I have troubles creating a new agent pool in AzureDevOps.
What I wanted to do was to remove an old Self-Hosted host and deploy a new one. However, the Agent-Pool used by the old host and to be used by the new one was created by a co-worker. This let to the case that I was unable to remove the existing registered agents causing conflicts during deployment of the new host. To resolve this issue I was able to remove the agent pool.
Now, when I want to create a new pool with the same name, I get the error message
"No agent pool found with identifier 76".
Did anybody ever see this error message and or has an idea what I can do about it?
Expected:
A new agent pool with the same name as the old pool is created.
Actual:
I receive the error message "No agent pool found with identifier 76".
Agent creation Image
Error Message Image
So apparently if you delete the Agent-Pool via the Project-settings menu, they are still available under the Organization-Settings menu.
If this pool belonged to somebody else, you seem to loose even a reader role on this group there. In other words, it appears as the group is deleted even though it really isn't.
It's very unfortunate the error message does not actually tell you these exactly.
The solution for us was that the Organization-Admins made us as Administrators of the group again. Following I was able to clean it up under Organization-Settings and use it again.
As discuss some details with A.S. and test on my side, I have figure it now.
The root cause of this error is that your account is not a Administrator role. You can check this message from this doc.
If you are one of PCA, even though you are Reader of this agent pool or not any role, you can still add agent pool. And the other solution I found is that you need be added as the Administrator of this agent pool instead of be as one of PCA. You must meet one of the above two solutions, can add it without any error.
In addition, for error message displayed in pages and in F12 console.
As you can see from the pic I mentioned, this caused the error message which showed in pages. I know, the error message of console is easy to misunderstanding. It let you confusing why it response 404 not found.
This still relevant with Administrator role.
https://dev.azure.com/{org name}/3307xxxxxxx5676e/_apis/distributedtask/queues?authorizePipelines=true
This api which showed in console is used to search agent pool under Org setting.
While you are not administrator of org/agent pool, it could not find out the agent pool you want to operate, because you don't have permission to search it under Org setting. And then, it says "sorry, 404 not found", even though it exist under org setting. This is not a bug, just for logic.
So, agree with you, the error message it not too clear to understand the root cause.
In addition, if you just delete the agent pool under project setting, it still exist under org setting. Just need administrator role, you can add it back again without any error.
Related
When i try to create Case in Workflow Center the error pops-out:
To create a case solution, you must have permissions to a project area. Contact your administrator for these permissions.
I'm logged as admin user, on internet i can't find something specific about this topic, just one ibm document where they said to upload new network shared directory, but i think i don't need to do this cause everything is installed locally.
Version of BPM is 8.6.200002
WAS 8.5.5.20
Nothing important shows in logs when i try to do that, except when i logged in on console, the error comes out:
FNRCE0051E: E_OBJECT_NOT_FOUND: The requested item was not found. Object store dos not found.
I am using a downloaded JSON file containing service account keys, instead of ADC, with code running on my local developer machine and communicating with live GCP Firestore.
After adding a service account to a role, in my case roles/datastore.user, do I have to do anything before it takes effect?
E.g. wait 15 minutes, redownload the JSON, restart some services, something else?
Question relates to this error in automated tests running on my machine.
Test method MyProject.Data.Repositories.FirestoreRepositoryTests.FirestoreAccountDocRepository_UpdateAsync__updates threw exception:
Grpc.Core.RpcException: Status(StatusCode="PermissionDenied", Detail="Permission denied on resource project my-project-prodlike.", DebugException="Grpc.Core.Internal.CoreErrorDetailException: {"created":"#1642697226.430711000","description":"Error received from peer ipv4:172.217.169.74:443","file":"/Users/einari/Projects/grpc/grpc/src/core/lib/surface/call.cc","file_line":1074,"grpc_message":"Permission denied on resource project my-project-prodlike.","grpc_status":7}")
Note - I'm using Contrib.Grpc.Core.M1 since I'm on new MacBook.
Note - I'm no longer using the above and now using Google's workaround GRPC lib adapter, just in case. See https://github.com/googleapis/google-cloud-dotnet/issues/7560#issuecomment-975414370.
The permission denied problem was being caused by an incorrect project name (and not permission actually being denied).
At the top of the Google Cloud Console is the name of the current project. However, that's actually just a pointless alias, the real project identifier is not displayed by default, though it is in the URL in the browser.
Of course, the error message implies it found its target resource and it denied access.
I'm so tired.
I used the Sophos UTM 9.510 ha_standalone Cloudformation template (https://github.com/sophos-iaas/aws-cf-templates/blob/master/utm/9.510/standalone.template) and used defaults when possible. I did not use an existing ElasticIP, so it created it's own at (scrubbed) 50.12.12.123.
I gave a hostname at (for example) vpn.example.com and after creation, I created an A record for vpn.example.com to point to 50.12.12.123.
I don't have a license and just pay hourly for the AMI.
I understand that I should be able to hit https://vpn.example.com:4444 or https://50.12.12.123:4444 to see the admin panel. However, it times out and doesn't load anything.
When I deployed the stack, I got an email at the admin email I provided and it said REST daemon not running - restarted. I assume it restarted fine, since I have received no new emails, and the EC2 instance is running.
Has anyone else experienced this? Is there a step I'm missing? Aside from creating the Route53 record, I thought the Cloudformation Template should just work right out of the box.
The default security groups blocked traffic. I modified one of them to accept all traffic and the dashboard became accessible. I will now refine access further.
I have a PowerShell script that deploys an ARM template to Azure, but I have encountered an error that I can't quite seem to wrap my head around. When running in PowerShell, itself, I get the following error:
New-AzureRmResourceGroupDeployment : 7:46:01 AM - Error:
Code=CannotUpdatePlan; Message=Resource plan can not be changed.
The error description doesn't seem all that complicated, but I'm not sure why this is the case in the first place. I don't have any locks on the Resource Group, resources, or subscription so it should theoretically be able to work properly, right?
Upon testing in VSTS, I got the error mentioned above along with the following error message preceding it:
Selected subscription is in 'Disabled' state.
I'm not sure if that has to do with the other, but I know the subscription is active as I can deploy resources to it, manually. Also, it clearly says "Active" when viewing the subscription from the portal.
According to your description, I suggest you could check as the following steps.
1.Ensure your subscription is enabled. For test, you could create a web app. If your subscription is really disabled, please refer to this link re-active your subscription.
2.You had better check your subscription connection. Please ensure subscription is right. When you verify connection, it should show Verified.
Note: I use the agent Hosted VS2017 and use Azure PowerShell script to deploy template.
Having a tough time with this issue. Not sure how but my ApplicationPoolIdentity is broken.
Currently I'm running IIS 8 on Windows 8 with Visual Studio 2012. When trying to debug an application from Visual Studio, or just navigating to the site in a browser I get the following error logged and a 503 error.
Application pool 'DefaultAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
If I check out the Application error logs, I find the following error from the User Profile Service.
Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, and that your network is functioning correctly.
DETAIL - The system cannot find the path specified.
Upon looking into the details I find that the User Profile Service is trying to load up a profile with the Id
S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415
Now I opened up the registry to try and find the profile with that UserId. However there's nothing in the Profile list that helps.
So digging around a little more I've found that this issue can be resolved by either
A) Set the Load User Profile of the Application Pool to false.
B) Use a different account for the application pool.
C) Fix the account.
Seeing how this is the built in account, I'd prefer to fix the issue rather than fix the sympton.
What I have tried
aspnet_regiis -i
Removing IIS from windows and reinstalling.
Attempted to follow the guide here but I don't know the account password :P
My hunch
Somehow the ApplicationPoolIdentity got messed up. Is there any physical folders for the built-in accounts? I know that the Network and Local service profiles physical directories exist at C:\Windows\ServiceProfiles\. It is possible to recreate the ApplicationPoolIdentity profile? Or am I way off on what the real issue is?
C) Here is what i did to fix the account
Go in regedit at key
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
There is a setting called "Default". You have to make sure that the data value point to an existing directory on the drive.
By default it contains "%SystemDrive%\Users\Default". In my company the default is changed to a custom profile. Somehow, someone deleted that user profile. So when the defaultAppPool user tryed to create an accound for himself, it was unable to do so because windows cannot provide him with a default user profile.
You can also diagnose this error when looking at the Event Viewer under the Application folder. You will get a message of that type:
Windows cannot find the local profile and is logging you on with a
temporary profile. changes you make to this profile will be lost when
you log off.