while moving VM from one resource group to another this error encountered while there is no SQL VM associated with VM still getting this error
{
**"code": "ResourceMoveProviderValidationFailed",**
"message": "Resource move validation failed. Please see details. Diagnostic information: timestamp '20200908T142742Z', subscription id 'xxx-xxx-xxxx', tracking id 'xxxxxxx-414a-xxxxx-adb4-xxxxxx', request correlation id 'xxxxxxxxxxxx'.",
"details": [
{
"code": "MissingMoveResources",
"target": "Microsoft.SqlVirtualMachine/SqlVirtualMachines",
"message": **"Cannot move resource(s) because following resources /subscriptions/xxxxxxxxx/resourceGroups/myrgroup/providers/Microsoft.SqlVirtualMachine/sqlVirtualMachines/xxxxx0020 need to be included in move request to target resource group as well. Please include these and try again.**"
}
]
}
The error code 409 MissingMoveResources is documented in the Azure SQL VM REST API documentation as:
409 MissingMoveResources - Cannot move resources(s) because some
resources are missing in the request.
So, going by the error details posted above, it does mean that the Virtual Machine you're looking at is linked to a SQL Virtual Machine. The easiest way would be to verify it from the Portal itself:
As seen in the screenshot above:
Presence of the SQL Server Configuration tab under the Settings blade, and
Publisher being MicrosoftSQLServer
confirm the same.
Therefore, you'd have to know the associated SQL Virtual Machine and include that as well in your request to complete the move operation successfully. You can get to the SQL VM by accessing the SQL Server configuration tab.
Related
I have an Azure Windows 10 VM (Standard D2as v4 (2 vcpus, 8 GiB memory)). I have tried using the automated tasks section to start this VM up and shut it down automatically. However, the auto start task repeatedly fails. I do not understand why. Here is the error that I have found:
Unauthorized!
{
"error": {
"code": "InvalidAuthenticationTokenTenant",
"message": "The access token is from the wrong issuer 'https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxx/'. It must match the tenant 'https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxx/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later."
}
}
I do not understand what is going on at all am afraid. If someone could please explain and help resolve!
Thanks!
I have tried in my environment and got below results:
Initially I have created Virtual machine in my environment and added two tasks like Azure start VM and Azure stop VM
Task1 - start VM
Home -> Virtual machine -> Automation -> task
I have Authenticated connection both Azure VM (azurevm) and Office 365 Outlook (office365)
Configuration:
After created task1 it will appears on the Tasks list.
After the selected task runs, you get an email that looks like this example:
In the tasks list-> task1->In that task's Runs column, select View.
Task2 - Stop VM
Similar process which I took to reproduce:
Mail:
View:
{ "error": { "code": "InvalidAuthenticationTokenTenant", "message": "The access token is from the wrong issuer
'https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxx/'. It must match the tenant 'https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxx/' associated with this subscription. Please use the authority (URL)'https://login.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later."} }
The above error occurs due to not have enough permission.
You must have certain permissions to enable VMs for the Start&Stop VMs.
Kindly check and make sure you have role of Contributor to your logic app.
In permission they has some of the pre-existing Automation account and new Automation account for log analytics workspace kindly check the below reference link.
Logic app:
logic app -> task1->Run history
Reference:
https://learn.microsoft.com/en-us/azure/automation/automation-solution-vm-management
Azure Logic App: Azure VM Connector - InvalidAuthenticationTokenTenant - Microsoft Q&A
I have a new vm, Operating system Windows (Windows Server 2016 Datacenter).
When I try to enable backup and select new Recovery Service Vault, I get deployment error:
Deployment to resource group test failed.
Additional details from the underlying API that might be helpful: At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
Resource
vault242/Azure/iaasvmcontainer;iaasvmcontainerv2;test;web01/vm;iaasvmcontainerv2;test;web01
Type
Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems
Status
Conflict
Status message
{
"status": "Failed",
"error": {
"code": "BMSUserErrorContainerObjectNotFound",
"message": "Item not found"
}
}
Can't find any information for code BMSUserErrorContainerObjectNotFound and why a protected item not created automatically
My apologies for the delay in the response.
Were you able to resolve the issue?
If not, let's review it.
As I understood, you are enabling the Azure VM Back Up by following the next steps:
There could be multiple reasons why you are getting this failure.
Did you perform these steps manually using the Azure Portal? Template deployment? Scripting? I suspect most likely you are doing the template deployment or any kind of scripting and this one is the syntax issue.
Second thought, it was the transmitted issue due to the load of request on the Azure end. In this case, you need to retry the operation.
Additional question to ask, do you get the failure on one specific machine or all machines? Specific region?
Do you get the same failure when you use the existing vault?
If you still can provide information above, it's going to be helpful to narrow down the root cause.
I ran into this error as well today and I think it is is a Azure portal bug when enabling the Backup from the VM blade.
Instead, you can initiate a Backup from the "Recovery Services vaults" blade and add the VM to it.
We have an several VMs connected to the Log Analytics workspace and the automation is linked to it. The Update Management is enabled on all VMs and it's working properly.
When trying to enable either the Change Tracking or Inventory in the Configuration Management, it's showing "Cannot enable" status. As far as I know both the Update Management and Configuration Management use the same Agent, so it shouldn't be a problem.
Did I miss something here? If you have any Idea of what is the reason, please share it with me.
Here is the error of the deployment:
OPERATION ID *****
TRACKING ID *****
STATUS BadRequest
STATUS MESSAGE {
"error": {
"code": "BadRequest",
"message": ""
}
}
PROVISIONING STATE Failed
TIMESTAMP 11.6.2019, 14:11:42
DURATION 1 second
TYPE Microsoft.OperationalInsights/workspaces/configurationScopes
RESOURCE ID *******/MicrosoftDefaultScopeConfig-ChangeTracking
RESOURCE som-workspace/MicrosoftDefaultScopeConfig-ChangeTrac
I tried to export Sql Database in azure to storage blob but the operation failed. I do this task daily last month and this issue is new. It shows as follows :
Error encountered during the service operation.Blob https://blob link/dbname-2019-1-16-14-24.bacpac is not writeable. The remote server returned an error: (403) Forbidden.The remote server returned an error: (403) Forbidden.
I had the same problem. I have contacted Azure support and this is their response.
We recently identified a regression in the import/export service that is generating incorrect SAS tokens to the storage accounts.
The engineering team has rolled out the fix, but it might take some time for the fix to get applied worldwide.
Please try the following link to access Azure portal and then perform the export operations:
https://portal.azure.com/?feature.canmodifystamps=trueµsoft_azure_storage=stage1
The portal shows an orange title bar if you open it via the above link, this is expected.
So, it should be already fixed by now.
If you're using sql scripts for back up following this link, then I suspect that the expired date of SHARED ACCESS SIGNATURE is reached.
Please re-generate SHARED ACCESS SIGNATURE, and then use the new key for backup.
Please let me know if any more issues.
Make sure a firewall rule does not exist. Please go to the Azure portal "Storage Accounts → "YourStorageAccountName" → Firewalls and Virtual Networks (left vertical panel). Put it to "Allow access" from "All networks". You can also configure the storage account with exceptions for trusted Microsoft services as explained here.
I have been using an Azure VM for several weeks: (Windows 10, Visual Studio Developer VM), But have been unable to login for several hours.
The machine is reported as running, RDP finds the machine and presents the login box, but Login fails: (Your credentials did not work)
The VM can be restarted, but the same error occurs.
Boot diagnostics shows the Windows 10 'beach cave' image
Attempts to reset the password give errors in the event log:
Failed to reset password At lease one resource deployment operation
failed. Please list deployment operations for details. see
https://aka.ms/arm-debug for usage details.
Then Deployment operations has this error:
Deployment failed Deployment to resource group 'MY_AZURE_GROUP'
failed. Additional details from the underlying API that may be
helpful. At least one deployment operation failed. Please list
deployment operations for details.
Then this error expands to:
Status: Conflict
Provisioning State: Failed
Type: Microsoft.Compute/virtualMachines/extensions
StatusMessage:
{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "VMExtensionProvisioningError",
"message": "VM has reported a failure when processing extension 'enablevmaccess'. Error message: \"Cannot update Remote Desktop Connection settings for built-in Administrator account. Error: The system is not authoritative for the specified account and therefore cannot complete the operation. Please retry the operation using the provider associated with this account. If this is an online provider please use the provider's online site.\r\n\"."
}
]
}
}
So I then tried Redeploying the VM: Which gave this error
Failed to redeploy the virtual machine 'MY_AZURE_VM'. Error: VM has reported a failure when processing extension 'enablevmaccess'. Error message: "Cannot update Remote Desktop Connection settings for built-in Administrator account. Error: The system is not authoritative for the specified account and therefore cannot complete the operation. Please retry the operation using the provider associated with this account. If this is an online provider please use the provider's online site.
The message "The system is not authoritative for the specified account" hints at some permissions failure somewhere.
What does this mean - and how can I fix it?
Turns out the answer was not obvious and is still a little perplexing.
On first use Cortana had asked for a Microsoft account - so I had supplied details of one I rarely use (Lets call it rarely.used#domain.com) In the background Windows had changed my MY_AZURE_VM\MyLogin (my only login - and the admin user on that VM) to the Microsoft account rarely.used#domain.com!
So now I login with that Microsoft account - and all is well.
If I look in the Computer Management Users - MyLogin still exists - as the only user on the system - but If I try adding it to a Group, Check-Names converts it to rarely.used#domain.com