我正在尝试执行一段Azure脚本来检查用户对象是否从内部AD同步到Azure,如下所示。
用户名遵循UPN的模式。例如:john.Smith@ed.com
//Check Azure to see if user is synced to office 365
private static bool IsAccountSyncedToOffice365(string username)
{
StringBuilder cmd = CreateAzureConnectScript();
//cmd.AppendLine("Get-MsolUser -UserPrincipalName " + username + " -ErrorAction SilentlyContinue");
cmd.AppendLine("$global:res = \"false\"");
cmd.AppendLine("$global:user = \"false\"");
cmd.AppendLine("try{ if(($global:user=Get-MsolUser -UserPrincipalName " + username + " -ErrorAction Stop).ImmutableId -ne $null) { $global:res = \"true\"} } Catch { $global:errorMessage = $_.Exception.Message}");
try
{
Collection<PSObject> results;
string output, error, errorMessageAzureCnn = "";
do
{
results = null;
output = "";
error = "";
var rs = CreateAzureRunspace();
var pipe = rs.CreatePipeline();
pipe.Commands.AddScript(cmd.ToString());
results = pipe.Invoke();
output = (rs.SessionStateProxy.PSVariable.GetValue("res")) != null ? rs.SessionStateProxy.PSVariable.GetValue("res").ToString() : "false";
error = (rs.SessionStateProxy.PSVariable.GetValue("errorMessage")) != null ? rs.SessionStateProxy.PSVariable.GetValue("errorMessage").ToString() : "null";
errorMessageAzureCnn = (rs.SessionStateProxy.PSVariable.GetValue("errorMessageAzureCnn")) != null ? rs.SessionStateProxy.PSVariable.GetValue("errorMessageAzureCnn").ToString() : "null";
ExceptionManager.Publish(new Exception("LOG: Queried Azure at:" + DateTime.Now + " for user:" + username + " Result: " + output + " Error: " + error + " errorMessageAzureCnn: " + errorMessageAzureCnn));
Thread.Sleep(60000); //sleep for 60 seconds
pipe.Dispose();
rs.Close();
rs.Dispose();
} while (output.Trim().ToLower() != "true");
ExceptionManager.Publish(new Exception("LOG: " + username + " is found synced to Azure at: " + DateTime.Now));
cmd.Clear();
return true;
}
catch (Exception ex)
{
ExceptionManager.Publish(new Exception("Error checking Azure to see if the user is synced to office 365 or not.. " + ex.Message));
throw ex;
}
}
private static StringBuilder CreateAzureConnectScript()
{
StringBuilder ss = new StringBuilder();
MSCredential cred = new MSCredential();
var username = cred.username;
var pwd = cred.password;
try
{
ss.AppendLine("try {");
ss.AppendLine("$password = ConvertTo-SecureString \"" + pwd + "\" -AsPlainText –Force");
ss.AppendLine("$credential = New-Object System.Management.Automation.PsCredential(\"" + username + "\",$password)");
ss.AppendLine("$cred = Get-Credential -cred $credential");
ss.AppendLine("Import-Module MSOnline");
ss.AppendLine("Start-Sleep -s 10");
ss.AppendLine("Connect-Msolservice -cred $cred");
ss.AppendLine("} Catch { $global:errorMessageAzureCnn = $_.Exception.Message }");
//ExceptionManager.Publish(new Exception("LOG:pwd: " + pwd + " uname:" + username));
return ss;
}
catch (Exception ex)
{
ExceptionManager.Publish(new Exception("Error enabling the remote mailbox.. " + ex.Message));
throw ex;
}
}
虽然脚本在安装了所有最新版本模块的同一台服务器上通过Powershell Window成功执行。当尝试从C#代码执行相同的命令时,它会抛出从powershell异常处理$global:errorMessage = $_.Exception.Message收集的以下异常。
显示详细信息例外(0):[]日志:查询Azure:7/30/2015 12:00:55 PM用户:testuser0385@xxx.com结果:false错误:You must call the Connect-MsolService cmdlet before calling any other cmdlets。 errorMessageAzureCnn:null
值得一提的是,我在一台服务器上使用了相同的代码,但它在生产服务器(Windows Server 2008 R2 Datacenter)上抛出了以下错误,并且只通过它正在发生的代码。通过powershell窗口它可以很好地工作。
很高兴知道您对错误或需要调查的看法。
谢谢!
答案 0 :(得分:0)
它表明登录失败了,但无论如何你都在继续使用Get-MsolUser。如果Connect-MsolService cmdlet无法与Microsoft Online Services登录助手通信,则会失败。参考:https://community.office365.com/en-us/f/156/t/252201
生产服务器是否已安装所有先决条件:Microsoft Online Services登录助手和.NET 3.5?我们在生产(Azure PAAS)中遇到问题,其中客户操作系统映像自动更新并且缺少.NET 3.5,这破坏了我们的Azure AD PowerShell进程。