How to connect to DB2 database with SSL enabled in Azure Data Factory? - db2

I have an on-prem machine for DB2 connectivity to ADF where SHIR is installed, and I have been provided with the certificate zip file.
How to use SSL certificate for linked service of DB2 in data factory and how to get that certificate common name for linked service.
enter image description here
https://learn.microsoft.com/en-us/azure/data-factory/connector-db2?tabs=data-factory#create-a-linked-service-to-db2-using-ui - following this but nothing in detail has been shared on how to setup SSL for source machine.

The procedures below must be followed in order to utilise an SSL certificate for a DB2 connected service in Azure Data Factory:
You should extract the.pem file from the given certificate file by unzipping it.
Go to the "Author & Monitor" area of the Azure Data Factory, and then click the "Author" button.
Click the "Author & Monitor" button on the left-hand menu.
Click the "Linked services" button in the "Author" section before selecting "New."
As the type of connected service you wish to build, select "DB21."
Fill out the appropriate data on the "New Linked Service" form, including the server name, port number, and username/password.
Select the "Certificate" button after selecting the "Enable SSL" checkbox in the "Advanced" section.
Click the "Add" button in the "Certificate" dialogue box and then navigate to the location of the.pem file that you retrieved in step 1 before clicking.
The Common Name (CN) of the certificate will be automatically filled in once you've chosen the file.
To build the associated service, click "Finish" after clicking "OK" to exit the dialogue box.
The SSL certificate should now work with your Azure Data Factory linked service to connect to your DB2 source machine.

Related

Unwanted Azure webapp redirection

I have mapped a domain evangelical.sg to use azure webapp custom domain. However it looks like the domain only redirect to https://efosingapore-wp.azurewebsites.net/
I've checked with domain support, they claim the problem is with azure settings somewhere.
I've set the "custom domain" settings on azure webapp correctly to evangelical.sg (although it still hasnt got SSL) yet the URL seems to still redirect.
Does anyone have an idea what went wrong, and how to fix this pls?
If your URL is redirecting to Tutorial ,
Try to redeploy the app by Deleting all the files, stopping the server, starting it again and then republish.
If you are facing any issues with TLS / SSL mapping , try to Map Custom Domain by following the below steps.
Map Custom Domain:
Go to Azure Portal
Select App Services- ->Select Your Azure App
Click on "+ Add Custom Domain"
Enter the domain and click on validate.
Add CNAME and TXT records in your DNS domain to verify domain ownership.
Click on "Add Custom Domain"
After adding the custom domain, the custom domain is still unsecure. You need to add the SSL certificate.
To add SSL certificate, please follow below procedure :
Go to TLS / SSL settings and click on "+ Add TLS / SSL Binding"
Select your custom domain and import the .pfx or public certificate for you domain and click Add.
Go to Custom Domains section and click on "Add binding".
Select the certificate of your domain and TLS/SSL type as SNI.
Click on "Add binding"

GitHub OAuth is not configured. Configure OAuth in the che.properties file

I am getting error to configure the OAuth in the che.property. but I am not able to find the location of the file and the syntax to add the configurations. I am using Ubuntu 18.04
For single-user Che, see https://www.eclipse.org/che/docs/che-7/version-control/#configuring-github-oauth_version-control.
For multi-user Che:
Go to the keycloak page (http://keycloak-che.192.168.99.170.nip.io/)
login as admin
click Identity Providers.
In the Add provider drop-down list, click GitHub. The Add identity provider window is displayed.
In the Add identity provider window:
The Redirect URI field, depending on your Eclipse Che installation,
type the Authorization callback URL.
Copy the client ID and the client secret from GitHub and paste them
in the Client ID and the Client Secret fields, respectively.
In the Homepage URL and the Authorization callback URL field,
depending on your Eclipse Che installation, type the two URLS.
In the Default Scopes field, type repo, user, write:publick_key.
Set Store Tokens and Stored Tokens Readable to ON.
Click Save.
The Success! The github provider has been created. message indicates success. And, the GitHub provider is added to the Identity Providers window.
Perform the following steps to set role mapping for non-administrative users.
Expand the Manage tab and then click Users.
Click the Role Mappings tab.
Click the Client Roles drop-down menu and click broker.
In the Available Roles list, click read-token.
Click Add selected.
In the Effective Roles list, click read-token.
The GitHub OAuth is now set for the user.

Azure App Service deploy Failed to get resource ID for resource type 'Microsoft.Web/Sites'

In the last 6 months I have been releasing with a pipeline in Azure DevOps, but today I receive the following error:
2019-09-25T14:24:38.4296875Z ##[section]Starting: Azure App Service Deploy: AS-ServiciosNegocio-API-UAT
2019-09-25T14:24:38.4419797Z ==============================================================================
2019-09-25T14:24:38.4419900Z Task : Azure App Service deploy
2019-09-25T14:24:38.4419986Z Description : Deploy to Azure App Service a web, mobile, or API app using Docker, Java, .NET, .NET Core, Node.js, PHP, Python, or Ruby
2019-09-25T14:24:38.4420053Z Version : 3.4.31
2019-09-25T14:24:38.4420117Z Author : Microsoft Corporation
2019-09-25T14:24:38.4420182Z Help : https://learn.microsoft.com/azure/devops/pipelines/tasks/deploy/azure-rm-web-app-deployment
2019-09-25T14:24:38.4420291Z ==============================================================================
2019-09-25T14:24:39.1630446Z Got connection details for Azure App Service:'AS-ServiciosNegocio-API-UAT'
2019-09-25T14:24:39.3091141Z ##[error]Error: Failed to get resource ID for resource type 'Microsoft.Web/Sites' and resource name 'AS-ServiciosNegocio-API-UAT'. Error: Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.
2019-09-25T14:24:39.3140156Z ##[section]Finishing: Azure App Service Deploy: AS-ServiciosNegocio-API-UAT
If your existing service connection is the "Azure Resource Manager using service principal (automatic)" type (not manual), there's a simple but non-obvious way to renew the token.
Go to the service connection's settings page in Azure Devops as described in the other answers. (<YourDevAzureProject> Bottom Left → ⚙️ Project Settings → Pipelines subhead → Service Connections)
Click Edit and then Save without making any other changes. Assuming you have the right permissions, it will automatically get a new token.
NB: for some browsers you must enable pop-ups on dev.azure.com as it attempts to login to your azure account to get a list of resource groups.
(Figured this out from this forum comment.)
From reading others' comments/posts on this thread, the Azure UI might have changed so I'm posting the steps here for the later comers. I did what ecraig12345 suggested and it worked great!
Go to the deployment pipeline where the error occurs and click on Edit
Go to "Run on agent" task > Deploy Azure App Service
Click on the Manage hyperlink next to Azure Subscription label (see screenshot below)
Click on Edit
Click Save
Steps 1 - 3
Step 4
Step 5
If you look at the error message: "Verify if the Service Principal used is valid and not expired"
While I would have preferred more information, purely based on the above the likely scenario is the Key Used for the Service Connection has expired.
Visit you Azure DevOps org. and open the related Project and click on "Project
Settings" at the bottom left of the screen.
Click edit on the service connection in Azure DevOps and Click on the
link >> "To update using an existing service principal, use the full
version of the service connection dialog."
Copy the "Service principal client ID"
Now in the Azure Portal, Clic on Azure Active Directory and then Click on "App Registrations" to search for your application with the "client ID"
Go to "Certificate and Secrets" and check if your client certificate has expired.
If the cert is expired generate a new one and copy the key.
Go back to Azure DevOps "Service Connections", Click edit on the service connection in Azure DevOps and Click on the link >> "To update using an existing service principal, use the full version of the service connection dialog."
Update Service Principal Key with the copied value, Verify connection and click ok.
This should solve your issue
Although the route to the problem wasn't exactly the same (because devops changed so much again, probably), the answer from Venura was the root cause of my issue, and I was able to solve it thanks to this info.
steps I had to take:
In devops: go to releases
click correct project
edit
click on the stage that was failing
open the run agent task to deploy (should be an azure app service deploy)
click manage azure subscription
click manage service principal
in azure portal click on the expired registration
click on the red error that is has expired
click + new client secret
copy that new key
go back to devops
click edit on the screen of service connections (where we left at step 7) - (the subscript of the title here is Azure Resource Manager using service principal (manual))
paste that copied key in the field 'Service principal key'
click 'Verify and save'
That solved the issue, to confirm it was solved I just triggered a new release, which finally got through.
I followed JamesD's answer but when I got to step 13, there was nowhere for me to put the Service Principle Key that was generated. So I went back to square one and approached it a different way. Instead of trying to reuse the existing service connection that had exired, I created a new service connection and then changed my release pipelines to use that new service connection and things worked fine.
Here were my steps:
click on Project Settings in the lower left corner
On the left nav under the "Pipelines" section, click on "Service connections"
in the upper right corner, click on the button "New service connection"
select "Azure Resource Manager" and then "Next"
select "Service principle (automatic)" (this is the recommended option)
select the subscription from the drop down.
select the resource group from the drop down
give it a good name and hit save
then authenticate with your azure portal creds
Now you have a service connection created, lets go change the pipeline to use it
Go to your pipeline for the release and edit it
click on the Stage you want to edit (aim for the # tasks link)
click on Deploy Azure App Service
under the azure subscription drop down, select your new subscription entry you created above
then you will select the App Service name in that drop down
hit save and you are good to go
Now repeat for any other stages of the pipeline or any other failing release pipelines

No cloudant DB credentials for bluemix dedicated

I have created a cloudant DB in bluemix dedicated. But it didn't give me credentials. It provides me with a link to launch the admin portal, which works fine. But clearly not very useful without credentials to use with code...
You should bind the service to an application. Doing that you will be able to see the credentials in the VCAP_SERVICES environment variable. You can find its value within the application dashboard, clicking on "Environment Variables" on the left.
You will also find the credentials clicking on the "Service Credentials" button that you can find on the service instance panel (again in the application dashboard).
Your dedicated environment may look a bit different that the public Bluemix dashboard, but when I click on the tile that shows my cloudant service, it takes me to a page with a menu on the left with the option "Service Credentials" once I choose that the window shows a button to "Add Credentials".

You cannot delete vault '' because it contains registered servers

I am getting the following error
You cannot delete vault BuildServerBackup because it contains registered servers. Delete the servers and the restore points for the server data, and then delete the vault."
But when i click the Register tab this is what it says
You haven't registered any servers yet. To get started, download the appropriate agent and use it to register your server with the recovery service."
So how do i find out and delete all the associated server ?
You need to remove the registered Windows server before you can delete the backup vault. Here are the instructions to delete registered server(s)
Goto Azure Portal and select your backup vault
Select "Registered Items" from top menu Select the server type.
In the Drop down item next to the word TYPE Select Windows Server for Windows client machines and click the tick button on the right
Select the server and click Delete button in the bottom action bar.
Hope that helps :)