I'm using Microsoft Azure VM and have reset the Administrator password using:
Computer Management - > User and Groups - > Right click and Reset
But once I try to RDP as Administrator,the new password didn't work out.
I tried to reset the password using powershell ISE with below explanation .
Resetting Admin Passwords on Microsoft Azure VM’s
And I found that VM Agent is not installed.
How can I install the VM Agent using Powershell ISE and then reset Admin password ?
Thanks
You need to be able to connect via RDP to be able to install the agent via executing a msi in the VM. You can download the msi for agent on Microsoft site.
The to let VM know that agent is installed you can execute below cmdlets via Azure PowerShell:
$vm = Get-AzureVM –ServiceName [Name]
$vm.VM.ProvisionGuestAgent = $true
Update-AzureVM –VM $vm.VM -ServiceName
If the agent is not installed this usually means that the VM image was not properly preped / generalized for Azure. I have had this situation(it was quite weird as I will use an image to deploy few VMs then about a week later new VM provisioning will start to fail stating agent was missing. When I called support and worked with them it got traced to bad provision process on my end)
Related
I'm new to powershell and Azure cmdlets(ASM or ARM). I'm trying to list all the cloud service along with its Remote Desktop status(Enabled or Disabled). I'm able to get the cloud service details using Get-AzureService or Get-AzureDeployment cmdlets.
To get the Remote Desktop Status, I'm using this cmdlet Get-AzureServiceRemoteDesktopExtension but it is not returning anything.
Get-AzureServiceRemoteDesktopExtension -ServiceName mycloudservicename -Slot Production
Few observation from azure portal settings:
The "Remote Desktop"(RD) blade under cloud service is having a Role
for which currently RD is disabled for both the
slots(Production/Staging). Not sure if this
Get-AzureServiceRemoteDesktopExtension cmdlet work only when the RD
is enabled.
The "Roles and Instances" blade has a Role with 2 instances, both
of which doesn't have the Connect button enabled as the RD is not
enabled.
I'm seeing "Disabled" node under Extensions blade. I'm not sure if
the extension has to be enabled or install/get any extension. I
tried something like below but that also not returning anything.
Get-AzureServiceExtension -ServiceName mycloudservicename -Slot "Production"
-ExtensionName "RDP" -ProviderNamespace "Microsoft.Windows.Azure.Extensions"
Any thoughts what i'm missing here to get Get-AzureServiceRemoteDesktopExtension working? Or let me know if any other easy way to get the RD status. Thanks!
The command Get-AzureServiceRemoteDesktopExtension works only when the RD is enabled, I can reproduce your issue on my side, just enable the RD, it will work fine.
Is there a way to use Azure Automation to download a file from azure storage? I can currently connect to the VM using templates from the gallery to create files/folder but how would I download a file from storage?
I am currently trying to use Get-AzureStorageBlob command from Invoke-command -ScriptBlock
If you are trying to use the powershell cmdlets, you need to remember to login to Azure prior to executing them. See the documentation. You would need to login in on the remote computer (ie: inside the Script Block).
An alternative is to have azcopy accessible, and simply pass in the key information via Automation Credentials.
If you want to do this, based on my experience, you need do the following steps.
1.Install Azure PowerShell on your target VM.
2.Enable Winrm on your VM, you need open port 5986 on Windows Firewall and Azure NSG. You also need configuration certificate on your VM. You could check this blog that step by step to enable winrm on Azure VM.
Note: You should enable winrm listening on https, if you enable it on http, you could not winrm your VM on runbook script.
3.Login to your Azure subscription in runbook, you could refer to this link about this.
4.Use New-PSSession to login your VM in runbook and execute your PowerShell cmlet. You could check my answer about this.
When I try to do this:
I get this:
I really need to get into this VM.
I've had that happen too, and if you keep trying it usually works after a bit. It may help to try a different web browser, log out and log back in again, etc.
To install VM agent extension on your VM, please follow the below steps and let us know if that helps.
After you RDP to the VM and install the MSI (same as you would any other MSI package), use the April 2014 v0.8.0 or later Azure PowerShell release to update the VM property to indicate the agent is installed.
$vm = Get-AzureVM –ServiceName –Name
$vm.VM.ProvisionGuestAgent = $true
Update-AzureVM –Name –VM $vm.VM –ServiceName
Now if you run Get-AzureVM again, the GuestAgentStatus property should be populated instead of blank:
Get-AzureVM –ServiceName –Name
GuestAgentStatus:Microsoft.WindowsAzure.Commands.ServiceManagement.Model.PersistentVMModel.GuestAgentStatus
Note the steps to update the VM property are also on the Manage Extensions MSDN page.
Girish Prajwal
If you don't have the agent installed then you will need to mount the disk in another vm and manually make the changes. There are a number of offline password reset tools available (search for 'windows offline password reset') for a decent number of them. I've never used any (at least not since Win2k days) so I can't comment on how good they are.
Try Stop and Start from the azure portal for the VM which you wanted to update the password.
I have the latest version of the Azure Powershell installed (0.9.7). I have a new virtual machine that was created via the Preview Portal. It was created with the new Resource Group model.
I am trying to install a few extensions but I cannot figure out the correct Powershell commands. Most instructions say to use Get-AzureVM. This does not return my VMs. If I use Switch-AzureMode to AzureResourceManager, I can use Get-AzureVM to list my VM (v2 I assume).
It seems none of the Extension scripts are setup for Resource Manager mode. Most of the sample scripts say to use:
Get-AzureVM -ServiceName 'CLFeb19WS12R2A' -Name 'CLFeb19WS12R2A' | Set-AzureVMBGInfoExtension -Disable -ReferenceName 'BGInfo' | Update-AzureVM
I have tried all kinds of ways. The AzureVMBGInfoExtension cmdlet is not available in Resource Manager mode.
Any suggestions?
Create a VM
I created a new VM so that I could help you. I used portal.azure.com > New > Compute > Marketplace > Windows Server > Windows Server 2008 R2 SP1 and chose the Resource Manager deployment model.
Create an Active Directory User
Since we're using the Azure Resource Manager, I needed to create a new Active Directory user so that I could authenticate with Azure PowerShell. That is the only way that I could authenticate.
You can create one using the following steps.
Login to the Azure Portal, and select Active Directory.
If no directory exists, select Create your directory and provide the requested information.
Select your directory and add a new user. This new user is a work or school account.
During the creation of the user, you will be supplied with both an e-mail address for the user and a temporary password. Save this information as it is needed later.
From the Azure portal, select Settings and then select Administrators. Select Add, and add the new user as a co-administrator. This allows the work or school account to manage your Azure subscription.
Finally, log out of the Azure portal and then log back in using the new work or school account. If this is the first time logging in with this account, you will be prompted to change the password.
Make sure you see your subscriptions when you log in as the work or school account.
Oddly enough, Azure Resource Manager seems to work best (or only to work) with if we authenticate with one of those types of accounts.
Install the Most Recent Azure PowerShell Module
Since we need access to the Extension related commandlets, I installed the most recent version of Azure PowerShell. The link shows how to install it via the Web Platform Installer. Once done, you can find out whether you have the correct one by running this:
> (Get-Module azureresourcemanager).Version
Major Minor Build Revision
----- ----- ----- --------
0 9 7 -1
When we run the following, look at all the Extension related commandlets. Hooray!
> Switch-AzureMode -Name AzureResourceManager
> Get-Command *extension* -Module AzureResourceManager
Get-AzureVMAccessExtension
Get-AzureVMCustomScriptExtension
Get-AzureVMDiagnosticsExtension
Get-AzureVMDscExtension
Get-AzureVMExtension
Get-AzureVMExtensionImage
Get-AzureVMExtensionImageType
Remove-AzureVMAccessExtension
Remove-AzureVMCustomScriptExtension
Remove-AzureVMDiagnosticsExtension
Remove-AzureVMDscExtension
Remove-AzureVMExtension
Set-AzureVMAccessExtension
Set-AzureVMCustomScriptExtension
Set-AzureVMDiagnosticsExtension
Set-AzureVMDscExtension
Set-AzureVMExtension
We have access to these while being in Resource Manager mode. To learn how to use each of them, run Get-Help Set-AzureVMAccessExtension -example on each one that is of interest. Then play around with the example.
Authenticate Azure PowerShell & Set the Extensions for Your VM
When authenticating via Add-AzureAccount, use the Active Directory user that we created. Then you can query your virtual machines.
> Add-AzureAccount
> Get-AzureResource -ResourceType Microsoft.Compute/virtualMachines
Once you know the details of your VM, you can add an extensions. Here is one example that worked for me.
> Set-AzureVMAccessExtension -ResourceGroupName "mvp1" -Location "West US" -VMName "mvp1" -Name "mvp1test" -TypeHandlerVersion "2.0" -UserName "shaunluttin" -Password "Password
EndTime : 9/1/2015 9:35:57 PM -07:00
Error :
Output :
StartTime : 9/1/2015 9:35:20 PM -07:00
Status : Succeeded
TrackingOperationId : f03210e0-e67e-40d7-aad7-d9acef64bebe
RequestId : 95f42767-edcf-443a-8977-4c9f6d0eafef
StatusCode : OK
Best of luck with that. Let me know if you have any questions.
I have an existing VM Azure it seems the password of my XXX user has EXPIRED.
a) I know I have an Administrator user somewhere but how can I ask Azure for its password?
b) I think I read somewhere I could add more admins from the Azure Dashboard, but it was not clear if that was for the VM or for the Subscription. (I surely need for the VM).
I've been on Google for the past 4 hours looking at how can I fix this problem.
I really don't want to believe that MS does NOT offer a way to fix this issue.
At least the Remote Desktop should display a "Change Password" form....
Seriously, did I really lose control of this VM?
There is an option now in https://portal.azure.com/
You need to log in with your Azure credentials.
Browse -> Virtual Machines -> Select Your Virtual Machine
-> Select Setting on top -> Password Reset
It works... :)
Using the new Azure VM Agent you can do this (as long as the agent is installed, which it is by default on all new VMs you spin up).
You need the Azure PowerShell module for this, which can be downloaded from here:
http://t.co/2hQP6qsGeM
After its installed, fire up PowerShell, connect to your subscription (which is described here: PowerShell for Azure Documentation) and issue the following command after replacing the values:
Get-AzureVM -ServiceName MyService -Name MyVM | Set-AzureVMAccessExtension -UserName MyUserName -Password "MyComplexPassword123" | Update-AzureVM
This is the fastest solution:
Create a script called “ResetPassword.ps1” e.g. with Notepad
Add the following line and replace your credentials
net user <YourExistingAdminUserName> <YourNewPassword>
Go to the VM in the azure portal
Go into the extensions menu for that VM
In the top menu pick “Add”
Choose the Custom Script extension, create and pick your "ResetPassword.ps1" script file
The file will now be pushed to your VM and deployed. Once it is successfully executed, you can login with the new credentials.
Source: http://www.chrisjohnson.io/2018/02/15/domain-controller-in-azure-vm-with-expired-password/#comment-6825733