Endpoint working locally but not on IIS

Universal Dashboard
1

Hello,

I have an endpoint that works locally but not on IIS.
I use the same identification file for the Connect-MsolService command and the Active Directory commands for my other endpoints.
Locally everything works but on IIS there are only Active Directory commands that work.

Here is the code for my endpoint :

New-UDEndpoint -Endpoint {
try
{
    function Get-MsolLicenses
    {
        [CmdletBinding()]
        [OutputType([array])]
        param ()
        
        $MsolLicenses = Get-MsolAccountSku
        $MsolLicenses |
        Select-Object @{
            Name	   = "LicenseName";
            Expression = {
                if ($_.AccountSkuId -eq "company:SPE_E3")
                {
                    "Microsoft 365 E3"
                }
                elseif ($_.AccountSkuId -eq "company:SPE_E5")
                {
                    "Microsoft 365 E5"
                }
                elseif ($_.AccountSkuId -eq "company:EXCHANGESTANDARD")
                {
                    "Exchange Online ā€Ž(Plan 1)"
                }
                elseif ($_.AccountSkuId -eq "company:STANDARDPACK")
                {
                    "Office 365 Entreprise E1"
                }
                elseif ($_.AccountSkuId -eq "company:EMS")
                {
                    "Enterprise Mobility + Security E3"
                }
                elseif ($_.AccountSkuId -eq "company:EMSPREMIUM")
                {
                    "Enterprise Mobility + Security E5"
                }
                elseif ($_.AccountSkuId -eq "company:DESKLESSPACK")
                {
                    "Office 365 F1"
                }
                elseif ($_.AccountSkuId -eq "company:PROJECTPROFESSIONAL")
                {
                    "Microsoft Project"
                }
                elseif ($_.AccountSkuId -eq "company:VISIOCLIENT")
                {
                    "Microsoft Visio"
                }
                else
                {
                    $_.AccountSkuId
                }
            }
        },
                    @{
            Name	   = "AvailableUnits";
            Expression = { $_.ActiveUnits - $_.ConsumedUnits }
        },
        "ConsumedUnits", 
        "ActiveUnits" |
        Sort-Object "LicenseName"
    }

    $RemoteCredential = $Cache:ConnectionInfo.Credential
    Connect-MsolService -Credential $RemoteCredential -ErrorAction Stop
    $Cache:MsolLicenses = Get-MsolLicenses
}
catch
{
    $Error[0]
}
finally
{
    
}
} -Schedule (New-UDEndpointSchedule -Every 600 -Second)

Any ideas ?

2

Hi @bryce426
Do you have any logging enabled?

Enable-UDLogging -level Debug

Would be nice to know what is failing.

3

@bryce426

I donā€™t quite have it working, but here are a few observations that might lead you somewhere.

  1. Make sure you manually load your MSOnline module. (Import-Moduleā€¦)
  2. Iā€™m running my App Pool with a service account.
  3. Is the ID account youā€™re using configured for MFA? I had to create a special account in AzureAD that doesnā€™t use MFA to get other scripts to work in Powershell.

Iā€™m now getting this error when trying to run Connect-MSOLService from UD.

Could not load type ā€˜System.IdentityModel.Tokens.JwtSecurityTokenā€™ from assembly ā€˜System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35ā€™.

Iā€™ll try to play with it more later. Time for the morning meetings to start.

4

In case you havent seen it your problem is also mentioned here Could not load type when using connect-msolservice in an endpoint

1 Like
5

Ah yeah, forgot about that. I do remember reading that one now. Its probably why I hadnā€™t added this to my dashboard in the first placeā€¦ @bryce426 hadnā€™t mentioned the specific error, so maybe that will cover it.

Thanks!

1 Like
6

Thank you for all your quick and detailed answers :wink:

@eefisherv

  • manually load MSOnline module : YES
  • running App Pool with a service account : I just configured my user to have ā€˜logon as a serviceā€™ permissions but the problem remains the same
  • Is the ID account youā€™re using configured for MFA? : NO

@BoSen29 I tried to activate the logs but I quickly find myself with a 50MB file containing the same line: ā€œAutoReloader OnFileChanged - C: \ inetpub \ wwwroot \ log.txtā€ and (unless I am mistaken) nothing about the endpointā€¦
Iā€™m not a developer so Iā€™m not used to debugging. I entered the command ā€œEnable-UDLogging -Level Debug -FilePath .\log.txtā€ in dashboard.ps1.
Iā€™ll try again tomorrow.

@augustin.ziegler It seems to correspond to my problem but if I understand correctly there is no solution?

7

@bryce426 sorry but only knew that there is already an related issue ā€¦ it seams that there is no solution ā€¦ But maybe it will help to ask for an update in that forum thread ā€¦

8

Mapping related GitHub issue - https://github.com/ironmansoftware/universal-dashboard/issues/1356

9

@BoSen29 Here is the log file : https://www2.wesend.com/redirect?p=pxqjw94551

Edit: my endpoint is in the azure.ps1 file

1 Like