+2Hi ,
im getting error when trying to create an exchange online client , stopping at creating the azure app. It used to work on earlier versions , i’m now at Version: 11.20.64
from log :
looks like an error in the powershell script
Is it an known issue with this version ?
Best answer by Mike Struening RETIRED
Sharing the solution here. Great point by point work here!
Finding Details:
Webserver had issues in accessing the portal.azure.com
Solution:
- On session, we did check readiness and it was taking a long time
- Checked the logs and found the below error
GetGraphServiceClient - Graph request failed with error code %d Forbidden
- We did log in to ExchangeAdmincenter and confirmed the service account is a member of “ExchangeOnlineBackupRoleGroup” role group
-From the Azure portal, we confirmed the APP ID has the appropriate permissions
-From the command center we tried to authorize the APP ID and it got failed with the below error:
Sorry, but we’re having trouble signing you in
- Tried to access the below url from the webserver and it got failed
https://portal.azure.com
-Informed customer to allow the URL https://portal.azure.com on web server
-After allowing the URL we are able to access the azure portal from the webserver
-Did check readiness on the client and it got failed with the below error
Azure Application Permission code timeout
-From the web-server we tried to fetch the App information and it failed
-We installed the webserver role on the access node and confirmed we are able to fetch the APP info
-Tried to discover the mailbox but it got failed
-Checked the logs and found the below error
AssignGroupOwners::Failed to initialize AssignGroupOwners
-We created the new APP ID and assigned the appropriate permissions
-Updated the new APP ID to agent properties
-Tried to discover the Mailbox and it got discovered successfully
Hello,
Taking a look at the logging provided, can you provide more of the logging (wrap text maybe or copy and paste to the forms here) around what this full line reads?
PowerShell script returned error: 'System.Management.Automation.Internal.ObjectReader', 'Object reference not set to an instance of an object.
Curious if that is all that is returned in that exception or if there is more to it.
+2sure
09/01 13:09:10 ### ### runPowerShellScript - PowerShell script returned error: 'System.Management.Automation.Internal.ObjectReader', 'One or more errors occurred.: Object reference not set to an instance of an object.', 'One or more errors occurred.', 'Object reference not set to an instance of an object.'
5064 39 09/01 13:09:10 ### ### doLogin - Connect-AzureAd Script response[False]
5064 39 09/01 13:09:10 ### ### doLogin - Exchange PS Session [False] AzureAD Session[False]
5064 39 09/01 13:09:10 ### ### doLogin - AzureAD Session Error[One or more errors occurred.: Object reference not set to an instance of an object.]
5064 39 09/01 13:09:10 ### ### doLogin - Login Status[NotLoggedIn] Attempt[1]
7908 4 09/01 13:09:44 4 _+_PublicSharingUser_ - Processing POST request : /CommServ/GlobalParams : Headers :[Content-Type=application/xml][Accept-Encoding=gzip,deflate][Expect=100-continue][Host=127.0.0.1:81][Content-Length=310][LookupNames=false][FormatOutput=false][SkipOldJsonConverter=true][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:54466] : Parameters : (empty) : AdditionalInfo[ClientIP[127.0.0.1] ConsoleType[WebConsole] Operation[CV.WebServer.Controllers.CommserveController.GetGlobalParams (CVWebControllerCommserve)] Username[_+_PublicSharingUser_]]
7908 4 09/01 13:09:44 4 _+_PublicSharingUser_ Invoke - POST /CommServ/GlobalParams : HTTP code 'OK'
7908 114 09/01 13:10:04 114 _+_PublicSharingUser_ - Processing POST request : /CommServ/GlobalParams : Headers :[Content-Type=application/xml][Expect=100-continue][Host=127.0.0.1:81][Content-Length=333][LookupNames=false][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:54466] : Parameters : (empty) : AdditionalInfo[ClientIP[127.0.0.1] ConsoleType[WebConsole] Operation[CV.WebServer.Controllers.CommserveController.GetGlobalParams (CVWebControllerCommserve)] Username[_+_PublicSharingUser_]]
7908 114 09/01 13:10:04 114 _+_PublicSharingUser_ Invoke - POST /CommServ/GlobalParams : HTTP code 'OK'
5064 39 09/01 13:11:14 ### ### runPowerShellScript - PowerShell script returned error: 'System.Management.Automation.Internal.ObjectReader', 'One or more errors occurred.: Object reference not set to an instance of an object.', 'One or more errors occurred.', 'Object reference not set to an instance of an object.'
5064 39 09/01 13:11:14 ### ### doLogin - Connect-AzureAd Script response[False]
5064 39 09/01 13:11:14 ### ### doLogin - Exchange PS Session [False] AzureAD Session[False]
5064 39 09/01 13:11:14 ### ### doLogin - AzureAD Session Error[One or more errors occurred.: Object reference not set to an instance of an object.]
5064 39 09/01 13:11:14 ### ### doLogin - Login Status[NotLoggedIn] Attempt[2]
7908 114 09/01 13:11:29 114 ### SessionGuid - Invalid token type to retrive sessionGuid.
7908 114 09/01 13:11:29 114 ### - Processing GET request : /multicommcell/CommcellType : Headers :[Content-Type=application/xml][Host=127.0.0.1:81][locale=en_US][LookupNames=false][client-location=172.20.1.27][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:58352] : Parameters : (empty) : AdditionalInfo[ClientIP[172.20.1.27] ConsoleType[Unknown] Operation[CV.WebServer.Controllers.ThirdPartyAppController.GetCommcellTypeInMultiCommcell (CVWebControllerThirdPartyApp)] Username[]]
7908 114 09/01 13:11:29 114 ### Invoke - GET /multicommcell/CommcellType : HTTP code 'OK'
7908 154 09/01 13:11:29 154 ### SessionGuid - Invalid token type to retrive sessionGuid.
7908 154 09/01 13:11:29 154 ### - Processing GET request : /multicommcell/CommcellType : Headers :[Content-Type=application/xml][Host=127.0.0.1:81][locale=en_US][LookupNames=false][client-location=172.20.1.27][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:58352] : Parameters : (empty) : AdditionalInfo[ClientIP[172.20.1.27] ConsoleType[Unknown] Operation[CV.WebServer.Controllers.ThirdPartyAppController.GetCommcellTypeInMultiCommcell (CVWebControllerThirdPartyApp)] Username[]]
7908 154 09/01 13:11:29 154 ### Invoke - GET /multicommcell/CommcellType : HTTP code 'OK'
7908 4 09/01 13:11:35 4 ### SessionGuid - Invalid token type to retrive sessionGuid.
7908 4 09/01 13:11:35 4 ### - Processing GET request : /CommcellRedirect/RedirectListforUser : Headers :[Content-Type=application/xml][Host=127.0.0.1:81][locale=en_US][LookupNames=false][client-location=172.20.1.27][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:58352] : Parameters : [GlobalIdp=true][webconsoleURL=https%3a%2f%2fbackup.visolit.no%3a443%2fwebconsole] : AdditionalInfo[ClientIP[172.20.1.27] ConsoleType[Unknown] Operation[CV.WebServer.Controllers.ThirdPartyAppController.GetRedirectListforUser (CVWebControllerThirdPartyApp)] Username[]]
7908 4 09/01 13:11:36 4 ### Invoke - GET /CommcellRedirect/RedirectListforUser : HTTP code 'OK'
7908 154 09/01 13:11:44 154 ### SessionGuid - Invalid token type to retrive sessionGuid.
7908 154 09/01 13:11:44 154 ### - Processing GET request : /Security/TwoFactorAuth/Status : Headers :[Content-Type=application/xml][Host=127.0.0.1:81][locale=en_US][LookupNames=false][client-location=172.20.1.27][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:58352] : Parameters : [username=avi%5c105600pno-adm] : AdditionalInfo[ClientIP[172.20.1.27] ConsoleType[Unknown] Operation[CV.WebServer.Controllers.SecurityController.GetTFAStatus (CVWebControllerClient)] Username[]]
7908 154 09/01 13:11:44 154 ### Invoke - GET /Security/TwoFactorAuth/Status : HTTP code 'OK'
7908 4 09/01 13:11:49 4 ### SessionGuid - Invalid token type to retrive sessionGuid.
7908 4 09/01 13:11:49 4 ### - Processing POST request : /Login : Headers :[Content-Type=application/xml][Expect=100-continue][Host=127.0.0.1:81][Content-Length=291][locale=en_US][LookupNames=false][client-location=172.20.1.27][CVRequestRouted=true][MS-ASPNETCORE-TOKEN=22ee08eb-17fb-4c91-bc31-eed12acd6e21][X-Original-Proto=http][X-Original-For=127.0.0.1:58352] : Parameters : (empty) : AdditionalInfo[ClientIP[172.20.1.27] ConsoleType[Unknown] Operation[CV.WebServer.Controllers.LoginController.Login (CVWebControllerLogin)] Username[]]
7908 4 09/01 13:11:49 4 ### Invoke - POST /Login : HTTP code 'OK'
+2Yes there is.
I will open a case.
+23Hey
I found your incident and the last advice given:
-- suggested customer that
to use express configuration, The Admin Console(webserver) has to be able to reach out to the internet to use express config and for “Verify app” to work.
customer will work internally to allow webserver with below port access directly(internet) without proxy and retry the operation.
-- customer check above with their security team and retry the operation and update us backup if the issue still persists.
Was this helpful?
+2Hi ,
i’m still working on it , figuring out what url and ports needs to be open.
+23Sharing the solution here. Great point by point work here!
Finding Details:
Webserver had issues in accessing the portal.azure.com
Solution:
- On session, we did check readiness and it was taking a long time
- Checked the logs and found the below error
GetGraphServiceClient - Graph request failed with error code %d Forbidden
- We did log in to ExchangeAdmincenter and confirmed the service account is a member of “ExchangeOnlineBackupRoleGroup” role group
-From the Azure portal, we confirmed the APP ID has the appropriate permissions
-From the command center we tried to authorize the APP ID and it got failed with the below error:
Sorry, but we’re having trouble signing you in
- Tried to access the below url from the webserver and it got failed
https://portal.azure.com
-Informed customer to allow the URL https://portal.azure.com on web server
-After allowing the URL we are able to access the azure portal from the webserver
-Did check readiness on the client and it got failed with the below error
Azure Application Permission code timeout
-From the web-server we tried to fetch the App information and it failed
-We installed the webserver role on the access node and confirmed we are able to fetch the APP info
-Tried to discover the mailbox but it got failed
-Checked the logs and found the below error
AssignGroupOwners::Failed to initialize AssignGroupOwners
-We created the new APP ID and assigned the appropriate permissions
-Updated the new APP ID to agent properties
-Tried to discover the Mailbox and it got discovered successfully
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
