I've been following Microsoft's documentation on how to manage Exchange servers, but I've hit a wall. While everything was going smoothly, I stumbled upon an error with a command meant to retrieve key credentials from a service principal. The command contains a mistake, particularly with an unnecessary closing parenthesis and the usage of the '$true' argument. Others seem to have had similar issues and resorted to using MSOnline commands, but those are deprecated now. I managed to get a list of key credentials, but I'm unsure which one to remove. Is there a correct command to use here, or should I just ignore the credential and proceed to shut down Exchange? I want this done correctly if possible!
3 Answers
If you're consistently hitting errors with the Graph module, it might really be best to roll back to version 2.25. Some users have faced issues with version 2.26. A downgrade could help resolve those errors you're encountering with your commands.
Make sure you double-check your variable names, especially the case sensitivity. You have `$p.id` in your command, which should be `$p.Id`. This could be a reason why your command doesn't return the expected results. Also, ensure you're binding your variable correctly in the filter. Try adjusting to this: `$KeyId = (Get-MgServicePrincipal -ServicePrincipalId $p.Id).KeyCredentials | Where-Object {$_.Value -eq $credValue}).KeyId`. Although it's worth noting that PowerShell is pretty forgiving with case sensitivity, it's best to be consistent.
You might want to try manually converting the 'customKeyIdentifier' to a Base64-encoded string. The Graph API might expect that format for comparisons, which could be why your comparisons aren't working. You can use this command to convert: `[System.Convert]::ToBase64String($_.CustomKeyIdentifier)`, then see if it lines up with your `$credValue`. If that doesn't work, bypass the SDK. You could call the raw API with `Invoke-MgGraphRequest` directly and check the JSON response. It might provide more insight about what 'customKeyIdentifier' looks like. Also, if it’s a bug with the latest Graph PowerShell module, consider downgrading your Graph Modules to version 2.25.
Thanks for the pointer! I actually tried the conversion, but I still got a null error. I'll focus on the raw API next. Could you recommend any specific command for that?
I tried that but still got the same null result. Is it possible that the credential I'm looking for isn't in the list after all?