In TFS I selected Azure VMs File Copy:
My machine is classic and I created classic storage account. I set up the connection using username and password, not management certificate.
The storage account and cloud service I had to populate myself, because they did not appear in the drop-down menu (so possibly something is wrong already at this stage).
In the Cloud Service I entered MyMachine.cloudapp.net.
The task starts, it seems to login successfully, but throws:
Unable to find type [Hyak.Common.CloudException]
Log:
2017-11-24T14:21:28.80333Z Add-AzureAccount -Credential $psCredential
2017-11-24T14:21:35.866333Z Select-AzureSubscription -SubscriptionId -Default
2017-11-24T14:21:35.882333Z Set-AzureSubscription -SubscriptionId yy -CurrentStorageAccountName yyy
2017-11-24T14:21:35.898333Z ##[debug]Starting Azure File Copy Task
2017-11-24T14:21:35.898333Z ##[debug]connectedServiceNameSelector = ConnectedServiceName
2017-11-24T14:21:35.898333Z [debug]connectedServiceName = yyyyyy
(..)
2017-11-24T14:21:35.991333Z ##[debug]Loading AzureUtilityLTE9.8.ps1
2017-11-24T14:21:36.007333Z ##[debug]Connection type used is
UsernamePassword
2017-11-24T14:21:36.022333Z ##[debug]Azure
CallRetrieving storage key for the storage account:
mystorageaccount
2017-11-24T14:21:38.924333Z ##[error]Unable to find type
[Hyak.Common.CloudException].
Please help.
Actually you don't need to manually type the storage account, it will auto appear in the drop list. You just need to specify a pre-existing classic storage account. It is also used as an intermediary for copying files to Azure VMs.
Classic Storage Account
Required if you select Azure Classic for the Azure Connection Type
parameter. The name of an existing storage account within the Azure
subscription.
According to your log, the issue may related to the storage account setting. Double check this configuration under your Azure subscription.
Also suggest you go through this documentation to get more info of the Azure File Copy task. Such as make sure the machine should configured to allow WinRM connections.
Related
I am not sure weather azure storage account is domain joined or not. I want to access files from the azure file share storage as shared path without mounting this file share.
• You can check if the storage account is domain joined or not by checking the on-premises ADDS environment for a computer account or a service logon account with User Principal Name/Service Principal Name as ‘cifs/your-storage-account-name-here.file.core.windows.net’. For this purpose, you should have ‘ADUser.Read’ permissions on the Active Directory environment or you should logon to the AD Users and Computers console with the ID who is a member of ‘Domain Members’ group.
• If you have ‘Contributor’ role access to Azure resources in your tenant, execute the below command in Azure cloud powershell to know detailed information regarding the storage account authentication with Active Directory. If the storage account is domain joined to an ADDS environment, then it will display accordingly: -
Debug-AzStorageAccountAuth -StorageAccountName $StorageAccountName -ResourceGroupName $ResourceGroupName -Verbose
Also, to know whether the Azure files authentication for on-premises identities is enabled or not, kindly refer to the below documentation link. It describes a powershell script which shows the Active Directory service options for files share in your storage account: -
https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-enable#confirm-the-feature-is-enabled
Account is domain joined or not, can be checked from the Azure file share itself when we click the connect button it show authentication method as active directory enabled. and also we can check it from the overview of the account also.
I am trying to put some auto start policy on my VM on Azure.
So, I used automation account and power shell script to do this from this link: https://adamtheautomator.com/azure-vm-schedule/
But on testing it give me error of Run Login-AzureRmAccount to login
Please suggest how to fix this?
## Get the Azure Automation Acount Information
$azConn = Get-AutomationConnection -Name 'AzureRunAsConnection'
## Add the automation account context to the session
Add-AzureRMAccount -ServicePrincipal -Tenant $azConn.TenantID -ApplicationId $azConn.ApplicationId -CertificateThumbprint $azConn.CertificateThumbprint
## Get the Azure VMs with tags matching the value '10am'
$azVMs = Get-AzureRMVM | Where-Object {$_.Tags.StartTime -eq '10am'}
## Start VMs
$azVMS | Start-AzureRMVM
Regards
ESNGSRJ
This can happen when the Run As account isn't configured appropriately. You will need to create one to provide authentication for managing resources on the Azure Resource Manager using Automation runbooks.
When you create a Run As account, it performs the following tasks:
Creates an Azure AD application with a self-signed certificate, creates a service principal account for the application in Azure AD, and assigns the Contributor role for the account in your current subscription.
Creates an Automation certificate asset named AzureRunAsCertificate in the specified Automation account.
Creates an Automation connection asset named AzureRunAsConnection in the specified Automation account.
Please note the following requirements from the referenced link:
You must have an Azure Automation Account with an Azure Run As account already prepared. If you don’t have this yet, learn how to create one when you go to Create a new Automation account in the Azure portal.
The Azure PowerShell module must be installed. If you don’t have this yet, please go to the Install the Azure PowerShell module page for more information.
Note: You can configure your Runbook to use managed identities as well and it has added benefits as compared to using Run As accounts. You can get started with this tutorial to use managed identity.
I am working on Microsoft Azure, in which I have a group of resources for a test environment and a production environment, in both I have an Azure SQL Databases database server with its respective database.
I am creating a Runbook of Automation Accounts in Powershell in another Microsoft Azure account (Important Note) that is responsible for "Copying" the production database to tests. I know that there is the New-AzSqlDatabaseCopy command, however, this command does not It works with Hyperscale databases.
Is there an alternative to this command in Hyperscale? or in this second account it is possible to create a. Bacpac remotely with Azure commands for Powershell, all I have seen are for working on the same account, but the database account is different from the automation account due to work rates.
Thank you in advance for your help and comments.
I already tried to use the New-AzureRmSqlDatabaseExport command, but it seems to work only in the same Azure Account, and I can't specify "Azure Account for backup" and "Azure account for storage". Am I right?
Like Alberto Morillo says in his comment New-AzSqlDatabaseCopy it's currently not available for Azure SQL HyperScale. at least at the moment of this answer.
So i try to use New-AzureRmSqlDatabaseExport with 2 Azure Accounts and it's tottally possible, you need to login with the Azure Account of the origin database Connect-AzureRmAccount then you need to call the New-AzureRmSqlDatabaseExport command with the following parameters.
New-AzureRmSqlDatabaseExport
-ResourceGroupName $RGName # Resource group of the source database
-ServerName $Server # Server name of the source database
-DatabaseName $Database # Name of the source database
-AdministratorLogin $User # Administrator user of the source database
-AdministratorLoginPassword $Pwd # Password of the source database
-StorageKeytype "StorageAccessKey" # Key type of the destination storage account (The one of the another azure account)
-StorageKey $StorageKey # Key of the destination storage account(The one of the another azure account)
-StorageUri $StorageFileFullURI # The full file uri of the destination storage (The one of the another azure account)
# The format of the URI file is the following:
# https://contosostorageaccount.blob.core.windows.net/backupscontainer/backupdatabasefile.bacpac
unfortunately, this command is not enabled for hyperscale, so I get the following error message:
New-AzureRmSqlDatabaseExport : 40822: This feature is not available for the selected database's edition (Hyperscale).
I used the same command with a database that was not Hyperscale and it worked perfectly.
Finally, I think I will have to perform the manual process for at least a few months, have Microsoft launch the update for HyperScale
Database copy is currently not available for Azure SQL Hyperscale but you may see it in public preview in a few months.
I want to use Get-AzureStorageBlob in a powershell script so my client can download files from my Azure Blob storage ( I use Devops to put them there )
The keys are in the script so the client does not need an Azure account.
He does however need to install Azure Powershell
And the instructions ask him to log in to Azure.
Is there an alternative?
If you just operates with azure storage, then you can ignore the "Connect-AzAccount" cmdlet.
After installing azure powershell module, since you have account_name and account_key of storage account, directly use them to download the blob.
But if you want to operate other resources like vm etc.,then you need to the cmdlet "Connect-AzAccount".
When I click Show Details in the right Commands panel I get an error message
cannot be loaded because running scripts is disabled on this system.
Is it possible to set up a custom domain for a Azure Resource Manager (ARM) storage account using Azure Powershell? If so, how?
I tried to set up a custom domain through the Azure Preview Web Portal but that functionality does not yet exist for the new resource manager storage accounts.
Using this documentation, I am able to login and see the properties of my new RM storage account, but I am unsure how to update the CustomDomain property. I expected to find an example/documentation of how this worked with the old storage accounts, but I have not found anything.
I have found a solution that worked for us. You can use the Set-AzureRmStorageAccount command to set properties on an existing storage group. Not sure how I missed this one.
Set-AzureRmStorageAccount -ResourceGroupName "<YOUR RESOURCE GROUPNAME>" -Name "<YOUR STORAGE ACCOUNT NAME>" -CustomDomainName <YOUR.CUSTOM.DOMAIN> -UseSubDomain $true
In case, like me, you get ResourceGroupNotFound do following command to select your subscription before (you get your subscription id in the Azure Portal):
Select-AzureRmSubscription -SubscriptionId <YourSubscriptionID>