We're using cloud service to host a MVC web application, we want to access the remote desktop to do some settings. We deploy this application by uploading the packages and configuration file. When we click on the "Connect" button on the cloud service dashboard, we got the error:
"Failed to download the file Error details: error 400 Bad Request"
I think that the 400 Bad Request is a generic response when the Azure RDP configuration is bad. When I went to the old portal and tried to RDP from there I received a better explanation
The supplied cscfg file can not be parsed. Got exception
Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword
Turns out the real issue was that the thumbprint I provided for my cert did not match the cert I had uploaded to Azure. The quick fix was to
Go to the old portal and select my cloud service
Select the 'Configure' tab
Select 'Remote' on the bottom bar
Re-configure the remote desktop settings
It cycled my roles, but when they came back I was able to successfully RDP. The real fix would be to put the correct information in the Cloud Service configuration as you are deploying.
Related
I am getting below error while deploying app service via Azure DevOps. I tried to search for this issue but could not found root cause of this.
Error :
2021-03-15T06:01:27.7479723Z ##[error]Error: Error Code: ERROR_COULD_NOT_CONNECT_TO_REMOTESVC
More Information: Could not connect to the remote computer ("web-app.scm.azurewebsites.net") using the specified process ("Web Management Service") because the server did not respond. Make sure that the process ("Web Management Service") is started on the remote computer. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_COULD_NOT_CONNECT_TO_REMOTESVC.
Error: The remote server returned an error: (403) Forbidden.
Error count: 1.
'''
I tried everything until I spotted (after reading this) that my (dev) shared App Service service plan was out of storage space! When I upgraded it to a bigger one I could deploy again!
According to this document, the error is caused by that Web Deploy cannot connect to the remote service. Please refer to the follow points to troubleshoot your problem:
Please make sure Azure app service works fine. You can ping the remote machine.
That the msdepsvc(“Microsoft Web Deployment Agent Service”) or wmsvc(“Web Management Service”) service is started on the remote server.
Your firewall is not blocking incoming connections of your ports on the destination. If you used the default installation, then it would be 80 for msdepsvc and 8172 for wmsvc.
In addition, you could try to add -retryInterval:6000 -retryAttempts:10 to Additional Arguments in Azure App Service Deploy task as this thread stated.
BTW, if this issue still exists in Azure pipeline, please check if this issue exists locally. You could refer to this thread: Got 403 Error when doing Web Deployment and Web Deploy results in ERROR_COULD_NOT_CONNECT_TO_REMOTESVC for more guidance.
Thank you Edward for insightful explanation for possible root cause. Issue is resolved now.
Root cause was the agent pool selected did not have rights for deployment(IP are not whitelisted for production App service) since
We are not using agent provided by DevOps directly for production environment.
An instance that'd worked great for years starting giving me this error yesterday during Web Deploy. No changes from our side. No amount of poking around non-invasively solved it, but simply hitting the Restart button on the Azure app service Overview page put it to bed quite easily.
In short: Double-check your publish profile (each element).
Bit longer: In my case, my publish profile contained a ResourceGroup element which pointed to the wrong resource group. (I'm using WebPublishMethod: MSDeploy) I went over all elements and made sure they point to the correct resource, credentials and whatnot.
That seemed to solve the issue.
In my case, I had modified machine.config to captur traffic in Fiddler
<system.net>
<defaultProxy
enabled = "true"
useDefaultCredentials = "true">
<proxy autoDetect="false" bypassonlocal="false" proxyaddress="http://127.0.0.1:8888" usesystemdefault="false" />
</defaultProxy>
</system.net>
and this was interfering with the VS deployment to Azure
I have an Azure Cloud Service (classic) that I am trying to enable RDP access on. Enabling it requires having a username, password, and a preexisting encryption certificate. I supply all of the information for those fields, but receive an error "Failed to save Remote Desktop settings" with the following error: "Failed to update extensions for following rules DemoWorkerRole. ajaxExtended call failed". How do I resolve this error?
I'm assuming there is something wrong with my certificate - it's CN is the same as the cloud service's Site URL without the http:// prefix and the / suffix.
It was an incorrect RDP configuration, thank you Jason Pan!
In Azure, I turned on IP restrictions for:
Web App (Networking > Access Restrictions)
SQL server (Firewalls and virtual networks > Add client IP)
SQL database (Set server settings)
The solution still builds locally and in DevOps (aka Team Foundation Server).
However, Azure App Service Deploy now fails:
##[error]Failed to deploy App Service.
##[error]Error Code: ERROR_COULD_NOT_CONNECT_TO_REMOTESVC
More Information: Could not connect to the remote computer
("MYSITENAME.scm.azurewebsites.net") using the specified process ("Web Management Service") because the server did not respond. Make sure that the process ("Web Management Service") is started on the remote computer.
Error: The remote server returned an error: (403) Forbidden.
Error count: 1.
How can I deploy through the firewall?
Do I need a Virtual Network to hide Azure resources behind my whitelisted IP?
The REST site scm.azurewebsites.net must have Allow All, i.e. no restriction. Also, Same restrictions as ***.azurewebsites.net should be unchecked.
It does not need additional restriction because url access already requires Microsoft credentials. If restrictions are added, deploy will fail the firewall, hence the many complications I encountered.
I think the answer is incorrect as you might face data ex-filtration and that's the reason Microsoft provide the feature to lock down SCM portal (Kudu console)
There is also a security issue on Kudu portal as it can display the secret of your keyvault (if you use keyvault) and you don't want someone in your organisation to access the Kudu portal for example.
You have to follow this link
https://learn.microsoft.com/en-us/azure/devops/organizations/security/allow-list-ip-url?view=azure-devops
It will provide you Azure DevOPS IP range that you need to allow on the SCM Access restriction.
Update: To make it works as expected and to use App Service Access Restriction (same for an Azure Function), you need to use the Service Tags "AzureCloud" and not the Azure DevOPS IP range as it's not enough. on the Azure Pipeline logs, you can see the IP blocked so you can see that it's within the ServiceTags "AzureCloud" in the Service Tags JSON file
It's not really clear on the MS Doc but the reason is that they struggled to define a proper IP range for Azure DevOPS Pipeline so they use IPs from AzureCloud Service Tag.
https://www.microsoft.com/en-us/download/details.aspx?id=56519
In my case I was deploying using Azure DevOps and got the error. It turned out the app service where my API was being deployed to, had the box checked "Same restrictions as xxxx.azurewebsites.net", under access restrictions or IP restrictions. you need to allow scm.azurewebsites.net.
Try adding the application setting WEBSITE_WEBDEPLOY_USE_SCM with a value of false to your Azure App Service. This was able to solve my issues deploying to a private endpoint.
In my case it was because the daily quota was overpassed.
So the solution in this case is either wait or pay more (scale up) the app service
In my case this was because the wrong agent (Windows Hosting) was being used when I should have been using a self hosted internal agent... so I needed to change it at the following location
When authorizing one drive with my web app service getting below error 'unauthorized_client: The client does not exist. If you are the application developer, configure a new application through the application management site at https://apps.dev.microsoft.com/.'
I am trying to deploy an web app created 'index.html' file stored in onedrive and wanted to connect deployment center with one drive, checked the web app URL provided in azure it is up and running.
This issue should be fixed now. Could you please try again and update here. If it doesn't work, I would need a network trace while reproducing the issue.
Help! When I try to creat a web site on Azure, I receive the following error message:
There was no endpoint listening at https://geomaster.azurewebsites.windows.net/subscriptions/2762018c-1ace-4b11-a55d-7b69d004cca3/webspaces/eastuswebspace/sites that could accept the message.
I was able to create 2 sites about 3 months ago without any problem. My subscription is an active pay as you go account. I'm not trying to do anything advanced, just a web site connected to a SQL DB. The SQL DB creates without a problem. I was also able to create a virtual Win2008 machine. Azure reps have said my account is fine. I don't know where else to look. Thanks
-ph
If your development machine is behind a proxy server, the problem could be caused by the machine's proxy server settings. Have a look at them via Control Panel / Network and Internet / Internet Options / Connections tab / Lan Settings and try checking the box for 'Automatically detect settings' if it isn't.
Solved: Azure Problem - There was no endpoint listening at that could accept the message
Windows Azure Package Deployment Failed with Error - "There was no endpoint listening"
Same for me. Seems they simply do not have enough recourses atm.
refs:
http://social.technet.microsoft.com/Forums/windowsazure/en-US/611545bc-a061-4107-9240-597b60131b8b/error-creating-azure-website
http://social.msdn.microsoft.com/Forums/windowsazure/en-US/389cba4f-8943-4f56-8b0e-9f9066154337/error-creating-azure-website