以前,我曾使用以下BAT文件将PowerShell连接到Windows Azure Active Directory和Exchange Online:
@echo off
Powershell -noexit -Command "& {
$Credentials = Get-Credential;
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -Authentication Basic -ConnectionUri https://ps.outlook.com/powershell -AllowRedirection:$true -Credential $Credentials;
Import-PSSession $Session;
Import-Module MSOnline;
Connect-MsolService -Credential $Credentials;
}"
直到我们在全局管理员帐户上启用了MFA / TFA,然后导致上述BAT文件失败并出现以下错误:
New-PSSession : [ps.outlook.com] Connecting to remote server ps.outlook.com failed with the following error message :
[ClientAccessServer=VI1PR0701CA0070,BackEndServer=amspr03mb326.eurprd03.prod.outlook.com,RequestId=f875eba9-7066-45df-9d59-67f9daf8b210,TimeStamp=9/7/2017 7:57:14 AM] Access Denied For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:66
+ ... $Session = New-PSSession -ConfigurationName Microsoft.Exchange -Auth ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
Import-PSSession : Cannot validate argument on parameter 'Session'. The argument is null. Provide a valid value for the argument, and then try running the command again.
At line:1 char:256
+ ... ion:$true -Credential $Credentials; Import-PSSession $Session; Import ...
+ ~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Import-PSSession], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.ImportPSSessionCommand
Connect-MsolService : Authentication Error: Authentication cancelled by user.
At line:1 char:290
+ ... Import-Module MSOnline; Connect-MsolService -Credential $Credentials}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [Connect-MsolService], Exception
+ FullyQualifiedErrorId : System.Exception,Microsoft.Online.Administration.Automation.ConnectMsolService
根据微软的TechNet文章"Connect to Exchange Online PowerShell using multi-factor authentication",我需要(仅使用Microsoft网络浏览器,不能少)安装“[Microsoft] Exchange Online [远程] PowerShell模块”。
我已经这样做并确认我现在可以使用启用了MFA / TFA的管理员帐户将PowerShell连接到Exchange Online。
但是,我想将新的PowerShell模块合并到我原来的BAT文件中,但我不确定它是否可行,因为:
Microsoft Exchange Online Powershell Module是APPREF-MS / ClickOnce文件,似乎未指向任何本地文件。Get-Module –ListAvailable不会输出包含EXOP的任何内容。 有人可以提供建议吗?
更新2017/09/08 10:10 :
I:
%localAppData%\Apps\2.0\。%localAppData%\Apps\2.0\的文件夹*.ps1。C:\Users\%userName%\AppData\Local\Apps\2.0\N8Z7NPYM.QVD\BL0EGO2J.G5A\micr..tion_51a5b647dacf4059_0010.0000_5d32306b9385c20a\CreateExoPSSession.ps1。C:\Users\%userName%\AppData\Local\Apps\2.0\N8Z7NPYM.QVD\BL0EGO2J.G5A\micr..tion_51a5b647dacf4059_0010.0000_5d32306b9385c20a\CreateExoPSSession.ps1文件Connect-EXOPSSession。找到行:
$ExoPowershellModule = "Microsoft.Exchange.Management.ExoPowershellModule.dll";
$ModulePath = [System.IO.Path]::Combine($PSScriptRoot, $ExoPowershellModule);
$global:ConnectionUri = $ConnectionUri;
$global:AzureADAuthorizationEndpointUri = $AzureADAuthorizationEndpointUri;
$global:UserPrincipalName = $UserPrincipalName;
$global:PSSessionOption = $PSSessionOption;
Import-Module $ModulePath;
$PSSession = New-ExoPSSession -UserPrincipalName $UserPrincipalName -ConnectionUri $ConnectionUri -AzureADAuthorizationEndpointUri $AzureADAuthorizationEndpointUri -PSSessionOption $PSSessionOption
if ($PSSession -ne $null)
{
Import-PSSession $PSSession -AllowClobber
UpdateImplicitRemotingHandler
}
%localAppData%\Apps\2.0\的文件夹microsoft.exchange.management.exopowershellmodule.dll。C:\Users\%userName%\AppData\Local\Apps\2.0\N8Z7NPYM.QVD\BL0EGO2J.G5A\micr..tion_51a5b647dacf4059_0010.0000_5d32306b9385c20a\Microsoft.Exchange.Management.ExoPowershellModule.dll。C:\Users\%userName%\AppData\Local\Apps\2.0\N8Z7NPYM.QVD\BL0EGO2J.G5A\micr..tion_51a5b647dacf4059_0010.0000_5d32306b9385c20a中的所有文件复制到文件夹C:\windows\system32\WindowsPowerShell\v1.0\modules\Exo。已执行的命令:
Import-Module "C:\windows\system32\WindowsPowerShell\v1.0\modules\Exo\Microsoft.Exchange.Management.ExoPowershellModule.dll"
New-ExoPSSession
通过MFA进行身份验证。
发现PowerShell输出了以下内容:
Id Name ComputerName ComputerType State ConfigurationName Availability
-- ---- ------------ ------------ ----- ----------------- ------------
1 WinRM1 outlook.offi... RemoteMachine Opened Microsoft.Exchange Available
发现Get-Mailbox和Get-InboxRule等命令失败并出现以下错误:
%cmdlet% : The term '%cmdlet%' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ %cmdlet%
+ ~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (%cmdlet%:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
所以,我们到了某个地方。
答案 0 :(得分:1)
我一直想做同样的事情,所以遇到this link。只需在正常的PowerShell窗口中运行以下两个命令,即可连接到Exchange Online(已启用MFA):
$CreateEXOPSSession = (Get-ChildItem -Path $env:userprofile -Filter CreateExoPSSession.ps1 -Recurse -ErrorAction SilentlyContinue -Force | Select -Last 1).DirectoryName
. "$CreateEXOPSSession\CreateExoPSSession.ps1"
然后我可以使用
进行连接Connect-EXOPSSession
答案 1 :(得分:1)
您可以使用Exchange Online PowerShell V2模块来代替导入Exchange Online PowerShell模块。
当前,我正在使用EXO V2模块。您可以直接从PowerShell库安装模块。
Install-Module ExchangeOnlineManagement
您可以使用以下cmdlet连接到Exchange Online PowerShell。
Connect-ExchangeOnline
有关更多信息:Connect to Exchange Online PowerShell using EXO V2 module
答案 2 :(得分:0)
我通过以下方式解决了这个问题;
从第7步开始:我根本没有复制文件。我把他们留在了原地。没有理由他们在复制后不能工作,但我经常重建这台机器,所以想减少步骤。
我的步骤8:在ISE中(在我的情况下,目录名称如下)
tell application "Preview"
open theFile
end tell
现在,没有理由认为这应该起作用,因为它不是一个合适的模块,但现在已经存在了一段时间。
我无法发布图片,因为我没有代表但只需说出当你使用" connect - "时,列表中的前两个是AzureAD和EXOPSSession。