Hi All,
I’m trying to run this local script in IQService which is run after AfterCreate for AD. The script starts running but whenever it reaches the command Connect-MgGraph (we’re trying to connect to MS Graph but that is not super relevant now), it just indefinitely runs with no errors. I haven’t been able to log anything after this line and there is no response to put into a file. The necessary modules are included. The script runs fine when I run it with my own account in IQService but the service account running the script keeps hanging.
I also noticed that the script does the same thing whenever I try to invoke a rest API (which was an alternative method to Connect-MgGraph). Virtually any other account, even the ones that are not in the IQService, can run the same commands and connect to MS Graph but the service account can’t run a simple API call of any kind. The credentials have been tested (since we make connections using other accounts). I’m not sure what the issue might be. Has anyone encountered something like this?
Hi Mark,
I managed to resolve this issue. For the record, I did try to use Start-Transcript but nothing was logged. The problem was that MS Graph requires interactive logon rights when using client secret for authentication. To remove that dependency (since having logon rights for service account is not best practice), the authentication method should be different, namely certificate-based.