Azure active directory Azure AD:为什么清单在运行新的MsolServicePrincipalCredential后有空的keyCredentials?
或者keyCredentials为空可以吗? 也许第一步是哪里出了问题,但还不确定 预期结果:应用程序清单在keyCredentials中具有证书机密,因此应用程序可以执行所述的标记化身份验证 实际结果:keyCredentials为空 步骤1:通过运行以下命令在AD中创建应用程序:Azure active directory Azure AD:为什么清单在运行新的MsolServicePrincipalCredential后有空的keyCredentials?,azure-active-directory,Azure Active Directory,或者keyCredentials为空可以吗? 也许第一步是哪里出了问题,但还不确定 预期结果:应用程序清单在keyCredentials中具有证书机密,因此应用程序可以执行所述的标记化身份验证 实际结果:keyCredentials为空 步骤1:通过运行以下命令在AD中创建应用程序: $azureAdApplication=New-AzureADApplication -DisplayName "SetupTest1008" -HomePage "http://www.SetupTest8.co
$azureAdApplication=New-AzureADApplication -DisplayName "SetupTest1008" -HomePage "http://www.SetupTest8.com" -IdentifierUris "http://SetupTest8" -Password "SetupTest1234"
$azureAdApplicationPrincipal=New-AzureADServicePrincipal -ApplicationId $azureAdApplication.ApplicationId
注释:
据此,$azureAdApplication.ApplicationId将用于上传证书机密
.\makecert.exe -r -pe -n "CN=123456" -b 12/15/2014 -e 12/15/2016 -ss my -len 2048 c:\tmp\123456.cer
connect-msolservice -credential $credentials
$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$cer.Import("c:\tmp\123456.cer")
$binCert = $cer.GetRawCertData()
$credValue = [System.Convert]::ToBase64String($binCert);
New-MsolServicePrincipalCredential -AppPrincipalId
$azureAdApplication.ApplicationId -Type asymmetric -Value $credValue -Usage verify
步骤2:准备证书密码
.\makecert.exe -r -pe -n "CN=123456" -b 12/15/2014 -e 12/15/2016 -ss my -len 2048 c:\tmp\123456.cer
connect-msolservice -credential $credentials
$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$cer.Import("c:\tmp\123456.cer")
$binCert = $cer.GetRawCertData()
$credValue = [System.Convert]::ToBase64String($binCert);
New-MsolServicePrincipalCredential -AppPrincipalId
$azureAdApplication.ApplicationId -Type asymmetric -Value $credValue -Usage verify
步骤3:上载证书机密
.\makecert.exe -r -pe -n "CN=123456" -b 12/15/2014 -e 12/15/2016 -ss my -len 2048 c:\tmp\123456.cer
connect-msolservice -credential $credentials
$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$cer.Import("c:\tmp\123456.cer")
$binCert = $cer.GetRawCertData()
$credValue = [System.Convert]::ToBase64String($binCert);
New-MsolServicePrincipalCredential -AppPrincipalId
$azureAdApplication.ApplicationId -Type asymmetric -Value $credValue -Usage verify
这里的问题是,我们在AAD中有两个单独的目录对象,它们代表您的应用程序,它们之间存在一些混淆:
Shawn Tabrizi这里的问题是我们在AAD中拥有的两个单独的目录对象之间存在一些混淆,它们代表您的应用程序: