Register-MFASystem - BUG

[acckej]

Hey Team, looks like I've figured out what is happening there: #332

The problem:

I am getting "The process cannot access the file'....\Local\Temp....' because it is being used by another process" while trying to run Register-MFASystem command despite all the configuration tweaks and changes.

Investigation

I've traced PS command execution and figured out that the error occurs upon calling [Register-AdfsAuthenticationProvider] cmdlet:

I found this place in source code, this is InternalRegisterConfiguration method of ADFSServiceManager class. There you create a temp file and then feed its path to the Register-AdfsAuthenticationProvider command:

The problem is that you run this cmdlet within the scope of FileStream's "using", so it is not shared for write by default and the cmdlet whether tries to write in it or just opens for writing which causes file access conflict and corresponding error.
Note that this code has been changed recently:

You can see that previous variant worked because a temp file was released before calling the cmdlet.

Confirmation

To check my assumptions I've dazzled some code which does exactly the same thing, just calls another PS command which tries to write some data to a temp file:

As you can see, I am getting the same error here.

Would you kindly have a look? Thanks in advance!

Best regards.

[redhook62]

@acckej

Yes, you are right !

But keep in mind, I won't be talking about exotic configurations anymore, I don't have time for that.
So, just "click and install" and "it doesn't work" will not have support if all the prerequisites have not been met, if the problems are not correctly described and if the exported configuration is not transmitted.

So, keep the system account for the MFA service (not yet knowing everything this service does, the best is to listen to me)

Done ! new release

[acckej]

Super! Thank you very much!)