Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Ask questions about creating Graphical User Interfaces (GUI) in PowerShell and using WinForms controls.
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 2 years and 10 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
NicovanderStok
Posts: 2
Last visit: Thu Jul 14, 2022 4:35 am

Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by NicovanderStok »

Exchange Online has changed, and all the other posts on this topic seem to be outdated.
They are either about the V1 module (with import-pssesion) or about connect-msol (which is O365, NOT exchange online)
We need Connect-ExchangeOnline to work from GUI applications.
When running this command in a normal powershell or powershell_ise window, it brings up a browsed based MFA-capable logon prompt.
When running thie command from PowerShell Studio 2021 or a GUI application deployed with it, it just hangs.
I tried the -UseMultiTreading parameter with $true and $false and it did not make any difference, neither did changing STA mode to on or off. This logon prompt box just doesn't come (i've checked if its behind any other windows, it isn't)

I'm really struggling to make a GUI that can perform some operations on exchange online.

I can make a logon box show up by executing powershell.exe -command "&{connect-exchangeonline}" which isn't helpful since I need to connection from the session of the gui itself. I tried dot-sourcing a .ps1 from the gui script (instead of calling powershell.exe) but that doesn't help. problem seems to be in the powershell engine used by powershell studio. compiling different types of .exe appiclications does not seem to fix it.

there is no crash or error, the application just hangs when the connect-exchangeonline command is executed until killed.

Product version 2021 5.8.187
OS version Windows Server 2019
PSVersionTable version 5.1.17763.1
User avatar
Alexander Riedel
Posts: 8478
Last visit: Tue Mar 26, 2024 8:52 am
Answers: 19
Been upvoted: 37 times

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by Alexander Riedel »

It can be simply an incompatible threading model, which you would need to ask Microsoft about. I am assuming some type of module is involved here, but you didn't specify.
Another very common reason for hanging processes accessing remote locations are remoting permissions, firewalls, elevation etc.
Check your system logs if you find any clues there.
Alexander Riedel
SAPIEN Technologies, Inc.
Tony67
Posts: 5
Last visit: Wed Mar 24, 2021 6:28 pm

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by Tony67 »

I'm looking at the exact same issue.
I'm trying to write a GUI for user creation that is required to check the Exchange Online instance to confirm the email address availability. I cannot seem to use the V2 cmdlets (ExchangeOnlineManagement module from PSGallery).

I can use the old methods of providing the ConnectionURI and username/password. This is using BASIC AUTHENTICATION which MS will be disabling soon (2021/2022 ??).

I found a method which may help NicovanderStok - it doesn't use the EXO cmdlets but does use MODERN AUTH

I tried to add some code here but was denied because I haven't posted more than 5 times - how ridiculous !!


All that said, my issue is trying to use the EXO cmdlets from within a GUI. The normal logon process is

Code: Select all

Connect-ExchangeOnline -userprincipalname <upn>
which then prompts with the MFA enabled browser. This does not occur through a GUI.

I tried to use certificate based authentication. This involves creating an AzureAD app with required permissions and assigning a certificate to it. I can then use

Code: Select all

Connect-ExchangeOnline -CertificateFilepath <certFilePath> -CertificatePassword <certPassword> -AppID <appID> -Org <org>
from within a Powershell shell or ISE with no issues. Through the GUI it just seems to hang.
User avatar
Alexander Riedel
Posts: 8478
Last visit: Tue Mar 26, 2024 8:52 am
Answers: 19
Been upvoted: 37 times

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by Alexander Riedel »

"I tried to add some code here but was denied because I haven't posted more than 5 times - how ridiculous !!"
Sorry if you find that ridiculous. We don't like staying up all hours of the night removing SPAM posts, so unfortunately that is necessary.

Try to create the connection BEFORE the form is created. It is possible that you cannot do that from an event handler.
Alexander Riedel
SAPIEN Technologies, Inc.
ipetronik
Posts: 1
Last visit: Mon Apr 12, 2021 3:02 am

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by ipetronik »

Alexander Riedel wrote: Wed Mar 24, 2021 3:49 pm "I tried to add some code here but was denied because I haven't posted more than 5 times - how ridiculous !!"
Sorry if you find that ridiculous. We don't like staying up all hours of the night removing SPAM posts, so unfortunately that is necessary.

Try to create the connection BEFORE the form is created. It is possible that you cannot do that from an event handler.
Hello,

i was facing the same issue and creating the connection BEFORE the form is created indeed solved this problem.

Thanks for the hint ;)
User avatar
escott0699
Posts: 25
Last visit: Thu Jan 12, 2023 7:52 am

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by escott0699 »

I am running into a similar issue but my user is not MFA enabled. When running Connect-ExchangeOnline -Credential $MSOLCred the script just hangs loading the online connection. I've tried moving the connection to just about everywhere i can think of but no matter what the entire GUI is frozen once it reaches that line of code.
User avatar
njkaepp7
Posts: 5
Last visit: Thu Aug 05, 2021 10:54 am

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by njkaepp7 »

I have run into this problem as well. I think I have narrowed it down to what is causing it and a few solutions.

It seems to be related to 2.0.4 version of the ExchangeOnlineManagement module and the placement of the Connect-ExchangeOnline cmdlet in the script, and Windows PowerShell 5.1. I have found that using 2.0.3 or earlier does not have this problem. With 2.0.4, here is some simple code to test/confirm the problem:

Add-Type -AssemblyName System.Windows.Forms
$FormMain = New-Object System.Windows.Forms.Form
Connect-ExchangeOnline

The problem is the "Add-Type" cmdlet. If you call this before the Connect-ExchangeOnline cmdlet, the problem will happen (in 2.0.4). If you call Connect-ExchangeOnline before any and all Add-Type cmdlets, then it will work.

If you use PowerShell 7.x, then it also works.

So my suggestions are to use 2.0.3 (but then you use any new benefits of newer module releases) or re-order your code to make sure you authenticate first and then use the Add-Type cmdlets. Or switch to PowerShell 7.x.

Hope this helps.
NK
User avatar
njkaepp7
Posts: 5
Last visit: Thu Aug 05, 2021 10:54 am

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by njkaepp7 »

Oops, sorry I meant to say the "New-Object" cmdlet, not the "Add-Type" cmdlet. If you try to authenticate after using the "New-Object" cmdlet, in Windows PowerShell 5.1 and 2.0.4 version of the module is when it fails.

So make sure you authenticate first before using New-Object.
NK
User avatar
michaelroach
Posts: 1
Last visit: Tue Feb 13, 2024 11:48 am

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by michaelroach »

How do you put the Authentication before the Form Load?

I managed to get it to Prompt for the account with PowerShell 7 and it tells me to close the window after it authenticates, but then my form never loads.

I cannot for the life of me get the Connect-ExchangeOnline to work.. Its a simple gui that admin enters users email address to set quotas, LRH, and run simple reports that exports to CSV. Worked all fine until the new version and Connect-ExchangeOnlineShell wouldnt work anymore either..
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Connect-ExchangeOnline doesn't bring up MFA Capable browser based logonbox when executed from PowerShell Studio GUI

Post by jvierra »

Any code outside of any event will execute before the form is created. Normally I put code like that at the top of the edit pane before the form load event but it can be placed anywhere outside of and event code. The code entered will be executed in a top-down way in the order it is declared in the file. All variables created at that level will be script scope variables.

You can also use a form project and initialize all code from "globals" which executes before any form function is called.
This topic is 2 years and 10 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked