Password expired and request admin to change your password Azure AAD powershell command

I come across with a weird situation as follow while working with Azure.
1. one of my Azure AAD account password has expired.
then I logged with another admin account and reset the password to same password as it was earlier.
then I was able to login and also I can use my automations in Azure.
but when I tried to login to AAD powershell using that account I got error "Password expired and request admin to change your password ".
I though the flag might be still on for password expired.
so I just logged in to Azure with the account wch I was getting error.
then changed password and again changed back to the original password and after that login to AAD powershell was ok.


hope this will help some one if they will come across such....


Regards,
Yes.Sudhanshu

Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call. Azure powershell error

while trying to set the password never expire for AAD, I got below error while running Set-MSOLUser command. (here is the link how to make password never expires for AAD user account)


"Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call
this cmdlet.
At line:1 char:26
+ set-msoluserprincipalname <<<<  -userprincipalname millerj@cajonvalley.net -n
ewuserprincipalname accountame@xxx.onmicrosoft.com
    + CategoryInfo          : OperationStopped: (:) [Set-MsolUserPrincipalName
   ], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.UserN
   otFoundException,Microsoft.Online.Administration.Automation.SetUserPrincip
  alName".

this say very clearly that the account you are logged in to perform this activity does not have the permission to do this.

hence to check and give access login to office 365 (https://www.office.com/).

then go to Admin icon and look for User and then find the account you are using to run the cmdlet above, as shown in right side pic.

just click edit side to role and assign Global Admin (Password admin if you select Customised Admin Rights), then click OK and close.

just wait for few minutes, as it needs to effect all across. (actually I was trying to execute the set command quickly and hence I was getting the same error). so just wait for a while and then run your Set command and this time it should be ok.

Regards,

Yes.Sudhanshu

Reset an Azure Active Directory (AAD) user account password to never Expires

I was using Azure account to automate my script to up/down VMs. once I noticed the bill is high and found the script not running. finally saw the error that password for the account I was using to authenticate was expired. so I though to make that account password not to expired.


here is how you can do.
you need to have Microsoft Online Services Sign-In Assistant for IT Professionals RTW (do 32 or 64 as per you machine)and Azure Active Directory Module for Windows PowerShell (64-bit version) or Azure Active Directory Module for Windows PowerShell (32-bit version).

once that is installed ( one error you can follow http://azurehospital.blogspot.sg/2016/06/azure-active-directory-module-import.html ) then run below command and it show all false as below

Get-MSOLUser | Select account@XXX.onmicrosoft.com, PasswordNeverExpires

Then run below

Set-MSOLUser -UserPrincipalName account@XXX.onmicrosoft.com -PasswordNeverExpires $true

if you run Get-MSOLUser you will get as few true.

Hope this helps.

Regards,

Yes.Sudhanshu

Azure Active Directory-Module : Import-Module : Could not load file or assembly file:///C:\Windows\system32 \WindowsPowerShell\v1.0\ Modules\MSOnline\Microsoft Online Administration Automation PSModule dll or one of its dependencies. This assembly is built by a runtime newer than the currently loaded runtime and cannot be loaded

while , I was trying to make one account password never expire, I was trying to connect to azure by using the AAD powershell command utility.
when I open AAD powershell tool I got below error "Azure Active Directory-Module : Import-Module : Could not load file or assembly file:///C:\Windows\system32 \WindowsPowerShell\v1.0\ Modules\MSOnline\Microsoft Online Administration Automation PSModule dll or one of its dependencies. This assembly is built by a runtime newer than the currently loaded runtime and cannot be loaded".
when I check the version of powershell, it was 2.0, but the above needs 3.0.

Hence download 3.0 from https://www.microsoft.com/en-sg/download/details.aspx?id=34595 (do as per 32 or 64) and install and then try to connect.

Regards,

Sudhanshu

The job failed. The quota for the monthly total job run time has been reached for the subscription. To get more job run time you change to a different Automation plan or wait until next month when the quota will be reset.

While working on Azure automation.
I had set up auto start/stop for my VMs morning and night to save $$$$.
OK, once I got my monthly bill so HIGH, then I noticed by VMs running 24x7. heck.....
then saw automation job failed, reason is the subject line and as below...
"The job failed. The quota for the monthly total job run time has been reached for the subscription. To get more job run time you change to a different Automation plan or wait until next month when the quota will be reset."

 this means, change your tier for automation.
by default it is free for 500 mnts. for basic it charges $0.002 / minute. more details https://azure.microsoft.com/en-us/pricing/details/automation/


How to change the plan

login to you Azure subscription, then select Automation on left Icons. (below screens are from new portal)

then select "Pricing tier and usage".

the highlighted 54/500, shows how much time (in mnts) it ran out of 500 (this is free one).

 now click "Pricing tier" , you will get Free and Basic. then select Basic and save.
now you are done from this disaster..


hope this helps...


Regards,


yes.sudhanshu