I had this little concern in the present day once I tried to schedule the Microsoft Graph script to run as a service account on a certificates. To my shock, even tho I had all permissions required, I used to be getting this error message: Join-MgGraph: Keyset doesn’t exist. One thing that did not present up for my person.
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd2656233a671{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd2656233a671{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd2656233a671{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd2656233a671{place: relative !necessary;}}
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd2656245e1595{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd2656245e1595{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd2656245e1595{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd2656245e1595{place: relative !necessary;}}
The message indicated my course of has issue reaching the important thing of my chosen certificates. Attempting to run the scheduled activity with the very best privileges did not change something. Since Join-MGGraph does not assist PFX information, you could add the certificates to the Native Machine retailer and discuss with it by way of Thumbprint.
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265625482274{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265625482274{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265625482274{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265625482274{place: relative !necessary;}}
Fixing Join-MgGraph: Keyset doesn’t exist
When utilizing certificates as a normal person, I often do it within the following method:
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd26562ee66370{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd26562ee66370{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd26562ee66370{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd26562ee66370{place: relative !necessary;}}
Join-MgGraph -CertificateThumbprint '9135E5CF311C051A' -ClientId 'a7b8a419' -TenantId '5e94ad53'
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd26562ff22390{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd26562ff22390{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd26562ff22390{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd26562ff22390{place: relative !necessary;}}
The issue is – it solely works for certificates within the person retailer. While you change to Native Machine Retailer, Join-MGGraph not sees the certificates, so it’s essential change to a special connection methodology.
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265630cd8453{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265630cd8453{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265630cd8453{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265630cd8453{place: relative !necessary;}}
$Thumbprint="9135E5CF"
$LocalMachineCert = Get-ChildItem -Path Cert:LocalMachine -Recurse | The place-Object { $_.Thumbprint -eq $Thumbprint }
Join-MgGraph -ClientId 'a7b8a419' -TenantId '5e94ad53' -Certificates $LocalMachineCert
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265631ad1517{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265631ad1517{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265631ad1517{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265631ad1517{place: relative !necessary;}}
This fashion, we inform Join-MgGaph to make use of the LocalMachine Certificates retailer, however whereas it labored for me when testing it utilizing my account, issues weren’t so nice when attempting it as a service account. Thankfully, there’s a simple repair for that. We have to enable that exact service account entry to personal keys for that particular certificates.
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265632ab67{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265632ab67{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265632ab67{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265632ab67{place: relative !necessary;}}
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265633c01945{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265633c01945{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265633c01945{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265633c01945{place: relative !necessary;}}
Add a lacking service account with correct permissions, and also you’re prepared!
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265634ce7954{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265634ce7954{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265634ce7954{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265634ce7954{place: relative !necessary;}}
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265635a41400{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265635a41400{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265635a41400{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265635a41400{place: relative !necessary;}}
After all, it’s essential do it in your correct certificates, not the Razer Chroma SDK certificates, as proven within the screenshot.
@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265636946004{show: block!necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265636946004{show: block!necessary;}}@media display screen and (max-width: 1023px) {.thegem-vc-text.thegem-custom-64bbd265636946004{place: relative !necessary;}}@media display screen and (max-width: 767px) {.thegem-vc-text.thegem-custom-64bbd265636946004{place: relative !necessary;}}
The put up Join-MgGraph: Keyset doesn’t exist appeared first on Evotec.
