Variable "ErrorActionPreference" always gets treated as Stop

PowerShell Universal
1

Hello,

It seems that no matter what I do, PowerShell Universal will keep treating the ErrorActionPreference as Stop rather than Continue. This is preventing me from running almost any script that has an error message I’m supposed to ignore. Even if I try to change the Error Action from Continue to something else, and then back to “Error Action”, it still will treat the Error Action as Continue. Trying the ‘Invoke-PSUScript’ does not result in it properly working either. Both the returned log object from that cmdlet and the $ErrorActionPreference variables both will say “Continue” if that’s selected.

The offending module that this error happens with is MSAL.PS. Here’s the full error message:

[error] The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Could not use the certificate for signing. See inner exception for details. Possible cause: this may be a known issue with apps build against .NET Desktop 4.6 or lower. Either target a higher version of .NET desktop - 4.6.1 and above, or use a different certificate type (non-CNG) or sign your own assertion as described at https://aka.ms/msal-net-signed-assertion.

I have found that (during successful executions) if the Error Action is set and treated as “Continue”, I would not run into an error.

I am using the PowerShell 5.1 environment, and the script is running as a non-default user. This situation occurs on both Microsoft Edge version 104.0.1293.63 and Chrome 104.0.5112.102. We are using the licensed version of PowerShell Universal.

Product: PowerShell Universal
Version: 3.1.6
2

I’m assuming you are setting the -ErrorAction on New-PSUScript (or via the script page) in the admin console?

This is the behavior I’m seeing.

Write-Error "Dang!"
Write-Host "Hi"

Script set to stop.

image

Script fails and does not execute the second line.

image
image789×336 11.4 KB

If I change it do Continue, then I see it print the error line and execute the second line. I also see that the script succeeds in PSU.

image

From my perspective, this is expected behavior but I’m curious as to the difference you are seeing.

3 
New-PSUScript -Name "TestGraphScript.ps1" -Description "idk" -Path "TestGraphScript.ps1" -Environment "Windows PowerShell 5.1" -MaxHistory 101 -Credential "Credential" -ErrorAction "Continue"

I added the ErrorAction to the New-PSUScript function and checked that the ErrorAction on the script settings is set to Continue (using the browser editor). However, I’m still running into the same error message. To be clear, I do not want the ErrorAction to be set as Stop - I need it to be set to “Continue” in order for the script/module to work properly.

image
image811×156 8.48 KB

The “Continue” that you see is the $ErrorActionPreference variable printed to the console.

4

That’s weird. I can kind of reproduce this if I set -ErrorAction on the cmdlet itself.

$ErrorActionPreference
Write-Error "Hi" -ErrorAction Continue
Write-Error "Hi" -ErrorAction Stop

image
image770×188 8.41 KB

I have to imagine you’re not doing that. Can you share what cmdlet or function you’re calling that is causing this error?

5

Sure! Here’s the basic structure of the script right now:

Import-Module MSAL.PS -ErrorAction 'Continue'
$TenantId = "00000000-0000-0000-0000-000000000000"
$ClientId = "00000000-0000-0000-0000-000000000000"
$ClientCert = Get-Item "Cert:\CurrentUser\my\0000000000000000000000000000000000000000"
$ErrorActionPreference
# It will be at this point the error message will appear.
$MSToken = Get-MsalToken -ClientId $ClientId -TenantId $TenantId -ClientCertificate $ClientCert
# The script will not reach this next step.
Connect-MgGraph -AccessToken $MSToken.AccessToken
6

It looks like this is due to Get-MsalToken using -ErrorAction Stop internally.

This snippet reproduces the issue:

$ErrorActionPreference
Write-Error "Hi" -ErrorAction Continue

function Test-Error {
    Write-Error "Hi" -ErrorAction Stop
}

Test-Error

You will have to catch the exception in order to ignore it.

$ErrorActionPreference
Write-Error "Hi" -ErrorAction Continue

function Test-Error {
    Write-Error "Hi" -ErrorAction Stop
}

try {
Test-Error
} catch {}