Allow winrm authentication other than basic when connecting via powershell
Please provide an option for creating a new powershell session with Office 365 with an authentication method other than basic. Due to hardening policies in place, when I attempt $O365Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
It fails because basic authentication is currently disabled in the client configuration (due to group policy settings we implemented).
C H commented
Microsoft is ending Basic Auth support this year. Microsoft has stated that they follow the new CCPA legislation, which utilizes CIS benchmarks for security. All benchmarks require Basic auth to be disabled. Powershell, for some reason, requires basic auth to be enabled. Which is it? Do you all want to support secure infrastructure, or force everyone to send plain text credentials?
What is the point of these forums if nobody from Microsoft ever replies ?
Any update on this yet?
With security becomming more and more important and Microsoft stating to end Basic Auth for EWS by 2020 it would be nice to have a solution for this please.
We will also implement a GPO to block Basic Auth and this is still a problem.
According to Microsoft the solution is to use Exchange Online Remote PowerShell Module, and use the Connect-EXOPSSession cmdlet to connect.
However the "solution" to not use Bacis Auth requires you to enable Basic Auth...?
Please fix MS, this is becomming more important by the day.
Please help Microsoft! This is still an issue a year and a half later. I still have to use a Windows 7 machine because of this and there's less than one year before Windows 7 is EOL.
Tim Malo commented
Our security team has just implemented a new GPO blocking basic authentication. This needs to be addressed