I am trying to install a deployment agent on the destination machine.
I am running the script given by Azure DevOps in the deployment group.
The agent installs successfully but then I get the error saying:
The bearer <secret removed> is not valid until {date here} 8:06:23 PM. Current server time is {same date here} 7:59:53 PM.
The server time is actually ahead (not behind) 6 minutes than my local machine. Anyway why would it matter?
And most importantly what I can do about this error? How to fix it?
Because at the end it prevents the agent from running.
Thanks
According to the error message, seems the system clock is not accurate on the agent server.
So, please update the system clock to the correct time and then try it again to check if that works.
Related
We are using on site Dev-Ops and have a similar problem to that described in the link Example from SO.
But ours is intermittent.
Our environment uses two build and deploy machines, which each deploy machine having two worker agents.
For one of our projects, when it is deployed, we constantly get the error:
The VisualStudioRemoteDeployerc4d3852f-411b-48ba-97d8-5e09c8d07ce4 service failed to start due to the following error:
%%2
But here is the rub, not every time. Sometimes the deployment completes without error.
Other projects that use the same deployment machine and the same target server work each and every time without fail.
The deployment log reports "The WSMan provider host process did not return a proper response." as an error.
Checking the allocated memory, described in PowerShell Out of Memory, to find our set at 2.1 Billion.
This is an interesting issue that I have uncovered. The source of this problem stems from the interaction of McAfee Endpoint security.
Said antivirus was reporting that when the remote powershell script, using WSMan, was called. McAfee, saw this as a viral payload and canceled the deployment by stopping the service from running and deleting the payload. This has been reported to McAfee as an issue. In the mean time, internal network security settings for McAfee has had to be modified to ignore the processes used by powershell in remote deployment.
i am using Operations Manager 2016 for monitoring a host with Solaris 11.4 OS.
after several hours (24 h), host state is changed to gray and i get this text "The Run As account does not exist on the UNIX/Linux Server. " but Run As account is valid.
This problem is fixed each time by reset SCOM agent on host. I get this error over and over again.
also service log in /var/svc/log/application-management-omid:default.log is normal.
thanks.
I finally found the solution to this problem.
In my case, this problem is due to the lack of a lsass.so library in the system.
The problem was resolved after updating this library and modifying the PAM Configuration file.
thanks.
I am working on a TFS CI build pipeline. The build includes execution of functional UI tests (Run Functional Tests) and the required accompanying preparatory test agent deployment step (Deploy Test Agent).
This build executed successfully in the past but spontaneously stopped working recently.
I initially ran into difficulty with the DTA task executing hanging:
Task 'SetupTestMachineForUiTests' on machine '[testVM]:5985' is taking time. Please Wait
I had encountered this issue with this build task before albeit intermittently. However, this time the step would not complete no matter how many times it executed. Eventually (~20 minutes), the step crashed out with the following error:
Task 'SetupTestMachineForUiTests' for machine [testVM]:5985's Error :
System.Exception: Stopping test machine setup as it exceeded maximum number of reboots. If you are running test agent in interactive mode, please make sure that autologon is enabled and no legal notice is displayed on logon in test machines.
Unfortunately, the DTA task only writes logs to the usual location on the test VM when the DTAExecutionHost.exe is manually closed on the server after the step has failed. The logs offer no clue as to what the problem might be.
One of the prerequisites for the DTA step to execute successfully is that AutoLogon is enabled on the test VM; I had done this with a simple PowerShell script, executed prior to the DTA task. In order to confirm that the test VM registry values had been correctly assigned (to enable auto logon, disable legal notice, screensaver etc) during my PowerShell script execution, I added a further PowerShell debug script to the build to output each relevant registry value to the build console (all are correctly assigned).
However, when I went to test remote login on the test VM, using the test username, the user creds are accepted but the following warning message shows:
To sign in remotely, you need the right to sign in through Remote Desktop Services. By default members of the Administrators group have this right. If the group you're in does not have the right, or if the right has been removed from the Administrators group, you need to be granted the right manually.
I believe this is the problem. However, the solution has so far eluded me.
I double- and triple- checked; the test user has been added to the
Remote Desktop Users group (also Administrators group).
I've also confirmed that both Administrators and Remote Desktop Users groups
have been granted 'Allow log on through Remote Desktop Services' user
rights.
In testing, I forced successful execution of the build by substituting my own username instead of the test user into the build definition (my user name is also added to RDU and Admin user groups on the server but I can successfully remote onto the box with my own creds); this build executed successfully.
I also inspected the other (possibly, probably) related user groups:
Srv_SeDenyInteractiveLogonRight (test user is absent)
Srv_SeDenyRemoteInteractiveLogonRight (test user is absent)
Srv_SeInteractiveLogonRight (test user present)
I've been fighting with this problem for days now; it's now become a major headache. I'd be very grateful for any insights that might help find a resolution.
Thanks for looking.
The problem was that the account had been added to the AD domain 'DenyInteractiveLogon' group. Adding the account to the local 'Remote Desktop User' and/or the 'Srv_SeInteractiveLogonRight' groups had no effect.
Removing the user account from the domain group resolved the problem.
I configured the build agent as a service but when I go to start the agent I get the error:
Error 1 Incorrect Function - Service could not start
Azure DevOps Agent configured as a service but service does not start
I changed my user to Local System (NT AUTHORITY\SYSTEM) in services.msc and it worked as intended.
Copied from the comments:
ok ill answer my own question, when the config.cmd command is run, it
allocates the network service as the account to run the service.
However it does NOT automatically give permissions to where the agent
folders are installed. So it fails to run. Stupid as this should be
flagged when running the config.cmd command! The error message is
nonsense and misleading. So if the agent is in c:\users\abc\agent you
need to give the network service permissions to access that folder!
Running from C:\Agent worked perfect for me after struggling for a few days.
This happens when the service Azure Pipelines Agent in the machine is set with Log On As NETWORK SERVICE.
To resolve this, we need to
Right Click on the Azure Pipelines Agent
Properties
Click on LogOn tab
select Local System Account
The final output should be as per the attached image.
I have been trying to figure out why Wake On Lan works for Right Click Tools, but not for SCCM Scheduled Deployments.
In the wolmgr.log file I found this happening every five seconds: "Failed to get WOL inbox on AMT Proxy component. Wait 5 seconds... SMS_WAKEONLAN_MANAGER 9/19/2018 11:32:24 AM 480 (0x01E0)".
In the wolcmgr.log file I don't see any errors except this happening about four times a day, which I think is referring to the endless errors shown in the other log file: "CBaseCounter::Initialize - Registered performance counter "Total Number of Packets failed" SMS_WAKEONLAN_COMMUNICATION_MANAGER 9/19/2018 2:01:59 AM 9496 (0x2518)"
I have tried to look up these error messages and haven't found anything to help me get this resolved.
I have tried various ports, including the default (9) and 12287, currently it is on 7. We are being told to use subnet directed broadcasts by our network team due to some limitations with our Cisco network configuration.
I do have a SQL Server Agent (ADK) service that was disabled. I enabled it and it starts but turns off immediately. I don't know if that is related at all. I did have some deployment issues with Windows 7 drivers giving errors during the task sequence, even though they were installing. So I installed a Windows 8.1 ADK after seeing an article about bugs with the latest Win10 ADK and SCCM Task Sequences installing Win7 drivers. I've since then installed Win10 1703 ADK, which works on one of my other SCCM servers on Win7 deployments fine, and I was having this WOL problem before installing 1703 ADK.
Under Administration > System Status > Site Status > Management Point, when I show messages I see these:
*Description Severity
Type Site code
Date / Time System
Component Message ID
Thread ID Process ID
The Wake On LAN component has failed to read the site control file settings. Possible cause: The information is not yet available. Solution: The component is waiting for the information to become available and will retry obtaining the information at its next interval. Error
Milestone CML
9/20/2018 12:47:56 PM SMS_WAKEONLAN_MANAGER
6500 3384
3988
Description Severity
Type Site code
Date / Time System
Component Message ID
Thread ID Process ID
The Wake On LAN component has failed to read the site control file settings. Possible cause: The information is not yet available. Solution: The component is waiting for the information to become available and will retry obtaining the information at its next interval. Error
Milestone CML
9/20/2018 9:39:03 AM SMS_WAKEONLAN_MANAGER
6500 2924
2636*
ADK SQL Server Agent
SCCM WOL configuration
WOL ports
wolmgr.log file screen shot
RightClickTools WOL Configuration