From a2ed3839079d5f729dd91f6a48dcb98f8367bc02 Mon Sep 17 00:00:00 2001 From: Med Date: Mon, 15 Sep 2025 10:30:36 +0200 Subject: [PATCH 1/3] Update OnPremOAuthFunctions.ps1 ACS is no longer the default AuthServer - Updated to check for EvoSts --- .../Functions/OnPremOAuthFunctions.ps1 | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 b/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 index 27c0deb39f..9ecf238d48 100644 --- a/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 +++ b/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 @@ -49,9 +49,9 @@ function IntraOrgConCheck { } function AuthServerCheck { #PrintDynamicWidthLine - Write-Host -ForegroundColor Green " Get-AuthServer | Select Name,IssuerIdentifier,TokenIssuingEndpoint,AuthMetadataUrl,Enabled" + Write-Host -ForegroundColor Green " Get-AuthServer | Select Name, Realm, IssuerIdentifier,TokenIssuingEndpoint,AuthMetadataUrl,Enabled" PrintDynamicWidthLine - $AuthServer = Get-AuthServer | Where-Object { $_.Name -like "ACS*" } | Select-Object Name, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled + $AuthServer = Get-AuthServer | Where-Object { $_.Name -like "EvoSts*" } | Select-Object Name, Realm, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled $AuthServer $Script:tDAuthServerIssuerIdentifier = $AuthServer.IssuerIdentifier $Script:tDAuthServerTokenIssuingEndpoint = $AuthServer.TokenIssuingEndpoint @@ -61,30 +61,30 @@ function AuthServerCheck { Write-Host -ForegroundColor Green " Summary - Auth Server" PrintDynamicWidthLine Write-Host -ForegroundColor White " IssuerIdentifier: " - if ($AuthServer.IssuerIdentifier -like "00000001-0000-0000-c000-000000000000" ) { + if ($AuthServer.IssuerIdentifier -like "https://sts.windows.net/$($AuthServer.Realm)/" ) { Write-Host -ForegroundColor Green " " $AuthServer.IssuerIdentifier $Script:tDAuthServerIssuerIdentifierColor = "green" } else { Write-Host -ForegroundColor Red " IssuerIdentifier appears not to be correct." - Write-Host -ForegroundColor White " Should be 00000001-0000-0000-c000-000000000000" + Write-Host -ForegroundColor White " Should be https://sts.windows.net//" $Script:tDAuthServerIssuerIdentifierColor = "red" } Write-Host -ForegroundColor White " TokenIssuingEndpoint: " - if ($AuthServer.TokenIssuingEndpoint -like "https://accounts.accesscontrol.windows.net/*" -and $AuthServer.TokenIssuingEndpoint -like "*/tokens/OAuth/2" ) { + if ($AuthServer.TokenIssuingEndpoint -like "https://login.windows.net/common/oauth2/token*" ) { Write-Host -ForegroundColor Green " " $AuthServer.TokenIssuingEndpoint $Script:tDAuthServerTokenIssuingEndpointColor = "green" } else { Write-Host -ForegroundColor Red " TokenIssuingEndpoint appears not to be correct." - Write-Host -ForegroundColor White " Should be https://accounts.accesscontrol.windows.net//tokens/OAuth/2" + Write-Host -ForegroundColor White " Should be https://login.windows.net/common/oauth2/token" $Script:tDAuthServerTokenIssuingEndpointColor = "red" } Write-Host -ForegroundColor White " AuthMetadataUrl: " - if ($AuthServer.AuthMetadataUrl -like "https://accounts.accesscontrol.windows.net/*" -and $AuthServer.TokenIssuingEndpoint -like "*/tokens/OAuth/2" ) { + if ($AuthServer.AuthMetadataUrl -like "https://login.windows.net/*/federationmetadata/2007-06/federationmetadata.xml" ) { Write-Host -ForegroundColor Green " " $AuthServer.AuthMetadataUrl $Script:tDAuthServerAuthMetadataUrlColor = "green" } else { Write-Host -ForegroundColor Red " AuthMetadataUrl appears not to be correct." - Write-Host -ForegroundColor White " Should be https://accounts.accesscontrol.windows.net//Metadata/json/1" + Write-Host -ForegroundColor White " Should be https://login.windows.net//federationmetadata/2007-06/federationmetadata.xml" $Script:tDAuthServerAuthMetadataUrlColor = "red" } Write-Host -ForegroundColor White " Enabled: " @@ -638,3 +638,4 @@ function EWSVirtualDirectoryCheckOAuth { Write-Host -ForegroundColor White " Should be True " } } + From 87dda187137fb8c784d60ae0164dae74e983a648 Mon Sep 17 00:00:00 2001 From: Med Date: Mon, 22 Sep 2025 16:00:57 +0200 Subject: [PATCH 2/3] Update Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 b/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 index 9ecf238d48..59f0eab1e1 100644 --- a/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 +++ b/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 @@ -49,7 +49,7 @@ function IntraOrgConCheck { } function AuthServerCheck { #PrintDynamicWidthLine - Write-Host -ForegroundColor Green " Get-AuthServer | Select Name, Realm, IssuerIdentifier,TokenIssuingEndpoint,AuthMetadataUrl,Enabled" + Write-Host -ForegroundColor Green " Get-AuthServer | Select Name, Realm, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled" PrintDynamicWidthLine $AuthServer = Get-AuthServer | Where-Object { $_.Name -like "EvoSts*" } | Select-Object Name, Realm, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled $AuthServer From 148c1add6b6196ad941ed807b3ab0fa72a69be74 Mon Sep 17 00:00:00 2001 From: Mohamed Elhammouti Date: Fri, 17 Oct 2025 01:25:49 +0200 Subject: [PATCH 3/3] Updated Using PascalCase. --- Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 b/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 index 59f0eab1e1..26c1e44cb8 100644 --- a/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 +++ b/Diagnostics/FreeBusyChecker/Functions/OnPremOAuthFunctions.ps1 @@ -84,7 +84,7 @@ function AuthServerCheck { $Script:tDAuthServerAuthMetadataUrlColor = "green" } else { Write-Host -ForegroundColor Red " AuthMetadataUrl appears not to be correct." - Write-Host -ForegroundColor White " Should be https://login.windows.net//federationmetadata/2007-06/federationmetadata.xml" + Write-Host -ForegroundColor White " Should be https://login.windows.net//FederationMetadata/2007-06/FederationMetadata.xml" $Script:tDAuthServerAuthMetadataUrlColor = "red" } Write-Host -ForegroundColor White " Enabled: " @@ -639,3 +639,4 @@ function EWSVirtualDirectoryCheckOAuth { } } +