Hi @v-chuncz-msft ,

Thanks, because of the logging error I think it has to do with certifications. Now waiting for the IT-department to check it. Looks like a certification which is needed to connect with the Azure Active Directory Library (ADAL) (for logging in) is not valid or missing. Do you maybe know or the certificate in the error-message the one PowerBI is expecting on my PC (the exact name of it)?

Regards,

Nico

More detailed error message (from the tracing log) is:

DataMashup.Trace Information: 24579 : {
Start: 2018-06-04T17:21:28.2419252Z,

Action: PowerBIService/Authentication,

Message : Error: 2018-06-04T17:21:28.3305983Z: XXXXXXXX-XXXX-XXXX-XXXX-23129ab72b8c - AcquireTokenHandlerBase.cs: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException: Device Certificate was not found for Cert Authorities:OU=XXXXXXXX-XXXX-XXXX-XXXX-0950c1eaca97,CN=MS-Organization-Access,DC=windows,DC=net

at Microsoft.IdentityModel.Clients.ActiveDirectory.DeviceAuthHelper.FindCertificate(IDictionary`2 challengeData) 

at Microsoft.IdentityModel.Clients.ActiveDirectory.DeviceAuthHelper.<CreateDeviceAuthChallengeResponse>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.IdentityModel.Clients.ActiveDirectory.AdalHttpClient.<HandleDeviceAuthChallenge>d__24`1.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.IdentityModel.Clients.ActiveDirectory.AdalHttpClient.<GetResponseAsync>d__21`1.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

  at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\

   at Microsoft.IdentityModel.Clients.ActiveDirectory.AdalHttpClient.<GetResponseAsync>d__20`1.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.<SendHttpMessageAsync>d__67.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.<SendTokenRequestAsync>d__64.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.<RunAsync>d__55.MoveNext()

ErrorCode: device_certificate_not_found,

ProductVersion: 2.58.5103.501 (PBIDesktop),

ActivityId: 00000000-0000-0000-0000-000000000000,

Process: PBIDesktop ,

Pid: 13364,

Tid: 27,

Duration: 00:00:00.0000318 }

@Nender,

This would be my suggestion. 

1. Was PowerBI desktop working before ? If yes, then I would suggest connecting to a sample datasource such as a cvs by doing this you can determine that the issue is more so with the DataSource not the desktop.

2. Also can you let me know how you're connecting to the DataSource i.e which authenication mechanism it seem you're using some form windows authenication which is replying on AD hence the error of a missing cert.

Thank you,

Conarl_On_BI

Hi @Conarl_on_BI ,

First of all thanks for your reply. 

1. PowerBI desktop was working before, I am able to connect datasources without anny problem. 

2. I am able to log-in with a mail which is not in our domain (in PowerBI Desktop). But when I logging in with a email which is in our domain I am receiving this message. We are using our Office365 credentials for this (message is refering to the ADAL, this is the Azure Active Directory Library if I'm correct?). Is it possible to find-out which certificate is missing or which certificate PowerBI is trying to refering to?

I also just saw that some Microsoft.IdentityModel.Clients.ActiveDirectory.DeviceAuthHelper.dll 's are recently updated. Can this be related to this problem? Is PowerBI trying to reach the certificates with this dll? After a re-installation of PowerBI Desktop I am still receiving the same errors.

Thanks.

Best regards,

Nico

@Nender,

Signing to Power BI desktop is really important when you're publishing your contents to the Power BI services. With that said you need to use the same UPN(Unique Principal Name i.e e-mail ID) that was used in creating your Power BI account to log into the Desktop or the Services. 
Before anything can work, the Local AD users need to be in sync with the respective Office 365 users. This can be done using Office 365 DirSync (no longer supported), or the Azure AD Connect application. This allows the synchronization of users’ email addresses, aliases, Service Principal Names, Distinguished Names, GUIDs and UDIDs, which will be needed to pass through and match authentication identifiers from Office 365 to DataSource.

Can let me know if you can log onto the Power BI service with the same UPN(e-mail ID) you're using for the desktop?

Thanks,

Conarl_On_BI

Hi @Conarl_on_BI ,

I am siging in with the same credentials as I do on the Services. Looks like the MS-Organization-Access certificate is never installed. I am only having this problem on our server. When I try to log-in with my crendentials on another network, I receive a message to accept the MS-Organization-Access certificate, it shows up in my certificates and am I able to log in. How can this certificate be blocked from installation, what can causing this issue?

Best regards,

Nico

@Nender

If that is the case, then I believe you need admin privileges to be able to install things at the OS level. I would suggest you ask

someone from your IT team admin privileges install this access certificate for you. 

Thanks,

Conarl_On_BI