work, as I'd need to configure 50+ certs. Somewhere, I found if I used the -showprogress param it might work, but even doing this -
PS C:\Users\me> Connect-ExchangeOnline -ShowProgress $true | Connect-SPOService https://my-admin.sharepoint.com
(or as tow separate commands with ;) will only will only connect me to exchange
PS C:\Users\me Get-SPOSite
Connect-SPOService: No valid OAuth 2.0 authentication session existscan't seem to use the existing session I have for ExchangeOnline, for SPO.
I've been trying to figure out the Graph PowerShell module to see if THAT would allow me to complete ALL of these tasks - but idk if that's even possible, and that's a whole new Barrel of learning.
First of all: The Parameter "userprimaryname" doesn't exist in the EXO Module.
Secondly, I can reproduze this error. My device is entra joined.
When logging in with my Office user logged in on this device, i can SSO into Azure Module and EXO Module.
When trieing the same way with my Entra Global admin, i get prompted to log in twice. No idea why.
If you want to achieve automatically Logon, you can take a look at the "-InlineCredential" Param (Only working in PS7, see docs)
or instantly work with certs
references:
hey Schnittlauch - my apologies, the param is "userprincipalname" not userprimaryname. But yes, when I try to login with anything other than my personal account, i'll get prompted to login for both Connect-ExchangeOnline and Connect-IPPSsession - but NOT if I supply the username I'm going to log in to first, and run that as a parameter to both. I'm assuming because i specify the upn, it just reuses the session from the single login.
Though I don't really understand Entra / certificates 100%, I don't think they'd work for my use case - requiring pre-configuration eliminates the reusability. My goal is to have the script require as little config as possible.
I will check out that param, thank you!
