Setting up Authentication

Good afternoon All,

I am working on getting Authentication and authorization set up. I have been attempting to follow the documentation concerning setting up either windows AUTH or OIDC to AAD. I created a custom AppSettings.Json file in c:\ProgramData\PowerShellUniversal. Initially i had set up the OIDC JSON, but was having trouble getting that to work (I would only ever have the form auth and not an Azure prompt), so I figured that I would give Windows Auth a try. I have pre-created the AD groups that will be used in the claims portion, as well as installed Windows Auth for IIS and enabled it on the site. Here is what the snippet looks like:

{
  
  "Windows": {
    "Enabled": "true"
  }
  
}

After saving the file, i went back into the Authentication section under security, and I only see form auth (not sure if i should see windows appear hear, but seems logical that it would):

the same was true when I tried OIDC. Another thing that is weird is i get a large number of the pop-up s for Windows Auth (maybe 5-10). Clicking “ok” does nothing, and ultimately need to click cancel for however many popups there were before it kicks me back to the form auth. I was just wondering if there is there another step to the process that I could be missing? I appreciate any insight that you guys might have!

Thanks,

Evan Costa

Product: PowerShell Universal via IIS
Version: 2.2.1

Unfortunately, the authentication page in the admin console doesn’t show anything but forms auth (I know…weird). I’ll likely get that into the October release to make that make more sense.

How are you hosting PSU? IIS or Windows Service?

Hey Adam, thank you for your quick reply! that makes me feel better at least! I am running PSU in IIS. Please let me know if you have any questions!

IIS can always be a bit finicky.

For Windows Auth, make sure you have the web.config set correctly: Security - PowerShell Universal

For OIDC, you may need to disable Windows Auth in IIS and enable anonymous authentication.

Hey Adam,

Thank you for your suggestion! I did miss some of the flags for windows auth. I was still having issues with OIDC, but I suspect my internal firewall might be causing some issues there. thanks again for the help!

1 Like