I want to creating Managed Metadata Service using powershell.
powershell command is :
New-SPMetadataServiceApplication -Name $MetadataServiceName -AdministratorAccount "domain\SP_Crawl" -DatabaseServer $instanceName -DatabaseName $MetadataServiceDB -ApplicationPool $AppPool -SyndicationErrorReportEnabled
its working fine if in -AdministratorAccount i am adding single user i.e. "domain\SP_Crawl".
but i want to add multiple user as an administrator like "domain\SP_Crawl,domain\SP_Farm"
but its not working.
Please help me how can i set multiple user in -AdministratorAccount
Sorry its my mistake.
there is a space between "domain\SP_Crawl, domain\SP_Farm" that the reason its not working.
it should be like:
New-SPMetadataServiceApplication -Name $MetadataServiceName -AdministratorAccount "domain\SP_Crawl,domain\SP_Farm" -DatabaseServer $instanceName -DatabaseName $MetadataServiceDB -ApplicationPool $AppPool -SyndicationErrorReportEnabled
Related
I got a script on a VM within the subscription/rg that runs a ps module called Qlik-Cli, it uses a certificate and a login.
The certificate is stored in the local store for the serviceaccount, not a choise, how the product works.
I need to trigger this thorgh a powershell runbook.
In order for this to work, I need to trigger this with the service account, cause it won't find the certificate otherwise.
This is something we are going to schedule so it has to be done this way.
How can I run it this way, or is it not possible?
I can't find any good option when googeling it.
> Import-Module -Name Qlik-Cli
> [Net.ServicePointManager]::SecurityProtocol =
> [Net.SecurityProtocolType]::Tls12 $logpath =
> "E:\Tools\Scripts\log.txt" get-childitem cert:\currentuser\My\ |
> where {$_.Thumbprint -eq '"thumbprint"'} |
> Connect-Qlik "DNS" -UserName
> "user" -TrustAllCerts -verbose 4>&1 | Out-File
> -Append $logpath Start-QlikTask -id df9dfa2f-32ca-4db4-bdce-15ad924fd59f -verbose 4>&1 | Out-File -Append
> $logpath
The script in the runbook:
$ServicePrincipalConnection = Get-AutomationConnection -Name 'AzureRunAsConnection'
Add-AzAccount -ServicePrincipal -TenantId $ServicePrincipalConnection.TenantId -ApplicationId $ServicePrincipalConnection.ApplicationId -CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
$rgname ="Resource-Group"
$vmname ="Virtual machine name"
$ScriptToRun = "E:\Tools\Scripts\Tasktrigger.ps1"
Out-File -InputObject $ScriptToRun -FilePath ScriptToRun.ps1
Invoke-AzVMRunCommand -ResourceGroupName $rgname -Name $vmname -CommandId 'RunPowerShellScript' -ScriptPath ScriptToRun.ps1
Remove-Item -Path ScriptToRun.ps1
What the logs says from the script (local script) when I execute the runbook is that it can't find the certificate which is not strange.
Raw output:
Found 0 certificates in the current user store
Found 0 certificates in the local machine store
No valid certificate found, using windows credentials
Used the code on Github for the module Click-Cli to backtrack the error message. Had to change certificate and imporrt the new one in personal / machine store.
Also the default username when running it from outside the QlikServer is domain\Servername$, which means you have to change permissions on the account in QlikSense to allow it to execute tasks.
You can see the name if you use verbose logging to file once you added the right certficate all the way.
The Qlik-CLI module, reads the client, QlikClient, certificate from cert:\\CurrentUser\My.
So, if you are trying to run Qlik-CLI scripts as a different user than the Qlik Sense service user account (or on another machine), you need to log in as the service account, export the QlikClient certificate, including the private key, and install it under the user running the script.
The -UserName argument is just to tell Qlik who you want to be, given that you have the certificate in order.
To cut it short: Run the script as the Qlik service user. It will save you a lot of hassle. :)
I want to stop and start ie restart a logic app on Azure using Powershell
I have looked at the documentation and it shows the following:
Stop-AzureRmLogicAppRun -ResourceGroupName "ResourceGroup11" -Name
"LogicApp03" -RunName "08587489104702792076" -Force
But where can i find the -RunName on Azure ?
Runs appears in the Runs history:
The RunName is just the run identifier.
So you can get it from azure portal or you can get runs history using powershell with Get-AzureRmLogicAppRunHistory (or Get-AzLogicAppRunHistory if you're using the new az powershell module).
To get all the Running runs, you can try this command:
Get-AzureRmLogicAppRunHistory -ResourceGroupName <rg name> -Name <logicapp name> | Where {$_.Status -eq 'Running'}
Also if you want to disable a logic app, you use this command:
Set-AzureRmLogicApp -ResourceGroupName <rg name> -Name <logicapp name> -State "Disabled"
I am trying to run the below command
Invoke-AzVMRunCommand -ResourceGroupName $instance.ResourceGroupName -Name $instance.Name -CommandId 'RunPowerShellScript' -ScriptPath 'C:\Users\tushar.raichand\Desktop\sample.ps1'
Sample.ps1 is as below
$output = Get-LocalUser
Write-Output $output
$output
The output i am getting for Invoke-AzVMRunCommand is
Microsoft.Azure.Commands.Compute.Automation.Models.PSRunCommandResult
First, make sure you have enough permission to show the details of a command, see Limiting access to Run Command:
Listing the run commands or showing the details of a command require the Microsoft.Compute/locations/runCommands/read permission, which the built-in Reader role and higher have.
Besides, the command Invoke-AzureRmVMRunCommand belongs to the AzureRM powershell module which has been deprecated, you may need to upgrade it to the new Az module, refer to this link to upgrade.
I test the script with the new Az command Invoke-AzVMRunCommand, it works fine.
Invoke-AzVMRunCommand -ResourceGroupName joywebapp -Name joyVM -CommandId 'RunPowerShellScript' -ScriptPath 'C:\Users\joyw\Desktop\sample.ps1'
sample.ps1:
$output = Get-LocalUser
Write-Output $output
Result:
I wan't to create a Runbook that will start a specific (or parameter controlled) VM, and then run a script (locally or from blob storage) on the VM.
I have checked a lot of documentation, but so far without luck in getting it to work.
What I got so far under the same Resource Group:
VM created
Automation account created incl. Run As account
Azure Automation solution (OMS)
Credential (to my own account) under the automation account
Used several Runbook galleries and other code examples using functions as e.g.
Start-AzureVM ...
Invoke-Command ...
Anyone of you good people out there who can sample a guideline on what is needed depending on methods being used?
The VM start part is working, but I cannot get the login + executing of script to work!
I'm not a high skilled developer, and I have even doubts about choosing between the script languages in Azure.
Any help will be highly appreciated.
Thanks,
Tom
Invoke-Command
Invoke-AzureRmVMRunCommand
Set-AzureRmVMCustomScriptExtension
New-SSHSession + Invoke-SSHCommand
Code taken from e.g. gallary "Connect-AzureVM"
the parameter -ScriptPath of Invoke-AzureRmVMRunCommand should not point to the path in the remote computer, but should point to the local path of runbook environment.
Sample code like below(create a file named atestfile.txt in the remote vm):
$ServicePrincipalConnection = Get-AutomationConnection -Name 'AzureRunAsConnection'
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $ServicePrincipalConnection.TenantId `
-ApplicationId $ServicePrincipalConnection.ApplicationId `
-CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
#define resource group and vm name
$resourceGroup ="xxx"
$VmName ="xxx"
#define the scripts in $scriptblock, and add the content of $scriptblock to aa.ps1 in current directory of runbook
write-output "create test file"
$scriptblock = "New-Item -path c:\test -name atestfile.txt -itemtype file -force"
Out-File -FilePath aa.ps1 -InputObject $scriptblock
#Note that the -ScriptPath should not point to the remote path(in remote vm), it should point to the local path where you execute the command Invoke-AzureRmVMRunCommand
Invoke-AzureRmVMRunCommand -ResourceGroupName $resourceGroup -Name $VmName -CommandId 'RunPowerShellScript' -ScriptPath aa.ps1
#after execution, you can remove the file
Remove-Item -Path aa.ps1
write-output "done now"
Test result:
Is there a way to get the subscription id from the running (LINUX)VM instance in AZURE?
Can WALinuxAgent read the subscription ID from the internal server ?
This can be achieved using the Azure Instance Metadata Service. Calling this service from your VM will return a JSON with SubscriptionId among other useful data. Sample Microsoft bash script for calling the metadata service (with updated version in the request):
sudo apt-get install curl
sudo apt-get install jq
curl -H Metadata:True "http://169.254.169.254/metadata/instance?api-version=2017-08-01&format=json" | jq .
See "Response" section in provided link for sample response, with subscriptionId.
You can use powershell to achieve this.
First of all.
What kind of VM deployment model?
ARM
In this case it very simple.
$vm = Get-AzureRmVM -ResourceGroupName $resourceGroupName -Name $vmName
$vm.Id
You'll see - "/subscriptions/{subscriptionId}/..."
Classic
If you know resource group VM was deployed to, use following:
$resource = Get-AzureRmResource -ResourceGroupName $resourceGroupName -ResourceType Microsoft.ClassicCompute/virtualMachines -Name $vmName
$resource.ResourceId
Same - you"ll see "/subscriptions/{subscriptionId}/..."
Way to find resourceGroupName, if unknown (in case you write some automative script):
$vm = Get-AzureVM | Where {$_.Name -eq $vmName}
$service = Get-AzureService -ServiceName $vm.ServiceName
$service.ExtendedProperties.ResourceGroup
Hope it helps