→ The Lansweeper Customer Excellence Awards 2024 - Submit Your Project Now! Learn More & Enter Here
‎12-28-2022 05:09 PM - last edited on ‎04-01-2024 02:16 PM by Mercedes_O
Hello,
We are running the trial version.
I have been trying to get the Microsoft 365/Azure AD scanning (with PowerShell) to work. I followed these (1) (2) guides very closely, and I created a self-signed cert for PowerShell scanning. When attempting to scan either M365 or Azure, I get:
Certificate with Thumbprint {thumbprint} was not found or an error occurred while retrieving, check logging for more info.
I am not sure what logs it's referring to. I've checked both the "Program Files (x86)\Lansweeper\Service\Errorlog.txt" and Azure's audit/sign-in logs. Neither show any information related to this. I'm probably missing something simple, this is more technical than I expected, and now my brain is mush. Is there a built-in tool or something I can use to simply verify the cert actually exists?
Thanks,
Will
‎02-01-2023 04:38 PM
I have the same question as well on properly creating a cert for this to obtain thumbprint info. Sure would be nice to have some instructions posted on this. I see this same similar question was posted by another back in 2021 with no replies.
‎07-21-2023 03:08 PM
Not sure if you are still pursuing this, but I tried it again yesterday and it works now. It looks like the documentation was updated recently, so I thought I might have a different outcome. Here's the documentation I used to do it:
I had to add the IIS Manager role to the server to do the cert, and you have to export the key without the private key to get the proper file format to import into 365. When trying to add the Exchange PowerShell module, I got an error because of an issue with TLS, so I followed the steps in this article.
It took about a half hour to scan our tenant using PowerShell (about 500 users), so YMMV.
Hope this helps!
Will
‎05-17-2023 09:47 PM
Hello there!
Our tech support team should be able to assist you with this: https://www.lansweeper.com/contact-support/
‎01-16-2023 06:48 PM
So I was able to verify the cert exists from the LS server using PowerShell, but I'm still getting the same error. I've triple-checked the permissions in both articles linked previously. The "logging" referred to in the error message is still unclear.
I can scan 365 accounts now (after recreating the app registration and cert from scratch), but am still unable to scan using PowerShell. Since I can scan 365 and view the thumbprint manually using PS, it doesn't appear to be a MS/Azure issue, but I'm stumped. Any suggestions?
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now