5

我无法使用 SharePointOnlineCredentials 对 SharePoint Online 进行身份验证,收到错误消息:

Identity Client Runtime Library (IDCRL) 在与合作伙伴 STS 通信时遇到错误。

在我们实施 AD FS 以将身份验证联合到我们的 Active Directory 之前,相同的代码一直有效。而且,事实上,当我访问我自己的不使用联合服务的个人 SharePoint Online 网站时,该代码仍然有效。这使我怀疑将 SharePointOnlineCredential 与联合服务一起使用时存在问题。

任何人都可以确认是这种情况吗?如果是这样,解决方法是什么?

我创建了一个简单的程序来验证这个问题,如下所示:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.SharePoint.Client;
using Microsoft.Online.SharePoint.Client;
using System.Security;

namespace SPOConsole
{
    class Program
    {
        static void Main(string[] args)
        {

            var targetSite = new Uri("<https://<mydomain>.sharepoint.com>");
            var login = "<myuserid>@<mydomain>.com";
            var password = "<mypassword>";
            var securePassword = new SecureString();
            foreach (char c in password)
            {
                securePassword.AppendChar(c);
            }

            var onlineCredentials = new SharePointOnlineCredentials(login, securePassword);

            using (ClientContext clientContext = new ClientContext(targetSite))
            {
                clientContext.Credentials = onlineCredentials;
                Web web = clientContext.Web;
                clientContext.Load(web,
                webSite => webSite.Title);

                clientContext.ExecuteQuery();
                Console.WriteLine(web.Title);

                Console.Read();

            }

        }
    }
}

代码失败就行了:

        var onlineCredentials = new SharePointOnlineCredentials(login, securePassword);

以下是堆栈跟踪:

Microsoft.SharePoint.Client.IdcrlException was unhandled
  HResult=-2147186451
  Message=Identity Client Runtime Library (IDCRL) encountered an error while talking to the partner STS.
  Source=Microsoft.SharePoint.Client.Runtime
  ErrorCode=-2147186451
  StackTrace:
       at Microsoft.SharePoint.Client.Idcrl.ManagedIdcrl.CheckHResult(Int32 hr)
       at Microsoft.SharePoint.Client.Idcrl.ManagedIdcrl.LogonIdentity(String username, SecureString password)
       at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.Logon(String username, SecureString password)
       at Microsoft.SharePoint.Client.SharePointOnlineCredentials..ctor(String username, SecureString password)
       at SPOConsole.Program.Main(String[] args) in c:\Users\michael.norton\Documents\Visual Studio 2012\Projects\SimpleSPOConnection\SPOConsole\Program.cs:line 26
       at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
       at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
       at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
       at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
       at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart()
  InnerException:
4

3 回答 3

7

我通过确保在我的代码中使用 SharePoint Online 客户端组件解决了这个问题。以下是我采取的步骤:

  1. 卸载了 SharePoint Online 命令行管理程序 ( http://www.microsoft.com/en-us/download/details.aspx?id=35588 )。最初的程序是去年秋天编写的,最初是作为 PowerShell 程序的扩展,使用 SharePoint Online 命令行管理程序附带的 Microsoft.Online.SharePoint.Client.Tenant.dll。该程序应引用 C:\Program Files\SharePoint Client Components\16.0\Assemblies\Microsoft.Online.SharePoint.Client.Tenant.dll。

  2. 安装了最新的 SharePoint Online 客户端组件 SDK ( http://www.microsoft.com/en-us/download/details.aspx?id=42038 )。请务必注意,此 SDK 与 SharePoint 2013 客户端组件 SDK 不同。SharePoint Online 客户端组件 SDK 是版本 16;SharePoint 2013 客户端组件 SDK 是版本 15。

  3. 确保程序中的 Microsoft.SharePoint.Client 和 Microsoft.SharePoint.Client.Runtime dll 从 Web Server Extensions 文件夹中的 16 版本加载,例如 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16 \ISAPI\Microsoft.SharePoint.Client.dll。

我现在可以使用联合帐户和非联合帐户进行身份验证。

于 2014-05-22T20:52:43.690 回答
1

Maximilian,您可以使用以下内容添加它们:

$spoClientAssemblies = 
'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll',
'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll'

foreach($reqAssembly in $spoClientAssemblies)
{
    Add-Type -LiteralPath $reqAssembly -ErrorAction:Continue
}

您还可以检查当前域的 dll 程序集。

[AppDomain]::CurrentDomain.GetAssemblies()
于 2016-01-14T21:01:52.613 回答
0

您需要确保在脚本的开头加载所需的 SharePoint Online 程序集

Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll" 

Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
于 2019-05-03T06:16:21.963 回答