I'm looking for a solution to my problem and I am not able to find it. I've tried everything online.
I'm trying to disable our on premise AD connect, I ran it as a test but it turns out our environment is not setup correctly for this to work and requires some restructuring.
I've followed the standard instructions of
Connect-MsolService and Set-MsolDirSyncEnabled -EnableDirSync $false
Connect works fine but when I try to run the disable command it returns back the error Set-MsolDirSyncEnabled : You cannot turn off Active Directory synchronization.
I've been told it could take a while but I had enabled it last week and most resources I've found say "24 - 72 hours".
The command (Get-MSOLCompanyInformation).DirectorySynchronizationStatus shows Enabled and not syncing.
Can anyone assist me with this issue?
Thank you!
You try to enable (or disable) Directory synchronization in Office 365, and you are greeted by the following error message.
PS C:\> Set-MsolDirSyncEnabled -EnableDirSync $false
Set-MsolDirSyncEnabled : You cannot turn off Active Directory synchronization.
At line:1 char:1
+ Set-MsolDirSyncEnabled -EnableDirSync $false
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [Set-MsolDirSyncEnabled], MicrosoftOnlineException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.DirSyncStatusChangeNotAllowedException,Microsoft.Online.Administration.Automation.SetDirSyncEnabled
The DirSyncStatusChangeNotAllowedException error in particular means that you have changed the status recently, and the service is simply preventing you from changing it back too soon
Note : The error message detailed is different and will occur even if the
DirSync status has been updated. It’s a simple block on Microsoft’s
side to prevent you from changing the status too often
check now or wait for atleast 12 hours to 72hr to reflect.
MSOLCompanyInformation | select DirectorySynchronizationStatus
NO FIX: Unfortunately, there is no way around this error. It simply means that your directory is still doing a full initial synch with Azure AD. This error message will clear once the initial sync is complete. The time will vary depending on the size of your on-premises AD but should take no longer than 72 hours for very large environments.
Reference : https://www.michev.info/Blog/Post/1797/you-cannot-turn-off-active-directory-synchronization
Note : If still problem is not getting solved would suggest you to reach out to MS Support. They can able to track down where the exact. issue
Related
I'm at my wits end with this one. I'm trying to start a compliance search in the Microsoft Compliance Center and I'm running into this error.
Creating SearchA task was canceled.
+ CategoryInfo : WriteError: (:) [Start-ComplianceSearch], TaskCanceledException
+ FullyQualifiedErrorId : [Server=BL2NAM02WS018,RequestId=3311342e-a545-4a5f-9fa1-2e9999b0d901,TimeStamp=6/5/2019 7:49:02 PM] [FailureCategory=Cmdlet-TaskCanceledException] 821
CC486,Microsoft.Office.ComplianceJob.Tasks.StartComplianceSearch
+ PSComputerName : nam02b.ps.compliance.protection.outlook.com
It's pretty simple code, I'm just doing this...
Start-ComplianceSearch -Identity "Test Search Name" -Force
I've verified I created the search correctly in compliance center (via Powershell), and I can run it from the UI.
Anyone have any ideas where to start debugging this? Any help is much appreciated!!!
Thanks for the comments above.
This just magically worked today. I think the Google search results that said internal Azure Error ended up being correct.
If anyone else hits this, just one other thing that may have caused this other than an Azure hiccup. You can only have 3 sessions going to the Security and Compliance Center at one time. We may have had some hung PowerShells running the in the background that would have increased our session count past 3.
TL;DR - This an Azure internal error. Report it to Microsoft.
I have made some small changes to an Azure ARM template file and now when I try to deploy or validate via the xplat cli I get this message.
error: InvalidTemplateDeployment : The template deployment
'fakedDeploymentName' is not valid according to the validation
procedure. The tracking id is '\some kind of GUID here\'.
See inner errors for details. Please see http://aka.ms/arm-deploy for
usage details.
error: PreflightValidationCheckFailed : Preflight
validation failed. Please refer to the details for the specific
errors.
I would love to troubleshoot this problem, but I don't see any "inner errors" on the console. It even gives me a unique GUID each time, implying that I could use this GUID to look up a more informative message. Where can I view a more detailed error? (not looking for help on the real source of the error yet)
Log into the azure portal portal.azure.com.
Open the Activity log
Find the record with Operation Name of Validate in the list of activities. It should have a red exclamation mark because it failed.
Click on it that record. Then click on the JSON tab at the bottom. Get reading and somewhere deep down in returned Json you might find an error in the statusMessage such as "The storage account named helloworld is already taken."
Make sure you're running the latest version of the CLI, we're working on bubbling up the detailed error. If that's still not catching it, let us know https://github.com/Azure/azure-xplat-cli/issues
Then if the log isn't showing you the detail, run the deployment with the -vv switch, the detailed debug output (while verbose) will have all the error messages and you can usually sift through and find the specific failure.
azure group deployment create ... --debug
Powershell:
New-AzResourceGroupDeployment ... -debug
Run the following PowerShell Azure cmdlet with the tracking ID supplied:
Get-AzureRMLog -CorrelationId xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -DetailedOutput
Building on nftw's answer...
To make it faster/easier to find the error issue I used grep and less with a variable as follows:
$correlationId ='xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' # store your correlation ID here
Get-AzureRmLog -CorrelationId $correlationID -DetailedOutput | grep -C 10 $correlationID | less
In my testing the error was close to the top of the output. You could use less and the forward-slash key / and search "error" to find the error even quicker.
I believe that tracking ID is for technical support for looking at their logs, not for the user.
Regarding your exact question, you need to take a look at logs - reference.
Another good way to validate the template is to use Resource Explorer.
Building on #nftw:
$deploymentGroupName = 'deploymentGroupName'
$correlationId = ((Get-AzureRMLog -ResourceGroup $deploymentGroupName)[0]).CorrelationId
$logentry = (Get-AzureRMLog -CorrelationId $correlationId -DetailedOutput)
#$logentry
$rawStatusMessage = $logentry.Properties
$status = $rawStatusMessage.Content.statusMessage | ConvertFrom-Json
$status.error.details
$status.error.details.details
I was running in the same issue. Basically, I couldn't get any details passed "InvalidTemplateDeployment".
I added my ARM template in a Visual Studio: Azure Resource Group project template and tried to deploy it. I got verbose details in the Output tab. That helped me solve my problem.
In my case it was the name of the cluster, it can only be small letters and numbers.
az vm list [--only-show-errors]
[--resource-group]
[--show-details]
[--subscription]
I have a SharePoint 2013 installation on a Window 8 machine.
I am trying to create a web application and it is taking forever. The creation process never stops. I checked in application event logs and found this error:
*Machine 'SHAREPOINT2013C (SharePoint - 43000(_LM_W3SVC_1458308317_ROOT))' failed ping validation and has been unavailable since '1/22/2013 3:56:48 AM'.*
Searched the web but could not find anything that works for me.
Can anyone suggest a way to resolve the issue? Thanks a lot in advance.
Below are my findings:
In order to recognize routing targets IIS has to be able to process SPPING HTTP method
To test run this code in Powershell:
$url = "http://your-Routing-Target-Server-Name"
$myReq = [System.Net.HttpWebRequest]::Create($url)
$myReq.Method = "SPPING";
$response = $myReq.GetResponse();
$response.StatusCode
If you get the following error message:
Exception calling "GetResponse" with "0" argument(s): "The remote server returned an error: (405) Method Not Allowed."
that means that web front end is not set up to process SPPING HTTP method
To resolve the issue run the following commands on each routing target server:
Import-Module WebAdministration
add-WebConfiguration /system.webserver/handlers "IIS:\" -value #{
name = "SPPINGVerbHandler"
verb = "SPPING"
path = "*"
modules = "ProtocolSupportModule"
requireAccess = "None"
}
This will add a handler for SPPING verb to IIS configuration.
Run the test script again to make sure this works.
So this has to do with the Request Management Service that runs on the WFE servers on SharePoint 2013. The Request Management Service is of no value since you only have one server. If you disable this service on your single server farm these messages will go away and your Web Application creation performance will greatly increase.
Mark Ringo
I recently faced this issue, I created new Web Application and it was showing a popup of "It shouldn't take long", then after some time it showed a Connection failure page. I browsed to the virtual directory folder for the new web application and found that the folder was totally empty.
Then what I did to solve this problem:
1. Open IIS
2. Go to Applicatin Pools
3. Select Central Admin application pool and right click and select "Advance Settings".
4. There was a property named "Shutdown Time Limit", it was set to "90" by default. I changed it to 400 and clicked OK.
It restarted the applicaition pool automatically. Then again I created new web application from central admin and it worked for me.
I've found that these events correlate to when the specified application pools are recycled (mine are at a specific time in the morning). It's unfortunate that they're logged in the event viewer and can't really clean it up.
I'm running into a problem with getting SSL to work in the Development Fabric. I'm running a clean install of Windows 8 Pro with Visual Studio 2012 Ultimate and the October 2012 Azure SDK for .NET. IIS8 is not installed, only IIS Express, which claims to support HTTPS so I'm hoping that's not the issue.
Running VS 12 as administrator, I've created a blank VS solution, added a new (.NET 4.5) cloud service with a new ASP.NET MVC 4 Internet web application project, and hit F5. Everything works fine. Then, when I add an SSL certificate to the web role and replace the HTTP endpoint (port 80) with an HTTPS endpoint (port 443, with the certificate), hitting F5 produces the following error message:
Windows Azure Tools for Microsoft Visual Studio
There was an error attaching the debugger to the role instance 'deployment18(32).WindowsAzureCloudService.Mvc4WebRole_IN_0' with Process Id: 4892'. Unable to attach. Access is denied.
Note, the last part ("Access is denied") comes in a few variations, a particularly pleasant one being "Catastrophic failure". :)
The only message in the VS Output window ('General' output) is:
Windows Azure Tools: Warning: Remapping private port 443 to 444 in role 'Mvc4WebRole' to avoid conflict during emulation.
The Compute Emulator UI is not much help; just before the instance disappears, this is the only console output that I get consistently (sometimes other messages appear, but sporadically every few runs; I'm not sure how to capture these):
[fabric] Role Instance: deployment18(33).WindowsAzureCloudService.Mvc4WebRole.0
[fabric] Role state Unknown
[fabric] Role state Suspended
[fabric] Role state Busy
[fabric] Role state Unhealthy
[fabric] Role state Stopped
The certificate was obtained from a CA and properly imported into the Local Machine/Personal/Certificates store as a .pfx with private key, extended properties, and marked as exportable, for what it's worth.
When I attempt to publish the service to Azure, I get one build (validation) warning about the database connection string (which I assume is irrelevant):
The connection string 'DefaultConnection' is using a local database '(LocalDb)\v11.0' in project 'Mvc4WebRole'. This connection string will not work when you run this application in Windows Azure. To access a different database, you should update the connection string in the web.config file.
Probably more important, the deployment actually fails with the following history in the Windows Azure Activity Log window:
9:00:25 AM - Warning: There are package validation warnings.
9:00:25 AM - Preparing deployment for WindowsAzureCloudService - 1/3/2013 8:59:55 AM with Subscription ID '<...>' using Service Management URL 'https://management.core.windows.net/'...
9:00:25 AM - Connecting...
9:00:26 AM - Object reference not set to an instance of an object.
9:00:26 AM - Deployment failed with a fatal error
Can someone help me troubleshoot this issue? I've rebooted a few times. ;)
Thanks in advance!
EDIT (Jan. 3, 4:44 PM): I have a few ideas that might help me make progress, but some are pretty drastic so any advice would be appreciated:
Is there a way to capture all the output from the Compute Emulator (Dev Fabric) to a log file so I can review it? (System.Diagnostic.Trace calls from my service won't help, since I don't even get as far as the RoleEntryPoint when using HTTPS!) I figured this out; see next edit.
That null pointer exception during the Azure deployment has me worried. Is it worthwhile to try reinstalling the Azure SDK, and if so, how should I go about doing a clean install of it?
Has anyone seen a problem of this sort disappear when switching to using full IIS for the emulator? (That seems unlikely since IIS vs. IIS Express should have no relevance to the Azure deployment.)
EDIT (Jan. 4, 10:15 AM): Bad news: I tried the suggestion to grant Read access to the certificates, but it didn't help in my case. Good news: I managed to capture one of those sporadic messages in the Compute Emulator UI before it shut down; it was a bit of info from some diagnostics. Not helpful in and of itself, but it revealed where the Development Fabric was storing its temporary files:
[Diagnostics] Information: C:\Users\Lars\AppData\Local\dftmp\Resources\0005155d-4592-40f4-812e-18793b26576c\directory\DiagnosticStore\Monitor
The GUID portion gets recreated for every deployment, and it is deleted when the deployment goes away (as it always does in my case). But in the parent directory ('dftmp'), there are a few helpful directories that I then monitored during a new deployment: DevFCLogs, DFAgentLogs, and IISConfiguratorLogs. I guess that answers the first question I had yesterday! :)
DFAgentLogs\DFAgent.log: (41KB) No useful information. A bunch of "Failure to read pipe" messages and failures to get the role/deployment instance ID, which I assume are just noise.
DevFCLogs\DevFabric--2013.01.04--<...>.log: (510 KB) No useful information. I skimmed the file and also searched for 'error', 'failure', 'not found', 'certificate', and 'Mvc4WebRole_IN_0'; none of those showed any hints of what was going on.
IISConfiguratorLogs\IISConfigurator.log: (6 KB) Now we're making progress!! :) Can someone tell me what this means? (In the meantime, I'm off ILSpy-hunting... fun fun...)
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:08.915] Using IIS Express appdomain
(...)
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:08.936] Adding binding 127.255.0.0:444: to site deployment18(40).WindowsAzureCloudService.Mvc4WebRole_IN_0_Web
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:10.484] Caught exception
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:10.487] Exception:System.Runtime.InteropServices.COMException (0x800401F3): Invalid class string (Exception from HRESULT: 0x800401F3 (CO_E_CLASSSTRING))
Server stack trace:
at Microsoft.Web.Administration.Interop.IAppHostProperty.get_Value()
at Microsoft.Web.Administration.ConfigurationElement.GetPropertyValue(IAppHostProperty property)
at Microsoft.Web.Administration.Binding.get_CertificateHash()
at Microsoft.Web.Administration.BindingCollection.Add(Binding binding)
at Microsoft.WindowsAzure.ServiceRuntime.IISConfigurator.WasManager.DeploySite(String roleId, WASite roleSite, String appPoolName, String sitePath, String iisLogsRootFolder, String failedRequestLogsRootFolder, List1 bindings, List1 protocols, FileManager fileManager, WAAppPool defaultAppPoolSettings, String roleGuid, String& appPoolSid, List`1 appPoolsAdded, String configPath)
EDIT (Jan. 4, 11 AM): ILSpy wasn't much help; the exception is being thrown at an interop point (we knew that already) while trying to get the hash of a certificate in order to set up the binding (we knew that too). Does anyone know what COM object would need to be registered in order to get a certificate hash for a binding in Microsoft.Web.Administration? Or how I could intercept the interop call to find out? Bonus points if you can tell me why this is happening in the first place. :)
I've had similar problem on two computers. On both cases installing IIS solved the problem.
It seems to be enough to just install the IIS (via add/remove Windows components). You don't need to start using it. The installation changes something and after that my IIS Express started working again with HTTPS from Visual Studio.
There is a discussion on similar issue on MSDN Social:
http://social.msdn.microsoft.com/Forums/nl-NL/windowsazuredevelopment/thread/ad362016-16f6-459a-8022-9307aa5f910e
And the issue has been also raised on Microsoft connect:
https://connect.microsoft.com/VisualStudio/feedback/details/758533
In my case the error in the log files was:
IISConfigurator Information: 0 : [00007644:00000007, 2013.01.17
00:39:18.523] Exception:System.Runtime.InteropServices.COMException
(0x800401F3): Invalid class string (Exception from HRESULT: 0x800401F3
(CO_E_CLASSSTRING))
I found the log files from C:\Users\\AppData\Local\dftmp\IISConfiguratorLogs directory.
When running locally with a private key cert for SSL, you'll need to give the user the emulator app is running under access to the private key. Open mmc.exe and add the Certificates >> Local Computer Snap-In to view your certificate. Right Click on the certificate, then All Tasks >> Manage Private Keys - then add IUSR and Network Service with at least read access.
For deployment to azure, you'll need to upload the certificate to the Cloud Service and make sure the certificate is valid for the domain.
Follow step 11 from http://www.microsoft.com/en-us/download/details.aspx?id=35448. From this SO post
I asked this on ServerFault, but didn't get any reply's, I know it's command line, but they should still be able to answer it, anyone here have any idea's?
I've ran the following (task description):
> Add-PsSnapin Microsoft.SharePoint.Powershell
> Backup-SPFarm -Directory E:\Backups -BackupMethod Full
But get this error:
Backup-SPFarm : Object reference not set to an instance of an object.
At line:1 char:14
+ Backup-SPFarm <<<< -Directory \\SHAREPOINTSERV\Backups -BackupMethod full
+ CategoryInfo : InvalidData: (Microsoft.Share...mdletBackupFarm:SPCmdletBackupFarm) [Backup-SPFarm], NullReferenceException
+ FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletBackupFarm
I can backup manually through the Admin site, so all the services/permissions are setup correctly.
I can't find much helpful info on this does anyone know why I'm getting this error message?
running SQL Server 2008 R2 and Win2008 Standard (x64).
tried setting the directory to a UNC path and a local path.
tried set-executionpolicy ByPass (and RemoteSigned)
I'm logged on as a user with enterprise admin security credentials
SharePoint & SQL Server are installed on the same machine
Not sure if relevent, but I'm a developer and have never used power-shell before (nor has it been used on this machine before)... so my only guess is there is some sort of pre-requisite that I am supposed to have run or know about?
EDIT:
VERBOSE OUTPUT
PS E:\Backups\Script> Backup-SPFarm -Directory E:\Backups -BackupMethod Full -Verbose
VERBOSE: Leaving BeginProcessing Method of Backup-SPFarm.
VERBOSE: Performing operation "Backup-SPFarm" on Target "SHAREPOINTSERV".
Backup-SPFarm : Object reference not set to an instance of an object.
At line:1 char:14
+ Backup-SPFarm <<<< -Directory E:\Backups -BackupMethod Full -Verbose
+ CategoryInfo : InvalidData: (Microsoft.Share...mdletBackupFarm:SPCmdletBackupFarm) [Backup-SPFarm], NullReferenceException
+ FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletBackupFarm
VERBOSE: Leaving ProcessRecord Method of Backup-SPFarm.
VERBOSE: Leaving EndProcessing Method of Backup-SPFarm.
Do you have the SQL Server and the SharePoint products installed on the same system? Or is this a farm deployment with multiple servers?
In case of a farm deployment, you have the provide a UNC path of the backup folder. At least, that is what
Get-Help Backup-SPFarm -Parameter Directory
says.
Also, can you post the output of
Backup-SPFarm -Directory E:\Backups -BackupMethod Full -Verbose
Unfortunately, as I suspected this was something simple, but took a long time to work out (thanks to Microsoft's amazingly useful error message :p )
I had opened Sharepoint Management Shell before, but as a different user, which meant I did see a vital message that would point me in the right direction...
When I set up the server, there was no need to log into SQL Server other than to set up the service accounts (I think I logged in as my user, not the enterprise admin) and the enterprise admin didn't have any SQL Server permissions.
I suspected the line Add-PsSnapin Microsoft.SharePoint.Powershell hadn't worked properly, even though it said it did.
As I was trying to create a powershell script through the powershell editor I never opened Sharepoint Management Shell as the admin user I had logged in as.
Once I had seen the message in Sharepoint Management Shell, I googled it, and problem solved.
It would have been nice of Microsoft to display this instead of the object reference message!
In the question on the technet site, you have dumped a stack trace that shows an error accessing the configuration DB info from the registry (at, I guess, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\14.0\Secure\ConfigDB).
Could you check the permissions of this key and the identity of the w3wp processes ?