PowerShell 7.x causes device login

[mikeparkie]

Executing Enable-DCAzureADPIMRole on PS 7.x causes the module to try authenticate using device login. whereas 5.1 uses standard username/password popup.

Is this by design? Should I be launching in a different fashion for 7.x?

[yashcrest]

I think this is because PowerShell Core is developed to be cross platform, and I don't think window popup is supported on every platform, so they opt in to use device login for all platforms.

[mikeparkie]

Possibly, but would be good to get confirmation.

[mikeparkie]

done some further digging from the audit log and can see the failure based on a CA policy

Failure reason
Remote device flow blocked due to device based conditional access.

Additional Details
This request is authorizing a remote device, and there is a conditional access policy that requires device authentication. The request is blocked because we cannot assert the properties of the remote device. View the Conditional Access information for this request in the sign-in logs for more details about the policy applied here.

Looked into thge device compliance

Access controls
Grant Controls | Not satisfied > Require compliant device

But checking devce compliance

Device GUID = Compliant

Some I'm a little confused?