We are trying to setup a connection between Azure ITSM Connector to Service Now, and we keep getting the following error after adding all required information (url, username, password, clientid, clientsecret)
Failed to add ITSM Connection
Failed to add ITSM Connection due to Bad Request. Please ensure valid credentials are provided.
I am on the Azure side and Service Now team reports the credentials we are using were successfully validated by some other group that uses the connector.
Since I don't know Service Now I have no clue about where to look at.
Could someone have an idea?
Thanks!
Related
Good evening, I have a problem with an application created and published by another person.
The application stopped working, no one realized that the secrets in the App Registrations were expired so I renewed them. Now if I try to start the application, I got this error message:
Unhandled exception. Microsoft.Extensions.Configuration.AzureAppConfiguration.KeyVaultReferenceException: ClientSecretCredential authentication failed: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'xxxxxxxxxxxxxxxxxxxx'.
The application is linked to App configuration and App Configuration is linked to Key Vault. I suppose I have to update somewhere the value of the secrets renewed but I can’t find where!!!
It’s probably something absolutely silly but I’m starting now with Azure and I can’t solve the problem! Can anyone please give me a hint? Thanks!
Looks like your application cannot authenticate with your Key Vault. In your application code, as part of AddAzureAppConfiguration call, you should have a call of ConfigureKeyVault, which specifies how you want your application to authenticate with your Key Vault. I guess the token credential you used there became invalid due to the secret rotation.
You can find more information about how to grant your application to access your Key Vault from this link:
https://learn.microsoft.com/en-us/azure/azure-app-configuration/use-key-vault-references-dotnet-core?tabs=core5x#grant-your-app-access-to-key-vault
I have elastic-search domain placed inside a VPC. I am able to connect to the domain from VPC with no issues. But for more security, I want authentication to be username:password based. I am using using elasticsearch-dsl to make the connection. Any idea how to setup a username and password based connection to the domain?
I tried updating the domain config, in order to set MasterUser and MasterPassword(Not sure if the right process).
aws es update-elasticsearch-domain-config --domain-name test-domain --advanced-security-options Enabled=true,InternalUserDatabaseEnabled=true
I get this error:
An error occurred (BaseException) when calling the UpdateElasticsearchDomainConfig operation: You don't have permissions to enable Advanced Security options.
Is this the right thing to do? If not, How can we enable password based authentication?
An error occurred (BaseException) when calling the UpdateElasticsearchDomainConfig operation: You don't have permissions to enable Advanced Security options.
The above error you are getting indicates you don't have the permissions to update the advanced security configuration.
You need to use the master user credentials when calling the update api.
Refer to the documentation here to get more info on master user:
https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html
I am getting this issue while publishing my .net core 3.1 app to azure app service.
I am able to publish the application but while hitting a url i am getting this error
Below are error details that i have found out in Event Viewer
" Login failed for user 'NT Service\SSISScaleOutMaster150'. Reason: Could not find a login matching the name provided. [CLIENT: ]"
NT Service\SSISScaleOutMaster150
Reason: Could not find a login matching the name provided.
[CLIENT: ]
I am also getting this icon when i am trying to publish it
denoting there are some warning in this section : Dependencies remote.
Other Details:
I am able to run application locally, I have a azure sql database which is connected to this, angular app as frontend and .net core 3.1 app as backend.
I have also tried creating a simple hello world app in .net core 3.1 and tried to deployed it. I am able to publish it and also able to run the url.
Kindly help me in this.
" Login failed for user 'NT Service\SSISScaleOutMaster150'. Reason: Could not find a login matching the name provided. [CLIENT: ]"
Judging from your error message, I think that when connecting to azure sql database, it may be filled in some places incorrectly.
Generally speaking, as long as the azure sql server can be used, the connection information is correct, and the yellow exclamation mark will not appear when adding Service Dependencies.
Troubleshooting steps:
1. Check login user NT Service\SSISScaleOutMaster150, whether you have the permission to log in to the database.
(I think there is a problem with this login user name, please check carefully. In Azure SQL, it is generally not in this format.)
① Use other tools such as SSMS to see if you can log in.
② If not, use the administrator to log in to azure sql server to check if the user name NT Service\SSISScaleOutMaster150 is in the user group.
2. Please check the azure sql server connection information, string, etc. To be consistent with the portal, local user name and password cannot be used, and the login information of azure sql server must be used.
I am currently trying to sync my on-premise Active Directory (hosted on Windows Server 2012 R2) with Azure's AD using the AD sync tool. However, I cannot get past the "Windows Azure Active Directory Credentials" step.
I have two accounts (for the sake of this post, let's call them A and B), both of which are global administrators on Azure. When I enter the credentials for account A, the sync tool insists that "The user name or password is incorrect" even though I can log onto the Azure portal with those exact credentials on my browser. It may be worth noting that account A does not require additional verification to sign on.
Account B has additional security verification and thus I created an app password for the sync tool (this feature is not present on account A since it does not require verification). Whenever I use the generated app password, I am greeted with the configuration error: "Unable to establish a connection to the authentication service. Contact Technical Support." Anything else in the password field will return "The user name or password is incorrect", leaving me to assume that the app password is valid, but my request is just not going through.
Each log-in attempt with account B and the app password has generated the following errors in my Server Manager logs:
System.Management.Automation.CmdletInvocationException: Unable to establish a connection to the authentication service. Contact Technical Support. ---> Microsoft.Online.DirSync.Common.DirectorySyncConfigurationException: Unable to establish a connection to the authentication service. Contact Technical Support.
at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)
Unable to establish a connection to the authentication service. Contact Technical Support.
Unable to establish a connection to the authentication service. Contact Technical Support. AuthIdentityToService() failed for adminwebservice.microsoftonline.com site with MBI_SSL policy. HResult:-2147186590. Contact Technical Support. (0x80048862)
So far, I have tried:
restarting my server
re-installing the sync tool
clearing my DNS cache
restarting the Azure sync service
disabling all firewalls
If anyone could help me interpret the errors or even provide me with a possible solution, I would greatly appreciate it!
The endpoint used by Azure AD Sync (and DirSync) does not allow the use of app passwords. Only a username/password combination can be accepted and it has to be a global administrator. If you follow our guidance to create a strong password for "account B", you have essentially created the same thing as an app password.
/Andreas Kjellman
Senior Program Manager, Microsoft, Identity and Access Management, sync services
Hi Guys anyone know what could be causing this. My database username and password is 100% correct because I can use those credentials to connect via management studio. stuck on this....
Error Number: 18456 Error Code: -2146232060 Message: Login failed for user 'scobiej#zlvnxgqm4d'.
This session has been assigned a tracing ID of 'eea2cc66-2174-4eed-8499-c1378c73f748'. Provide this tracing ID to customer support when you need assistance.
My database username and password is 100% correct
I guess you are trying to connect to your Azure Subscription to publish a website, not trying to connect to your database. Make sure you use you Azure Subscription credentials instead of your database login