I am trying to install and run Service Fabric Local Cluster Manager. When I try to "Setup Local Cluster", I get the following error:
TerminatingError(): "Exception calling "SetAccessRule" with "1" argument(s): "This access control list is not in canonical form and therefore cannot be modified.""
This access control list is not in canonical form and therefore cannot be modified.
Detailed error log:
Windows PowerShell transcript start
Start time: 20230130230050
Username:
RunAs User:
Configuration Name:
Machine:
Host Application: PowerShell.exe -WindowStyle Hidden -NonInteractive -ExecutionPolicy RemoteSigned -Command & 'C:\Program Files\Microsoft SDKs\Service Fabric\ClusterSetup\DevClusterSetup.ps1' -Auto -PathToClusterLogRoot C:\SFDevCluster\Log -SetupLogFileName DevClusterSetup.log -CreateOneNodeCluster
Process ID: 7912
PSVersion: 5.1.22621.963
PSEdition: Desktop
PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.22621.963
BuildVersion: 10.0.22621.963
CLRVersion: 4.0.30319.42000
WSManStackVersion: 3.0
PSRemotingProtocolVersion: 2.3
SerializationVersion: 1.1.0.1
Transcript started, output file is C:\SFDevCluster\Log\DevClusterSetup.log
PS>TerminatingError(): "Exception calling "SetAccessRule" with "1" argument(s): "This access control list is not in canonical form and therefore cannot be modified.""
TerminatingError(): "Exception calling "SetAccessRule" with "1" argument(s): "This access control list is not in canonical form and therefore cannot be modified.""
TerminatingError(): "Exception calling "SetAccessRule" with "1" argument(s): "This access control list is not in canonical form and therefore cannot be modified.""
This access control list is not in canonical form and therefore cannot be modified.
Windows PowerShell transcript end
End time: 20230130230052
Service Fabric version: 9.1.1436.9590
Service Fabric SDK version: 6.1.1436.9590
Can someone help me in resolving this? I have tried uninstalling (with deleting the registry) and installing it. The issue still persists.
P.S. I have executed the steps mentioned in service fabric local cluster setup error. But didn't help.
Service Fabric local cluster should be running with nodes.
Related
I have a functions app written in Powershell that worked up until a month or so ago.
The function uses a module (https://www.powershellgallery.com/packages/NTware.Ufo.PowerShell.ObjectManagement/2022.2.0.1) that is only compatible with "Widows Powershell".
The module is loaded as follows:
Import-Module $PSScriptRoot\Modules\NTware.Ufo.PowerShell.ObjectManagement.dll -UseWindowsPowerShell
The module allows connection to an external Azure environment that hosts an application.
The error returned is:
2022-09-02T13:38:31Z [Warning] WARNING: Module NTware.Ufo.PowerShell.ObjectManagement is loaded in Windows PowerShell using WinPSCompatSession remoting session; please note that all input and output of commands from this module will be deserialized objects. If you want to load this module into PowerShell Core please use 'Import-Module -SkipEditionCheck' syntax.
2022-09-02T13:38:34Z [Error] ERROR: Failed to authenticate.
OriginInfo : localhost
Exception :
Type : System.Management.Automation.RemoteException
SerializedRemoteException : System.ArgumentException: Failed to authenticate. ---> Microsoft.Identity.Client.MsalServiceException: AADSTS1002016: You are using TLS version 1.0, 1.1 and/or 3DES cipher which are deprecated to improve the security posture of Azure AD
I have tried the following without success:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Import-Module $PSScriptRoot\Modules\NTware.Ufo.PowerShell.ObjectManagement.dll -UseWindowsPowerShell
I suspect the issue is that the remote Azure environment has started enforcing TLS 1.2. I have set my Azure Function App to also use TLS 1.2.
Any ideas on where the issue might be?
Modules imported with the -UseWindowsPowerShell are in fact loaded to a separate Windows PowerShell session in a separate process (see about Windows PowerShell Compatibility). Changing the [Net.ServicePointManager]::SecurityProtocol variable in the local process does not affect other processes. You need to update this variable in the remote process, here is how:
$session = Get-PSSession -Name WinPSCompatSession
Invoke-Command -Session $session -Command {
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
}
Am new to powershell and using this procedure to set application policy with microsoft team
The above is necessary when creating online meetings as per this procedure
but whenever i run
Grant-CsApplicationAccessPolicy -PolicyName Test-policy -Identity "appid"
Am getting an error
Exception calling "GetSteppablePipeline" with "1" argument(s):
"Exception calling "GetRemoteNewCsOnlineSession" with
"1" argument(s): "Run either Connect-MicrosoftTeams or new-csonlinesession before running cmdlets."
I have already Connected using admin credentials by using
Import-Module MicrosoftTeams
Connect-MicrosoftTeams
I have powershell 5.1 on my device.
What am i missing or how do i resolve the error above.
Please check which module your using GA or public preview module,if you have installed both,please do uninstall GA and try to set the policy
Update teams module , close and reopen the powershell and try to assign the policy
Reference link
Please do let me know if above steps works for you
I have a PowerShell script that connects to a list of servers, and queries that scheduled tasks. (Something similar to https://community.spiceworks.com/scripts/show_download/2094-get-scheduled-tasks-from-a-computer-remote-or-local) It used to work fine on a Windows 2008R2 server. However, on a new Windows Server 2012 R2 server, it is giving the below error. Strange thing it only happens when connecting to the local machine, no errors to remote servers. And it doesn't raise any errors when running under my account using administrative privileges.
https://www.powershellmagazine.com/2015/04/10/pstip-retrieve-scheduled-tasks-using-schedule-service-comobject/
This article says
Unfortunately, unlike the Get-ScheduledTask cmdlet using this COMObject requires an elevated PowerShell console with administrative credentials.
But the script used to work just fine on Windows Server 2008 R2 servers.
Is there anything that can be tweaked to make the script work on 2012 R2 servers?
Exception calling "Connect" with "1" argument(s): "Access is denied. (Exception
from HRESULT: 0x80070005 (E_ACCESSDENIED))"
At C:\scripts\CheckSchedulers\CheckSchedulers.ps1:20 char:10
+ ($TaskScheduler = New-Object -ComObject Schedule.Service).Connect($curSe ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ComMethodTargetInvocation
The error is raised by my code, using the code from spiceworks, it is reproducible.
You're creating a Schedule.Service object, assign it to a variable, and then try to call a Connect() method on the result of that assignment. I would not expect this to work on any Windows or PowerShell version, and if it did on Server 2008 R2 that's most likely just incidental.
You need the Schedule.Service object in a variable (because you're going to need it for other operations as well), and you must call Connect() on that object, so you need to do this in two steps:
$TaskScheduler = New-Object -ComObject 'Schedule.Service'
$TaskScheduler.Connect($servername) # connect to remote Task Scheduler
If you're connecting to different servers in a loop you can re-use the object and just Connect() to the next server.
For connecting to the local Task Scheduler service just remove $servername and call the method without argument:
$TaskScheduler.Connect() # connect to local Task Scheduler
Environment
Windows 7
WMF / PowerShell 5.0 installed
AWS PowerShell version 3.3.36.0
Scenario
I'm trying to use the Amazon Web Services (AWS) PowerShell module to send a message to a queue. However, when I invoke the Send-SQSMessage command, I'm getting an exception thrown:
Send-SQSMessage : The specified queue does not exist for this wsdl version.
I've already set up my AWS credentials in the ~/.aws/credentials file, using the Set-AWSCredentials command. Here's the command I'm calling:
$text = (Get-ChildItem)[1] | ConvertTo-Json -Depth 1
Send-SQSMessage -QueueUrl https://sqs.us-east-1.amazonaws.com/redacted/myqueuename -MessageBody $text -ProfileName TrevorAWS
This error message can pop up when the configured region doesn't match up to the AWS resource that you're working with. To configure the region correctly, you have a couple of choices:
Use the Set-DefaultAWSRegion command to configure the default region. This prevents the need to specify the -Region parameter on
You can specify the -Region parameter on any AWS cmdlet, and force it to use that region for that single command invocation.
Use the Initialize-AWSDefaults command to set up your PowerShell environment.
After configuring the correct region, that correlates to your AWS SQS queue, the Send-SQSMessage command should execute without throwing any exceptions.
I have some issues with repadmin.exe utility
I have the following setup:
Windows Server 2012R2 with ADDS installed running inside of VMWare VM
Windows 8.1 Pro (host for VMware, my home desktop). My host is NOT a part of the domain
I do the following:
Open PowerShell ISE on my Windows 8.1 and establish remote connection to my DC (PowerShell ISE -> File -> New Remote PowerShell Tab)
Once I`m connected remotely to DC I run the following command
repadmin.exe /syncall
and get the following error:
CALLBACK MESSAGE: Error contacting server ad864315-1f78-4266-a7c2-2d6f9cde2f15._msdcs.arvo.local (network error): 5 (0x5):
Access is denied.
CALLBACK MESSAGE: Error contacting server a5904e4b-dff2-4b75-b856-45593a48d84e._msdcs.arvo.local (network error): 5 (0x5):
Access is denied.
SyncAll exited with fatal Win32 error: 8440 (0x20f8):
The naming context specified for this replication operation is invalid.
I found here http://technet.microsoft.com/de-de/library/cc811552%28v=ws.10%29.aspx that is is possible to specify username and password for repadmin using /u: and /pw: keys. Besides it is possible to pass the password using 2 methods - either specify it explicitly in command line or put * (asterisks) and I will be prompted to enter the password. The second option is more preferable.
So I can do ether this way (specify the password in command line):
repadmin.exe /u:domain_name\user_name /pw:p#ssw0rd /syncall
or use asterisks and enter password after this command:
repadmin.exe /u:domain_name\user_name /pw:* /syncall
Asterisks works locally in PowerShell on the server, but if I run it using Remote PowerShell Session, I get the following error:
repadmin : Password: Failed to query the console mode.
+ CategoryInfo : NotSpecified: (Password: Faile...e console mode.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
Is there any workaround? I would not specify the password clearly in command line as it is not secure.
Thanks!
You might try something like this inside the remote PowerShell session:
$MyCreds = Get-Credential
Start-Process -FilePath repadmin.exe -ArgumentList "/syncall" -Credential $MyCreds
That way, you could leverage the security of PowerShell's credential management and just run the process under an account that has access to perform the replication.