Powershell

Azure Runbook 無法連接 - “跨雲請求中不支持機密客戶端。”

  • May 21, 2021

我在Azure Gov 租戶中工作。我創建了一個 Azure 自動化帳戶,這樣我就可以在周末使用powershell runbook來縮減 Web 應用程序。我正在使用下面的程式碼來驗證以帳戶身份執行,但它失敗並顯示以下錯誤消息:“Cross Cloud 請求中不支持機密客戶端。”

$ConnectionName = "AzureRunAsConnection"

try
{
   
   # Get the connection "AzureRunAsConnection "
   $ServicePrincipalConnection = Get-AutomationConnection -Name $ConnectionName         

   # Logging into Azure
   Add-AzureRmAccount `
               -ServicePrincipal `
               -TenantId $ServicePrincipalConnection.TenantId `
               -ApplicationId $ServicePrincipalConnection.ApplicationId `
               -CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
               -EnvironmentName "AzureUSGovernment"
             

   Write-Output "Successfully logged in to Azure." 
} 
catch
{
   if (!$ServicePrincipalConnection)
   {
       $ErrorMessage = "Connection $ConnectionName not found."
       throw $ErrorMessage
   } 
   else
   {
       Write-Error -Message $_.Exception
       throw $_.Exception
   }

}

我嘗試對較新的 powershell 模組使用不同的身份驗證命令,但出現相同的錯誤

$connectionName = "AzureRunAsConnection"
$servicePrincipalConnection = Get-AutomationConnection -Name $connectionName

$logonAttempt = 0
$logonResult = $False

while(!($connectionResult) -And ($logonAttempt -le 10))
{
   $LogonAttempt++
   #Logging in to Azure...
   $connectionResult = Connect-AzAccount `
                          -ServicePrincipal `
                          -Tenant $servicePrincipalConnection.TenantId `
                          -ApplicationId $servicePrincipalConnection.ApplicationId `
                          -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint

   Start-Sleep -Seconds 30
}

有沒有人以前執行過這個問題並找到了解決方法?我迷路了,希望得到任何幫助/幫助。

這最終對我有用,最後添加**-Environment**參數解決了我的問題:

$ConnectionName = "AzureRunAsConnection"

try 
{
# Get the connection "AzureRunAsConnection "
$Conn = Get-AutomationConnection -Name $ConnectionName

# Logging into Azure
Connect-AzAccount -ServicePrincipal -Tenant $Conn.TenantID -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint -Environment AzureUSGovernment

Write-Output "Successfully logged in to Azure.

引用自:https://serverfault.com/questions/1064253