New-MsolServicePrincipalCredential : Service principal was not found.
Question
Monday, October 23, 2017 5:43 PM
I am trying to setup MFA to authenticate the users on our Azure Servers.
I am following the guide that provided by Microsoft about integrating RDG with NPS extension. (Can't include link because of new account)
When I run the PowerShell script that came with NPS extension I get this error:
<g class="gr_ gr_16 gr-alert gr_gramm gr_hide gr_inline_cards gr_run_anim Style multiReplace replaceWithoutSep replaceWithoutSep" data-gr-id="16" id="16">New-MsolServicePrincipalCredential :</g> Service principal was not found.
At C:\program files\microsoft\azuremfa\config\AzureMfaNpsExtnConfigSetup.ps1:61 char:1
- New-MsolServicePrincipalCredential -AppPrincipalId $appPrincipalId -T ...
-
+ CategoryInfo : OperationStopped: (:) [New-MsolServicePrincipalCredential], MicrosoftOnlineException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.ServicePrincipalNotFoundException,Microsoft.O
nline.Administration.Automation.NewServicePrincipalCredential
I used different accounts with different access levels including mine and another global admin for this specific AD but still nothing.
All replies (7)
Monday, October 23, 2017 7:25 PM ✅Answered
Azure MFA licensing must be enabled on your tenant. Do not attempt to proceed with these instructions before subscribing to a license including Azure MFA (Azure AD Premium, EMS, or MFA subscription). If you do, the NPS configuration script will failed with an error such as: “Service principal was not found”.
You may refer to the requirements mentioned in this article: Protecting RD Gateway with the Azure MFA NPS Extension
Do click on "Mark as Answer" on the post that helps you and vote it as helpful, this can be beneficial to other community members.
Disclaimer: This response contains a reference to a third-party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.
Monday, October 23, 2017 9:39 PM
I went ahead and enabled azure premium trial. Still getting the same error. It is worth to mention I had MFA enabled for one of the users as a test.
Monday, October 23, 2017 9:43 PM
I fixed it. I went ahead and used the global administrator in that Active directory and it started working. So I had to have Azure Premium as you said and I had to use an account that is part of that Active directory.
Thank you!
Tuesday, October 24, 2017 7:04 PM
We are glad know that.
Tuesday, June 12, 2018 8:37 AM
I fixed it. I went ahead and used the global administrator in that Active directory and it started working. So I had to have Azure Premium as you said and I had to use an account that is part of that Active directory.
Thank you!
I have O365 tenant and I have subscribed to Azure MFA trial, I can enable MFA on users, but when executing New-MsolServicePrincipalCredential cmdlet I get the same Service principal was not found error.
I've tried with GA account which is synced from local AD with no luck.
Do you have any other suggestion?
Tuesday, June 12, 2018 8:24 PM
If you are using the old MSOnline V1 PowerShell module for Azure Active Directory? You may consider to switch to the V2 module. See if it helps.
Thursday, June 14, 2018 7:37 PM
Just checking in if you have had a chance to see our previous response. And, if you have any further query do let us know.