Our organization has changed name and with it our emails (xxx#abc --> xxx#def), and apparently we can no longer connecter Azure Data Factory to Git.
We get the following error:
You have GIT enabled in your data factory. Publishing in 'Data Factory' mode is disabled. Please switch back to GIT mode to make further changes.
Read about our Best Practices.
Also the switch from ADF to Devops Git is greyed (see screenshot below)
How do we fix this ?
PS: I have access to Azure Devops and to all the repositories in it, that is why I do not get it why we have this problem
Thanks in advance
A possible scenario can be, you had the previous Azure DevOps tenant with xxx#abc credential and now when you moved to xxx#def, you have an Azure AD account to connect to ADF. Or the other way around. In the backend this is causing mismatch when ADF and Azure DevOps tenant are passing credentials for connecting. Try to clear browser data or cache and explicitly login into DevOps account using same creds from ADF before testing.
See similar in MS DOC: Connect to Git repository failed due to different tenant
Related
This relates to the documentation that is available at the link below.
https://learn.microsoft.com/en-us/azure/devops/migrate/migration-overview?view=azure-devops
What would be the minimum role for a user to complete the migration successfully and without any permissions issues? That is my question.
For example, the user must have the what kind of necessary roles and permissions on both the Azure Devops server and the Azure Devops Services.
According to the Data Migration Utility Guide, the user who uses this tool must possess the following:
SQL Server's TFSEXECROLE role, and
Access rights to the TFS collection and configuration databases.
My understanding for example :-
Azure DevOps Server:
If we add the user to the Team Foundation Administrators group on the Azure DevOps Server, does the role fulfill.
Azure Devops Services: If we assign the same user who performs migration as an Azure DevOps Administrator mention in the below image on the Azure devops services, does the below role fulfill.
"Azure Devops Administrator"
Also, it would be useful if you could specify the maximum size limit of the. Dacpac backup file that the Data Migration Tool supports (i.e. the maximum size of the project collection backup) in order for the migration to go properly.
What permissions does the same user that runs the data migration tool need in SQL server to perform the command SqlPackage.exe?
I would thank you in advance for the help. It would help us to understand the better usage of the Data Migration Tool.
Many Thanks..!
Best Regards
I am using ADF and authentication method is Managedidentity -- then code is pushed to adf_publish
branch in Git hub and from there we are building the CI/CD in azure devops.
Problem - I used Managed identity for all the resources used in ADF like (keyvault,storage,azuresql)
for Keyvault I am geeting this http url (https://BDAdhfsKV01.vault.azure.net/) this url we are
paramterised in Azure devops release pipline (https://"$(vaultname)".vault.azure.net/) like this,
but for Azure sql while using Managed identity I am getting blank in connection string after
publishing to adf_publish branch to Git. How can be prameterised or promote to dev.
Just for refrence attaching the devops screen shot how I have paramterisded the keyvault URL at CD.
Same case blank connection string using Managed identity is with Azure synapse as well , Is there any
help on this or any issue with Managed identity.
You just need to set the connection string as below:
"connectionString": "Server=tcp:<servername>.database.windows.net,1433;Database=<databasename>;Connection Timeout=30"
You can also refer to this tutorial.
After a couple companies merge, we had to build up an AZ DevOps solution from scratch for the new business entity. Unfortunately, at that time we added some users from various companies under their original email addresses (reason: reuse of their VS subscriptions).
Now we need to migrate these users in Azure DevOps from their old bill.smith#oldcompany.com to their new bill.smith#newcompany.com without losing their work and settings. Afterwards the users should be able to log in with their new emails and see everything as if they would log in with their old addresses.
Any ideas how to solve this problem?
You need to open a support case and they can help you out. You get a excel file to map users between the domains and they can map them over in one go.
jessehouwing is right, if you want to migrate data to new Azure DevOps users, you need submit a support ticket here.
But there are something you need pay attention and get ready first:
Do not add them (bill.smith#newcompany.com) to Azure DevOps Service or let them logon to Azure DevOps Service. At this point
Azure DevOps Service support needs to migrate/transfer the users.
Provide a mapping list of users (old user > new user) to Azure DevOps
Service Support.
Azure DevOps Service will transfer identities to the new users. This should add the new account to Azure DevOps Service, assign work items to the new account, assign the Azure DevOps Service license to the new account , and remove the old account from Azure DevOps Service.
I'm having issue with Az DevOps with Bitbucket connection using yaml configuration.
It always returns: "Unable to configure a service on the selected Bitbucket repository. Bitbucket returned the error 'Forbidden'."
Don't know what permissions are actually required. I can't use the owner account, we will need to config an account with just sufficient permissions to perform actions.
Typical MS error message...
Anyone has a solution for it?
I was playing around to learn the feature and concept on Azure DevOps services.
And I created one Azure DevOps Organization using my MSA account and connected it to my Azure Active Directory (as I have a pay-as-you-go subscription using my MSA account).
I then disconnected it from Azure Active Directory so it (forced) logged me out of the Azure DevOps portal. I was thinking that I will disconnect and connect it back to AAD. But apparently that's not how it works... and I found out in a very rude way.
After that I was unable to login to the Azure DevOps service portal using my MSA ID. And here is the error page:
I was able to somehow get over the issue by creating a new org using the organization list link provided on the error page.
But now my question is, I do see my old DevOps Organization on Azure
DevOps Service portal which I am unable to access. Its sort of orphaned Org and just hanging there. Now how do I get rid of
it or delete it?
what is happening is that azure devops is not able to sync up with your AAD. The reason it is showing "not authorized error" is because it can't identify whether the same tenant is trying to connect(when you're logging in) to the project and the project is in the AAD parallely, so that is creating the miscommunication between your tenant, AAD and devops organisation.
Sign out, and then open your browser in a private session and sign in to your organization with your Azure AD, MSA or work credentials.