Issue with authentication.ps1 file

Product: PowerShell Universal
Version: 2.6.2

Hey everyone. I was configuring forms based authentication with Active Directory, using this page https://docs.powershelluniversal.com/config/security. I’m running on a MSI install and the file I’m editing for this is C:\ProgramData\UniversalAutomation\Repository.universal\authentication.ps1.

Everything was working fine, so I decided it was time to work on securing the built in Admin account. I started making more changes to that part of the file, but nothing was working. I could still log in as Admin with any password. After a bit, I could no longer log in with my domain accounts. I reset the authentication.ps1 file back to defaults, but still nothing. I tried restarting services and bouncing the server, but by now I can’t even reach anything; no dashboards, no admin page, not even the log in page. Now I get a 500 error saying “This page isn’t working right now”.

The UD logs, in Debug mode, say …

2022-01-07 14:41:37.492 -06:00 [ERR] Connection id “0HMEI3OCC7SPP”, Request id “0HMEI3OCC7SPP:00000001”: An unhandled exception was thrown by the application.
System.Exception: No authentication providers defined. Please check authentication.ps1 for errors.
at Universal.Server.Services.MyAuthenticationSchemeProvider.GetDefaultScheme(SchemeType type) in D:\a\universal\universal\src\Universal.Server\Services\Authentication\AuthenticationSchemeProvider.cs:line 66
at Universal.Server.Services.MyAuthenticationSchemeProvider.GetDefaultAuthenticateSchemeAsync() in D:\a\universal\universal\src\Universal.Server\Services\Authentication\AuthenticationSchemeProvider.cs:line 75
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)

param(
    [PSCredential]$Credential
)

#
#   You can call whatever cmdlets you like to conduct authentication here.
#   Just make sure to return the $Result with the Success property set to $true
#

if ($Credential.UserName -eq 'Admin') 
{
    New-PSUAuthenticationResult -Success -UserName 'Admin'
}
else 
{
    New-PSUAuthenticationResult -ErrorMessage 'Bad username or password'
}

It’s complaining about the authentication.ps1 file, but it’s been reset back to default. I tried deleting and re-creating it, but no go and same error.

I’ve now effectively locked myself out of UD…LOL

Ideas?

NM…at some point I must have deleted the line with Set-PSUAuthenticationMethod from the file. Using the code examples from the Security page, and copy/pasting them were not working. This article explained that issue: Authentication.ps1 - convert to type "PowerShellUniversal.AuthenticationMethod" - #5 by adam

The documentation expects you to be editing the file from within the UD Admin page Settings \ Configurations. There you don’t work with that line. Working directly in the file, you need that line. LOL

Wrapping everything inside the script block of this command fixed it for me: Set-PSUAuthenticationMethod -ScriptBlock {}

To be honest, I’ve run into this problem before myself. I will figure out a way to make it more clear in the documentation.