AKV 0 Posted October 22, 2020 Report Share Posted October 22, 2020 Hey there I am trying to run a Powershellskript in PRTG to show the amount of licences being in use or not. I use the skript from the following site: https://github.com/debold/PRTG-O365Licensing This skript is running fine and is showing all the details I need. The only problem is that I run it with the credentials from a service user. I tried to run the script with a client secret I created before but it does not seem to work out. Do you have any idea what I could do? I heard that it is working with Azure Key Vault but I did not try this option cause I am not sure if it is working and what I exactly need to configure. Your help is very appreciated! Quote Link to comment
SandyB 9 Posted October 22, 2020 Report Share Posted October 22, 2020 (edited) If I were you, I would compare the group memberships of both accounts and their privileges as well (e.g. "whoami /priv"). Edited October 22, 2020 by SandyB Quote Link to comment
AKV 0 Posted October 22, 2020 Author Report Share Posted October 22, 2020 15 minutes ago, SandyB said: If I were you, I would compare the group memberships of both accounts and their privileges as well (e.g. "whoami /priv"). Thanks a lot for your feedback. Well it is working with the Service-Account, the problem is that I had to enter the credentials while running the script. I would like to have an opportunity to do it without entering the credentials. Like running the script with client secrets/tenant Id but it did not work when I tried to run the script so I guess this is not possible. Quote Link to comment
SandyB 9 Posted October 22, 2020 Report Share Posted October 22, 2020 (edited) You might try out - local user - local system - local service or netwerk service https://docs.microsoft.com/en-us/windows/win32/services/localservice-account depending on the required rights. these accounts do not require to enter a password at all. Edited October 22, 2020 by SandyB Quote Link to comment
Dukel 457 Posted October 22, 2020 Report Share Posted October 22, 2020 In PRTG you can define Credentials for a Sensor. In the Settings use "use Device Crendials" insteat of "use Service User" or so. Quote Link to comment
AKV 0 Posted October 22, 2020 Author Report Share Posted October 22, 2020 1 hour ago, Dukel said: In PRTG you can define Credentials for a Sensor. In the Settings use "use Device Crendials" insteat of "use Service User" or so. Thanks a lot for your feedback. This might be working, but I think the user needs rights to access to the Office-Portal in order to check the licencing but I will give this a shot! Quote Link to comment
NilsK 2,971 Posted October 22, 2020 Report Share Posted October 22, 2020 Moin, ihr habt gemerkt, dass hier im Board normalerweise deutsch gesprochen wird, oder? Meiner Vermutung nach sind alle in diesem Thread deutschsprachig, da können wir es doch einfacher haben. Gruß, Nils 1 Quote Link to comment
AKV 0 Posted October 22, 2020 Author Report Share Posted October 22, 2020 6 minutes ago, NilsK said: Moin, ihr habt gemerkt, dass hier im Board normalerweise deutsch gesprochen wird, oder? Meiner Vermutung nach sind alle in diesem Thread deutschsprachig, da können wir es doch einfacher haben. Gruß, Nils Hallo Nils My bad... Jedenfalls habe ich mir die Antwort von Dukel angeschaut und das wird wohl nicht klappen. Ich kann zwar die Credentials vom Probe Service/Device anpassen, aber das wird mir wohl nichts bringen, da nur dieser Sensor sich mit dem O365 authentifizieren muss. Muss wohl mit Azure Key Vault versuchen... Quote Link to comment
Dukel 457 Posted October 22, 2020 Report Share Posted October 22, 2020 https://www.paessler.com/manuals/prtg/device_settings#azuread Quote Link to comment
AKV 0 Posted October 23, 2020 Author Report Share Posted October 23, 2020 18 hours ago, Dukel said: https://www.paessler.com/manuals/prtg/device_settings#azuread Besten Dank für die Antwort. Funktioniert aber leider auch nicht. Habe folgenden Parameter beim Ausführen des Skripts mitgegeben: -ClientID XXXXX -ClientSecret XXXXX -TenantIdentifier XXXX -SubscriptionId XXXX und auch: -ClientID XXXXX -ClientSecret XXXXX -TenantIdentifier XXXX -SubscriptionIdentifier XXXX Vererbung habe ich disabled, FullAccess aktiviert. Auch versucht mit Vererbung, erhalte immer den Fehler: XML: The returned XML does not match the expected schema. (code: PE233) -- JSON: The returned JSON does not match the expected structure (Invalid JSON.). (code: PE231) Quote Link to comment
Dukel 457 Posted October 23, 2020 Report Share Posted October 23, 2020 Nicht dem Script übergeben sondern in den Device Settings setzen und der Sensor sollte die Daten übernehmen. Quote Link to comment
AKV 0 Posted October 23, 2020 Author Report Share Posted October 23, 2020 Hallo Dukel Danke für deine Antworten. Leider kenne ich mich mit PRTG nicht allzugut aus. In welchen Device Settings? Ich habe es in den Sensor Settings mitgegeben: Quote Link to comment
Dukel 457 Posted October 23, 2020 Report Share Posted October 23, 2020 Ach das ist ein Extra Script, nicht bei PRTG vorgefertigter Sensor. So sollte es auch gehen. Lass dir mal die Ausgabe in eine Log datei schreiben (Exe Result) und schau dir das Ergebnis an. Quote Link to comment
AKV 0 Posted October 23, 2020 Author Report Share Posted October 23, 2020 19 minutes ago, Dukel said: Ach das ist ein Extra Script, nicht bei PRTG vorgefertigter Sensor. So sollte es auch gehen. Lass dir mal die Ausgabe in eine Log datei schreiben (Exe Result) und schau dir das Ergebnis an. Hilft mir leider auch nicht viel weiter: Data['lastmsg'].asString := '#Y2 @#O233 @#O231[Invalid JSON.]'; Data['imappassword'].asString := ''; Data['tlsexplicit_pop3'].asString := ''; Quote Link to comment
Dukel 457 Posted October 23, 2020 Report Share Posted October 23, 2020 Das ist alles? Ich würde dann den Support (PRTG / der des Scripts) eisnchalten oder einen Dienstleister beauftragen, der sich das Live anschaut. Über ein Forum ist solch ein Troubleshooting schwer. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.