无法使用联合服务以编程方式对SharePoint Online进行身份验证_Sharepoint_Federated Identity_Sharepoint Online

无法使用联合服务以编程方式对SharePoint Online进行身份验证

sharepoint

无法使用联合服务以编程方式对SharePoint Online进行身份验证,sharepoint,federated-identity,sharepoint-online,Sharepoint,Federated Identity,Sharepoint Online,我无法使用SharePointOnline凭据对SharePoint Online进行身份验证，收到错误消息：标识客户端运行库（IDCRL）在与伙伴STS对话时遇到错误在我们实现AD FS将身份验证联合到Active Directory之前，这段代码一直有效。事实上，当我访问自己的个人SharePoint Online站点时，代码仍然有效，该站点不使用联邦服务。这让我怀疑，将SharePointOnlineCredential与联邦服务一起使用存在问题有人能证实这一点吗？如果是，解决办法是

我无法使用SharePointOnline凭据对SharePoint Online进行身份验证，收到错误消息：

标识客户端运行库（IDCRL）在与伙伴STS对话时遇到错误

在我们实现AD FS将身份验证联合到Active Directory之前，这段代码一直有效。事实上，当我访问自己的个人SharePoint Online站点时，代码仍然有效，该站点不使用联邦服务。这让我怀疑，将SharePointOnlineCredential与联邦服务一起使用存在问题

有人能证实这一点吗？如果是，解决办法是什么

我创建了一个简单的程序来验证此问题，如下所示：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.SharePoint.Client;
using Microsoft.Online.SharePoint.Client;
using System.Security;

namespace SPOConsole
{
    class Program
    {
        static void Main(string[] args)
        {

            var targetSite = new Uri("<https://<mydomain>.sharepoint.com>");
            var login = "<myuserid>@<mydomain>.com";
            var password = "<mypassword>";
            var securePassword = new SecureString();
            foreach (char c in password)
            {
                securePassword.AppendChar(c);
            }

            var onlineCredentials = new SharePointOnlineCredentials(login, securePassword);

            using (ClientContext clientContext = new ClientContext(targetSite))
            {
                clientContext.Credentials = onlineCredentials;
                Web web = clientContext.Web;
                clientContext.Load(web,
                webSite => webSite.Title);

                clientContext.ExecuteQuery();
                Console.WriteLine(web.Title);

                Console.Read();

            }

        }
    }
}

以下是堆栈跟踪：

Microsoft.SharePoint.Client.IdcrlException was unhandled
  HResult=-2147186451
  Message=Identity Client Runtime Library (IDCRL) encountered an error while talking to the partner STS.
  Source=Microsoft.SharePoint.Client.Runtime
  ErrorCode=-2147186451
  StackTrace:
       at Microsoft.SharePoint.Client.Idcrl.ManagedIdcrl.CheckHResult(Int32 hr)
       at Microsoft.SharePoint.Client.Idcrl.ManagedIdcrl.LogonIdentity(String username, SecureString password)
       at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.Logon(String username, SecureString password)
       at Microsoft.SharePoint.Client.SharePointOnlineCredentials..ctor(String username, SecureString password)
       at SPOConsole.Program.Main(String[] args) in c:\Users\michael.norton\Documents\Visual Studio 2012\Projects\SimpleSPOConnection\SPOConsole\Program.cs:line 26
       at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
       at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
       at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
       at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
       at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart()
  InnerException:

我通过确保在代码中使用SharePoint Online Client组件解决了此问题。以下是我采取的步骤：

已卸载SharePoint Online Management Shell（）。最初的程序是去年秋天编写的，最初是PowerShell程序的扩展，它使用了SharePoint Online Management Shell附带的Microsoft.Online.SharePoint.Client.Tenant.dll。程序应引用C:\program Files\SharePoint客户端组件\16.0\Assembly\Microsoft.Online.SharePoint.Client.Tenant.dll

已安装最新的SharePoint Online Client Components SDK（）。请务必注意，此SDK与SharePoint 2013客户端组件SDK不同。SharePoint Online Client Components SDK版本为16；SharePoint 2013客户端组件SDK的版本为15

确保程序中的Microsoft.SharePoint.Client和Microsoft.SharePoint.Client.Runtime dll是从Web Server Extensions文件夹中的16版本加载的，例如C:\program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll

我现在可以使用联邦帐户和非联邦帐户进行身份验证。

Maximilian，您可以使用以下类似的方法添加它们：

$spoClientAssemblies = 
'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll',
'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll'

foreach($reqAssembly in $spoClientAssemblies)
{
    Add-Type -LiteralPath $reqAssembly -ErrorAction:Continue
}

您还可以检查当前域的程序集中的DLL

[AppDomain]::CurrentDomain.GetAssemblies()

您需要确保在脚本的开始部分加载所需的SharePoint Online程序集

Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll" 

Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"

版本16向后兼容版本15吗？如果不是，我如何部署这两个版本并使用源代码？我是否需要根据用户从我的客户端应用程序中瞄准的sharepoint实例动态加载程序集？这似乎不再有效。我有以下引用：Microsoft.SharePoint.Client-版本：16.1.0.0文件版本：16.1.4727.1200 Microsoft.SharePoint.Client.Runtime-版本：16.1.0.0文件版本：16.1.4727.1200当我登录到SharePoint Online的联合实例时仍会出现以下错误，但它在“普通”SharePoint Online站点中工作“运行时库（IDCRL）在与伙伴STS对话时遇到错误”

Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll" 

Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"