Add-SBHost : The system cannot find the file specified - powershell

I am attempting to add a Host to a newly created Windows Service Bus 1.1 farm but regardless of what I do I eternally get the following error:
VERBOSE: [11/16/2018 2:54:06 PM]: Validating input and configuration parameters.
VERBOSE: [11/16/2018 2:54:06 PM]: Installing auto-generated certificate.
VERBOSE: [11/16/2018 2:54:16 PM]: Granting 'Log on as Service' privilege to the run as account.
VERBOSE: [11/16/2018 2:54:16 PM]: Windows Fabric configuration started.
VERBOSE: [11/16/2018 2:54:28 PM]: Windows Fabric cluster manifest generated.
VERBOSE: [11/16/2018 2:54:28 PM]: Running Windows Fabric deployment.
Add-SBHost : The system cannot find the file specified
At line:1 char:1
+ Add-SBHost -SBFarmDBConnectionString "Data Source=MYHOST;Initial C ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Add-SBHost], Win32Exception
+ FullyQualifiedErrorId : System.ComponentModel.Win32Exception,Microsoft.ServiceBus.Commands.AddSBHost
I had been struggling with configuring the initial deployment of the farm because my organization uses Azure AD. I was following this very helpful Blog post to get through the installation and deployment but the issue I am seeing now isn't covered.
A Google of the issue leads me to this page where they talk about inspecting a DLL. I tried inspecting the Microsoft.ServiceBus.Commands.dll from within the Service Bus installation folder but, I'll be honest, I didn't understand enough to know what I was looking for.
Has anyone else run into this issue before? All suggestions of where I can look to find this are very much appreciated!

Based on my research of what is actually happening in Add-SBHost command, this error may occur when:
Code is trying create new temp file in %userprofile%\AppData\Local\Temp directory for something called "ClusterManifest".
Code is trying to execute FabricDeployer.exe (with created "ClusterManifest" file path as parameter) in directory which is defined in registry path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Service Bus\1.1 for variable WinFabric in folder bin\Fabric\Fabric.Code.1.0. In my case, executable was placed in C:\Program Files\Windows Fabric\bin\Fabric\Fabric.Code.1.0\FabricDeployer.exe
Code is trying to remove temp file (created in 1 point) from %userprofile%\AppData\Local\Temp
After that steps and getting message VERBOSE: [09.08.2019 13:32:26]: Windows Fabric starting. no more file operations should be performed.
What to do?
First of all check if temp file is created in %userprofile%\AppData\Local\Temp directory (sort files by modification date in explorer, run script and wait) - probably file cannot be created because of lack of permissions.
If file is creating properly and has XML inside, then check if Service Fabric is installed and FabricDeployer.exe is present in directory. In my case it wasn't there so i had to remove Windows Fabric and Service Bus. After next installation i made sure that all files were in place.
After these steps script run was successful.
I hope it will help you :)

Related

Entity Framework PowerShell script cannot be loaded by Visual Studio because its operation is blocked by software restriction policies

When I load Package Manager Console within Visual Studio 2017 v15.9.6 in a project that uses Entity Framework I receive the following error:
\packages\EntityFramework.6.2.0\tools\init.ps1 cannot be loaded because its operation is blocked by software restriction
policies, such as those created by using Group Policy.
At line:1 char:45
+ ... rgs+=$_}; & 'C:\Bitbucket\project-path\packages\EntityFramework.6.2. ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [], PSSecurityException
+ FullyQualifiedErrorId : UnauthorizedAccess
This prevents me from running commands specific to Entity Framework like "Update-Database" or "Add-Migration".
Here are things I have tried:
Reinstall Visual Studio
In Group Policy Editor, for both Computer Configuration and User Configuration, I have enabled the setting "Turn on Script Execution" that is located at "Administrative Templates\Windows Components\Windows PowerShell". The setting for both configurations has the "Execution Policy" set to "Allow all scripts".
I've tried locally in the Package Manager Console setting the "Process" scope to both "Bypass" and "Unrestricted", and then manually loading the Entity Framework init.ps1 script. I receive the same error.
I've also tried modifying registry keys for PowerShell to set the ExecutionPolicy to "Unrestricted" in a few places. Those places are at:
HKLM\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell
HKLM\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.SqlServer.Management.PowerShell.sqlps120
HKLM\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.SqlServer.Management.PowerShell.sqlps140
I've restarted multiple times in between doing all of the above.
When I run the command "Get-ExecutionPolicy -List", here are my results"
Scope ExecutionPolicy
----- -----------------------
MachinePolicy Undefined
UserPolicy Unrestricted
Process Undefined
CurrentUser Unrestricted
LocalMachine Unrestricted
After all of the above I expected to be able to just load Visual Studio as normal, launch Package Manager Console, and not receive any errors when it tries to run the Entity Framework init.ps1 script. I must be missing something or doing something incorrectly. What do I need to do to get Visual Studio to work as expected?
Some more information is that this is a computer joined to a company domain, but no other developers have this issue. There isn't a group policy set by an administrator that is trickling down preventing me from running scripts.
The error may be occurring because of an invalid certificate from Microsoft. Check in Control Panel => Internet Options => Content => Certificates on the Untrusted Publishers tab. Remove Microsoft Corporation from this list.
Sounds bizarre but it worked for me.
Tks https://github.com/NuGet/Home/issues/7158
Remove file inside
control=>internet option => content => certificates =>Untrusted publishers
then problem will solve
Try downgrading to EF 6.1.2.
I ran into the same problem as you. I tried changing the Group Execution Policies which in my case didn't work, because of some restriction on my local machine (may be set by my school admin). In another project I used 6.1.2 where things like migration was no problem.

Azure Add-AzureDisk is not working

I am using PowerShell ISE. When I run Add-AzureDisk
I get a CLI wizard and fill in the DiskName
and I have the vhd file uri in my clipboard (copied from the portal)
When I use the uri without "..." I get:
Add-AzureDisk : Invalid URI: cannot parse the hostname.
At line:1 char:1
Add-AzureDisk
~~~~~~~~~~~~~
CategoryInfo : NotSpecified: (:) [Add-AzureDisk], UriFormatException
FullyQualifiedErrorId : System.UriFormatException,Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.AddAzureDisk
Command
When I do use the "uri here" I get:
Add-AzureDisk : Invalid URI: URI-scheme is invalid. At line:1 char:1
I used this button:
I started to think that my powershell modules are out of date or something, so I ran Get-Module AzureRm.Profile -ListAvailable as suggested here:
Directory: C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Manifest 4.0.0 AzureRM.Profile {Disable-AzureRmDataCollection, Disable-AzureRmContextAutosave,...
But I also have v5 (found this on the docs website):
Get-Module -ListAvailable -Name AzureRm.Resources | Select Version
Version
5.0.0
As you might have guessed, I am more used to the webportal. But I am trying to create a new vm with two unmanaged disks vhd's which are in my blob storage container.
Edit I tried the Azure CLI:
az vm create -n "tmp-vm" -g "resource-tmp" --attach-os-disk "https://the-uri-copied-from-ui.blob.core.windows.net/vhd-container/vm-osdisk.vhd" --size Standard_DS1_v2 --use-unmanaged-disk --os-type windows
and got:
At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.
{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "DiskBlobPendingCopyOperation",
"message": "Disk blob https://the-uri-copied-from-ui.blob.core.windows.net/vhd-container/vm-osdisk.vhd is not ready. Copy state: Failed. Please retry when the blob is ready."
}
]
}
} Correlation ID: 0e1231a9-aa0e-4d79-8953-92ea43c658eb
I created the vhd with the powershell commands that I have found here:
https://stackoverflow.com/a/45569760/169714 perhaps that failed? I did not got an error or anything? How can I consolidate it?
edit2 I tried both templates and had a hard time getting the debug info. But I have found the error now. And it is the same as before:
The blob seems to have the expected size. The lease state says available. Last modified date is a second ago, so does that mean that the underlying storing is still in process? I tried to run Get-AzureStorageBlobCopyState -Blob tmpvmosdisk.vhd -Container vhd-containers -WaitForComplete but that gives an error about a non required (and unknown to me) argument:
Get-AzureStorageBlobCopyState : Could not get the storage context. Please pass in a storage context or set the current storage context.
edit 3 data disk seems flushed again. It was 512gb and is now back to zero?
so I got the not ready message again when I wanted to add the vhd as disk...
As Hannel said, Add-AzureDisk is a classic command. You could not use it to create a ARM mode VM.
--attach-os-disk it requires a managed disk, now, you give a unmanaged disk(VHD), so, you get the error log. See this link.
According to your scenario, the easy way is to create VM with a template. You could use this template:Create a Virtual Machine from a User Image.
If you have existing VNet, you also could use this template.
I can highlight multiple issues, i will try to answer all as best as i can.
First, Add Add-AzureDisk is a ASM (Classic Deployment) command but you are mentioning AzureRM Module. Is it an ARM or ASM deployment?
Second, you CLI is ARM deployment, that failed because you copied the VHD and the copy operation is not yet done so you cannot used the VHD. You should be able use the az storage blob show command to validate the VHD copy/move is completed before using VHD.
Hope this helps.

How can I fix this "Set-SecureBootUEFI : Incorrect authentication data: 0xC0000022" error?

I used the tutorial and the PowerShell scripts in UefiSecureBootManualTests.zip(EnableSecureBoot.ps1 and append_LostCA_db.ps1) found here to sign an .efi file and enable SecureBoot to see if the system boots(it all worked well).
Now I'm trying to take the winload file from system32, sign it using the same scripts, and then overwrite the keys and see if SecureBoot lets me boot only with the winload I signed.
This time I am using the same scripts, except I modified Set-SecureBootUEFI command in the append_LostCA_db.ps1 deleting -AppendWrite parameter so it can overwrite.
But now I am receiving an error:
Set-SecureBootUEFI : Incorrect authentication data: 0xC0000022
At F:\SecureBoot\AllowNewCertificate\suprascriu_LostCA_db.ps1:13 char:5
+ Set-SecureBootUEFI -Name db -Time 2011-05-21T13:30:00z -ContentFilePath Lost ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (Microsoft.Secur...BootUefiCommand:SetSecureBootUefiCommand) [Set-Secu
reBootUEFI], UnauthorizedAccessException
+ FullyQualifiedErrorId : SetFWVarFailed,Microsoft.SecureBoot.Commands.SetSecureBootUefiCommand
How can I fix this?
I am using a HP desktop with Win8.1 x64
LATER EDIT: It would REALLY help if someone could give me an unsinged winload for 8.1 x64
One of the things that these signatures tell you is that the content has not been modified(that means it is still secure/valid/trustable). So that is the reason why I could not sign a file already signed(the loader used at boot and signed by Microsoft). That's why I was getting the UnauthorizedAccessException.
There is no workaround for this.

Installing an exe with Powershell DSC Package resource gets return code 1619

I'm trying to use Powershell DSC's Package resource to install an exe... Perforce's P4V to be specific. Here's my code:
Configuration PerforceMachine
{
Node "SERVERNAME"
{
Package P4V
{
Ensure = "Present"
Name = "Perforce Visual Components"
Path = "\\nas\share\p4vinst64.exe"
ProductId = ''
Arguments = "/S /V/qn" # args for silent mode
LogPath = "$env:ProgramData\p4v_install.log"
}
}
}
When running this, this is the error Powershell gives me:
PowerShell provider MSFT_PackageResource failed to execute Set-TargetResource functionality with error message: The return code 1619 was not expected. Configuration is likely not
correct
+ CategoryInfo : InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId : ProviderOperationExecutionFailure
+ PSComputerName : SERVERNAME
According to documentation, return code 1619 means the MSI package couldn't be opened. However, when I manually log in to the machine and run "\\nas\share\p4vinst64.exe /S /V/qn", the install works flawlessly.
Does anyone know why this is failing? Alternately, can anyone tell me how to troubleshoot this? I pasted all the error information I got from the terminal, my log file (p4v_install.log) is a 0 byte file, and there are no events in the event viewer. I don't know how to troubleshoot it any further!
EDIT: I should note that I also tried using the File resource to copy the file locally, and then install it from there. Sadly, that met with the same result.
Daniel over at the Powershell.org forums was able to figure this out for me.
The P4V InstallShield setup wrapper puts the MSI file into wrong path if you execute as LocalSystem.
I’ve managed to develop a Configuration that works, see below. The key is the /b switch here which puts the MSI file into a defined location. I’ve added ALLUSERS=1 to get the shortcuts visible to all users and REBOOT=ReallySuppress to avoid a sudden restart (which will happen otherwise).
Configuration PerforceMachine
{
Package P4V
{
Ensure = "Present"
Name = "Perforce Visual Components"
Path = "C:\My\p4vinst64.exe"
ProductId = ''
Arguments = '/b"C:\Windows\Temp\PerforceClient" /S /V"/qn ALLUSERS=1 REBOOT=ReallySuppress"' # args for silent mode
}
}
Well, what happens here is that the package gets installed (not tested with p4vinst64.exe yet! So, not sure why it says pack cannot be opened as the error) but since you did not specify a ProductID value, the verification at the end of install fails. That is the error you are seeing. The Package resource is no good for installing .exe packages or even MSIs with no ProductID represented as a GUID.
You can use the WindowsProcess resource instead.

Breaking MsBuild package & deploy into separate MsBuild and MsDeploy commands

I'm having a few problems breaking out an MsBuild package+deploy command into two separate commands. (I need to do this to pass additional parameters to MsDeploy).
The command that works fine looks like this:
msbuild "src\Solution.sln"
/P:Configuration=Deploy-Staging
/P:DeployOnBuild=True
/P:DeployTarget=MSDeployPublish
/P:MsDeployServiceUrl=https://192.168.0.1:8172/MsDeploy.axd
/P:DeployIISAppPath=staging.website.com
/P:AllowUntrustedCertificate=True
/P:MSDeployPublishMethod=WmSvc
/P:CreatePackageOnPublish=True
/P:UserName=staging-deploy
/P:Password=xyz
The separated packaging command looks like this:
msbuild "src\Solution.sln"
/P:Configuration=Deploy-Staging
/P:DeployOnBuild=True
/P:DeployTarget=Package
/P:_PackageTempDir=C:\temp\web
which works fine. But then the MsDeploy portion:
msdeploy
-verb:sync
-allowUntrusted
-usechecksum
-source:manifest=
'src\WebProject\obj\Deploy-Staging\Package\WebProject.SourceManifest.xml'
-dest:auto,ComputerName=
'https://192.168.0.1:8172/MsDeploy.axd?site=staging.website.com',
username='staging-deploy',password='xyz',authType='basic',includeAcls='false'
-enableRule:DoNotDeleteRule
fails, with the following error in WmSvc.log
wmsvc.exe Error: 0 : Attempted to perform an unauthorized operation.
setAcl/C:\temp\web (Read)
ProcessId=15784
ThreadId=31
DateTime=2011-03-30T14:57:02.4867689Z
Timestamp=3802908721815
wmsvc.exe Error: 0 : Not authorized.
Details: No rule was found that could authorize user 'staging-deploy',
provider 'setAcl', operation 'Read', path 'C:\temp\web'.
(and several more Read/Write operations)
Something is clearly going wrong with the paths it's trying to access (as it works fine with the other method) - I'm not sure it's even trying to use the iisApp targeting correctly, and at the moment I don't think the correct web.config's will be deployed either.
I've got this fixed now - I needed a different command to the one the automatically generated .cmd file was using, but comparing the two allowed me to fix it up (thanks #Vishal R. Joshi)
The differences I needed was:
basic authentication
allow untrusted certificates
?site=staging.webserver on the end of the MsBuild.axd path, as with my original command
override the IIS Web App name that is set in the params file
enable the do not delete rule
The winning command is as follows:
msdeploy
-verb:sync
-allowUntrusted
-source:package='src\WebProject\obj\Deploy-Staging\Package\WebProject.zip'
-dest:auto,ComputerName=
'https://192.168.0.1:8172/MsDeploy.axd?site=staging.website.com',
username='staging-deploy',password='xyz',authType='basic',includeAcls='false'
setParamFile:
"src\WebProject\obj\Deploy-Staging\Package\WebProject.SetParameters.xml"
-setParam:name='IIS Web Application Name',value='staging.website.com'
-enableRule:DoNotDeleteRule
-disableLink:AppPoolExtension -disableLink:ContentExtension
-disableLink:CertificateExtension
Hope this helps someone!
Add a delegation rule on the server using inetmgr to allow staging-deploy to carry out set-Acl operations.
Inetmgr -> Click on server node -> Management Service Delegation (in Management) -> Click Add rule to the right -> Choose the template labelled "Set Permissions for Applications" -> Accept defaults and click OK.
This should let you deploy any package or manifest with setAcl as long as the user you are deploying as, has permissions to the site you are deploying to.
You are able to specify the -setParam:name='',value='' flag when calling the MyProject.deploy.cmd file that is created when you generate a Package from a web project. The cmd is a friendly wrapper around msdeploy.exe, so you have no need to specify all the rest of the defaults.
Here's the details: http://evolutionarydeveloper.blogspot.co.uk/2013/05/specifying-environment-variables-at.html