-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Subscriptions cannot be retrieved on new storage explorer version 1.0.0 #74
Comments
I have the same issue - my account is in AzureAD "A". I have access to some storage accounts associated with the same subscription as "A". My account is also an registered as an external user (but still member not a guest) of AzureAD "B". AzureAD "B" requires 2FA. When I access the Azure Portal or use the AzureRM PowerShell I get the expected request via the Microsoft Authenticator however nothing from the Storage Explorer. In fact the storage explorer will not even show the storage accounts in "A" even though 2FA is not required. |
Are y'all's accounts in public Azure, Azure Germany, Azure China, or Azure US Govt? |
Also, @TechWatching , you say that you "should receive a notification on Microsoft Authenticator". When you sign in, does the sign in windows say it has sent you one, or is it skipping that process? Like, normally if you have two factor, at some point the auth window will say something like "We sent a notification to your device, we're waiting for you to respond." Is that happening? |
I am having the same issue. When going to Account Management I see them and it has a checkbox on all of my subscriptions. When I click the Apply button and go back tot he explorer all I see is "(Local and Attached)" We are using Azure AD for authentication. All of our account on in public Azure. This was working fine until I upgraded to 1.0.0. |
So @erenken , you do see your subscriptions in the account panel? But they don't show up in the tree view? What happens if you click "Refresh all" on the tree view? |
After I hit refresh all several times it showed me subscriptions from my personal account I have linked using MSA but it doesn't show from my Work Azure AD account. After seeing that I thought let me remove my MSA from the list. When I clicked remove from that account both of my account where removed. I re-added my Work Azure AD account and now I see all my subscriptions in the Explorer pane. Looks like I had to clear my accounts and re-add them. |
If you're using Azure US Gov then you've hit a bug. 😢 We've checked a fix into our master branch and will be shipping it relatively soon. Until then you can do the following as a workaround: Create a US Govt custom environment
Anytime you want to add another govt account, choose "Use Custom Environment" in the "Azure environment" dropdown, and use the "US Govt" environment. Once 1.1.0 is released, you can go back to using the normal Azure US Government option in the first dropdown. |
@MRayermannMSFT My account is in public Azure. Indeed the sign in seems to skip the process of sending me a notification as the auth window does not display a message telling me that it had send me a notification (it used to do it in previous azure explorer version). It just sign me in but does not display my subscriptions, and display the warning message after a few seconds. |
Is the previous version of the explorer available somewhere ? I can't access to my storage tables now and it's becoming annoying. |
Yes, you can download the previous version here: https://go.microsoft.com/fwlink/?LinkId=809306&clcid=0x409 |
Thanks @MRayermannMSFT. Any clue about the issue with the 2 factor authentication process ? Is there any more information I could provide you with ? |
I can confirm that version 0.96 does work as expected. I open the app, get the usual prompts about my account needing attention. Follow the steps for "re-entering credentials" and the Azure AD login process begins, once I have entered my username and password I am redirected to a page that asks me to confirm the request in the authenticator app on my phone. When I complete this step the storage accounts and subscriptions show. In version 1.0.0 of the storage explorer it asks for the username / password but never the 2FA. Then the screen kind a goes weird for a bit and end up back where I started. Again with version 1.0.0, when I am in the office the whole thing is even more difficult to manage. If I delete all the stored settings for the storage explorer, open the app it tries to automatically discover my Azure accounts and subscriptions using single sign on. As it is not requesting 2FA from the subscriptions that require it the storage explorer gets stuck in a loop. Auto discover, add accounts, try to connect and list subscriptions / storage accounts / fail / repeat. Of course if I click "remove account" the auto discover process immediately adds it back (cos it is stuck in a loop) |
And no, using Azure public cloud in Australia (although for the government) |
@alexmbaker , (and @TechWatching as well)
Once the "Could not retrieve subscriptions for one or more tenants" messages shows up, look in the console for an error (red text), and let me know what the error is (after the ":"). If it just something like [object], then do the following:
|
For anyone watching this issue, please be aware that if you are:
Basically, with our new auth library, once you enter your username, a request goes to your company's ADFS server. If your Windows account/machine is linked with this account, then the server knows who are, and thus doesn't ask you for a password or to authenticate. |
@MRayermannMSFT Sorry for the late response, the error is
Unfortunately it is just a string "AuthenticationNeededError", not an object I see when debugging SubscriptionService line 54. I have the same behaviour with Visual Studio Cloud Explorer so I am guessing it is an issue directly linked to the new auth library. |
We're experiencing this same issue. We don't have 2FA enabled globally in the offending AAD, only for certain applications. Unfortunately, downloading the workaround gives us 1.2.0 and not 0.9.6, so we're still stuck. When opening the dev tools, all we get is the "AuthenticationNeededError". |
As the issue is not solved for now, could you please send the link to download 0.9.6 @MRayermannMSFT ? Now that there are newer versions of Azure Storage Explorer, the link you gave me is for 1.3.1. |
Can y'all try 1.4.0 (available now at https://storageexplorer.com) before I dig up 0.9.6 bits? Turns out the "AuthenticationNeeded error" was covering up errors from our auth library. In 1.4.0, we're now surfacing the true error message, which you should be able to find in the dialog that launches after clicking "More information" under your account. That way I can know exactly what actual error y'all are getting, make sure it isn't something we can fix/workaround, and then give you such an old version. |
This is the error I'm getting: |
Thanks for the followup @NateB2 . I talked to the owner of our auth library, and he suggested adding 2FA to your home tenant as a workaround for this bug. He also said they'll prioritize getting this bug fixed as soon as they can. So if you can do the workaround, that'd be great/preferred as 0.9.6 contains lots of bugs and missing features. But if the workaround is really a no go, then I'll get you an installer. |
Can't easily make changes to our home tenant, due to it being controlled by corporate IT. We have an existing workaround (the storage explorer preview in the Azure portal) that's working for our use cases, so we're not blocked. The app is far more convenient though, so we're looking forward to a fix for it! Thanks for following up. |
@NateB2 and @TechWatching , would y'all be willing to try a private build that should correctly prompt for your MFA? |
Absolutely! |
Ok, here's a SAS URI to an installer. It'll be valid for a few days: https://storageexplorerpublish.blob.core.windows.net/privatebuilds/MFA%20Build/StorageExplorer-ia32.exe?st=2018-08-09T18%3A06%3A00Z&se=2018-08-15T18%3A06%3A00Z&sp=r&sv=2018-03-28&sr=b&sig=p8B%2FgvW%2B58TRVtnsFgGNibiqmFcFQQ9ivCD9%2FxjRzhI%3D The experience you'll get should be as follows:
Let me know how it goes! Thanks. 😄 |
I verified that it works for us! Thanks! |
Awesome! We'll be including the fix in our next release, but feel free to keep using the private build until then. Do note that it isn't signed (if that matters to you), and once 1.5.0 does actually come out, you will need to manually update. Anyway, once I merge the fix into our master branch I'll be closing this issue. |
Thanks @MRayermannMSFT |
@MRayermannMSFT apologies, I have only just spotted your request for additional information back in May.. I have tried out the 1.5.0 version of the Storage Explorer. It looks like everything is working as it should now. Thanks for sharing the private build. |
That's great! 😄 I'm glad y'all are unblocked. The fix has been checked in so I'll be closing this issue now. |
Hey everyone, the fix for this was shipped in 1.4.1. The private build I gave y'all may not get the update notification because it is version 1.5.0, so please make sure to manually update to 1.4.1. Thanks! @alexmbaker , @TechWatching , @NateB2 |
I manually updated it, and verified that the fix works - thanks! |
Storage Explorer Version: 1.0.0
OS Version: Windows 10
Steps to Reproduce:
Expected Experience:
As one of my subscription requires 2 steps verification, I should receive a notification on Microsoft Authenticator (was working on previous version of Microsoft Azure Storage Explorer)
The subscriptions should be displayed and the warning icon should disappear.
Actual Experience:
I received no notification on Microsoft Authenticator.
No subscription is displayed and warning is still there with an error message "Subscriptions for one or more tenants could not be retrieved".
In Console Log of Microsoft Azure Storage Explorer, I have the following message "Could not load subscriptions for tenant ---*" with a tenant id that matches the one with 2 steps verification.
The text was updated successfully, but these errors were encountered: