Failed to start WinNAT service - virtualization

How Resolved this problem ?
I try make switch using a nat network.
(from this link: https://www.thomasmaurer.ch/2016/05/set-up-a-hyper-v-virtual-switch-using-a-nat-network/ )
I made:
New-VMSwitch –SwitchName “NAT_vSwitch” –SwitchType Internal
New-NetIPAddress –IPAddress 172.100.100.1 -PrefixLength 24 -InterfaceAlias "vEthernet (NAT_vSwitch)"
but when I make this line:
New-NetNat –Name NetworkNAT –InternalIPInterfaceAddressPrefix 172.100.100.0/24
My Output in PowerShell looks like:
New-NetNat : Failed to start WinNAT service
At line:1 char:1
+ New-NetNat –Name NetworkNAT –InternalIPInterfaceAddressPrefix 172.100 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: ObjectNotFound: (MSFT_NetNat:root/StandardCimv2/MSFT_NetNat) [New-NetNat], CimException
+ FullyQualifiedErrorId : Windows System Error 1168,New-NetNat
what I am doing wrong or where I should looking for error?

I had a similar issue.
Firstly, backup the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nsi
Then proceed to delete the items with the key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a00-9b1a-11d4-9123-0050047759bc}.
In powershell, then perform:
start-service WinNat
If it is able to start, then try your command again:
New-NetNat –Name NetworkNAT –InternalIPInterfaceAddressPrefix 172.100.100.0/24

Related

Set-AzureRmVMDiskEncryptionExtension : Long running operation

While trying to encrypt a VM, I am getting the below error:
Set-AzureRmVMDiskEncryptionExtension : Long running operation failed
with status 'Failed'. ErrorCode: VMExtensionProvisioningError
ErrorMessage: VM has reported a failure when processing extension
'AzureDiskEncryptionForLinux'. Error message: "Enable failed.".
StartTime: 11/15/2017 11:12:30 AM EndTime: 11/15/2017 11:14:38 AM
OperationID: 004051ca-bf73-4a37-a145-5e0ac30bc30a Status: Failed At
line:1 char:1
+ Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $resourceGrou ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureRmVMDiskEncryptionExtension], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.Extension.AzureDiskEncryption.SetAzureDiskEncryptionExtensionCommand
Please help me to resolve this issue.
I was also having the same issue. The reason was i was not changing the access policy of the key vault.
use this command to change the access policy first and then execute the command for encryption.
Set-AzureRmKeyVaultAccessPolicy -VaultName $KeyVaultName -ResourceGroupName $rgName -EnabledForDiskEncryption
and then check the policy with the following command
(Get-AzureRmKeyVault -VaultName $keyVaultName -ResourceGroupName $rgName).EnabledForDiskEncryption it should return true.

Update-AzureRmVmss RDP password: Changing property 'zones' is not allowed

I'm trying to update RDP login/password on a Service Fabric VMSS. I use the default script proposed here :
https://blogs.technet.microsoft.com/mckittrick/how-to-reset-password-for-vmss-scale-set-instances/
However I have this issue when lauching the last Update-AzureRmVmss command (I don't try to change any zones parameter) :
Update-AzureRmVmss : Changing property 'zones' is not allowed.
ErrorCode: PropertyChangeNotAllowed
ErrorMessage: Changing property 'zones' is not allowed.
StatusCode: 409
ReasonPhrase: Conflict
OperationID : df197d60-0694-4d38-bad6-1de2163de550
At line:13 char:1
+ Update-AzureRmVmss -ResourceGroupName $vmssResourceGroup -Name $vmssN ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Update-AzureRmVmss], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.Common.ComputeCloudException,Microsoft.Azure.Commands.Compute.Automation.UpdateAzureRmVmss
Any idea ?
thank you

TrustFailure Error Thrown When Using AWS Powershell

I am trying to use AWS powershell to update metadata for items in my S3 bucket. I am using the script:
Set-AWSCredentials -ProfileName S3Test ;
write-S3Object -BucketName myS3bucket `
-Key Folder/Subfolder/Myfile.txt `
-Content "Myfile.txt `
-Metadata #{"x-amz-meta-custommetadata" = "TESTMEtadata"} `
-Headers #{"Content-Type" = "binary/octet-stream"} ;
I am able to run this script successfully from my own account on my computer but when I try to automate this script using a service account I am getting the error message:
write-S3Object : A WebException with status TrustFailure was thrown.
At line:1 char:1
+ write-S3Object -BucketName myS3Bucket `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation:
(Amazon.PowerShe...eS3ObjectCmdlet:WriteS3ObjectCmdlet) [Write-S3Obje
t], InvalidOperationException
+ FullyQualifiedErrorId :
Amazon.Runtime.AmazonServiceException,Amazon.PowerShell.Cmdlets.S3.WriteS3ObjectCmdlet
From what I have found on similar issues I tried to add this line to my script:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ;
However this results in a different error message:
write-S3Object : A WebException with status RecieveFailure was thrown.
At line:1 char:1
+ write-S3Object -BucketName myS3Bucket `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation:
(Amazon.PowerShe...eS3ObjectCmdlet:WriteS3ObjectCmdlet) [Write-S3Obje
t], InvalidOperationException
+ FullyQualifiedErrorId :
Amazon.Runtime.AmazonServiceException,Amazon.PowerShell.Cmdlets.S3.WriteS3ObjectCmdlet
Does anyone have any idea what may be causing these problems and how I would be able to resolve them?
It seems liken a callback is run using what is defined in:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
I'm not exactly sure what triggers it based off of what I read but the callback seems to be set on service accounts.
Try setting it to:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = $null
Reference:
https://forrestbrazeal.com/2015/06/15/adventures-in-aws-the-worlds-scariest-stack-trace/
Check your date on the server.
I had the same error accessing AWS endpoints, but the solution was a touch simpler... I was testing a process where I set the date on the server back a couple of months, which caused the AWS connection process to throw the request out.

Invalid namespace in PowerShell working with FSRM

Trying PS command:
Set-FsrmFileGroup -Name "Anti-Ransomware File Groups" -IncludePattern #((Invoke-WebRequest -Uri "https://fsrm.experiant.ca/api/v1/combined" -UseBasicParsing).Content | ConvertFrom-Json | % {$_.filters})
Getting error:
New-FsrmFileGroup : Invalid namespace
At line:1 char:1
+ New-FsrmFileGroup -Name "Anti-Ransomware File Groups" -IncludePattern #((Invoke- ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : MetadataError: (MSFT_FSRMFileGroup:Root/Microsoft/...T_FSRMFileGroup) [New-FsrmFileGroup], CimException
+ FullyQualifiedErrorId : HRESULT 0x8004100e,New-FsrmFileGroup
I also notice some errors in FSRM:
Firewall is off and I am domain admin running this as admin. SFC and a WMI repair came back as good. I am going based off a guide (https://fsrm.experiant.ca/). This has worked across a ton of other servers so I don't believe the commands to be improperly formatted.
Output of Get-WmiObject -Namespace 'Root/Microsoft/Windows/Fsrm' -List:
Get-WmiObject : Could not get objects from namespace Root/Microsoft/Windows/Fsrm.
Invalid namespace
At line:1 char:1
+ Get-WmiObject -Namespace 'Root/Microsoft/Windows/Fsrm' -List
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : INVALID_NAMESPACE_IDENTIFIER,Microsoft.PowerShell.Commands.G‌​etWmiObjectCommand

Try/Catch Add-DnsServerResourceRecordA in PowerShell

I want to catch the exception that occurs, when adding a DNS record with Add-DnsServerResourceRecordA in PowerShell with the switch -CreatePTR, but no reverse lookupzone exists.
But there is no error. If I provoke the error a simple menu pops up and informs me about the situation. But independent from the -ErrorAction switch the $error variable does not receive an error. What's my fault?
Thanks for your reply.
PS C:\Users\xyz>> Add-DnsServerResourceRecordA -Name "test-mwi4" -IPv4Address 1.1.1.1 -CreatePtr -ZoneName contoso.biz -ErrorAction Continue
Add-DnsServerResourceRecordA : Failed to create PTR record. Resource record test-mwi4 in zone mn-man.biz on server MNDEMUCDC010 is created successfully, but corresponding PTR record could not be created.
At line:1 char:1
+ Add-DnsServerResourceRecordA -Name "test-mwi4" -IPv4Address 1.1.1.1 -CreatePtr - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (test-mwi4:root/Microsoft/...ResourceRecordA) [Add-DnsServerResourceRecordA], CimException
+ FullyQualifiedErrorId : WIN32 9715,Add-DnsServerResourceRecordA
Thank you!
In order to use this command in try catch block use below code:
Try
{
Add-DnsServerResourceRecordA -Name "test-mwi4" -IPv4Address 1.1.1.1 -CreatePtr -ZoneName contoso.biz -ErrorAction Stop
}
Catch
{
Write-Host "Error while adding pointer record:`n$($Error[0].Exception.Message)"
}
$Error[0] returns:
$Error[0]
Add-DnsServerResourceRecordA : Failed to get the zone information for
contoso.biz on server HYDLPT487.
At line:3 char:5
+ Add-DnsServerResourceRecordA -Name "test-mwi4" -IPv4Address 1.1.1 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (test-mwi4:root/Microsoft/...Resou
rceRecordA) [Add-DnsServerResourceRecordA], CimException
+ FullyQualifiedErrorId : WIN32 1722,Add-DnsServerResourceRecordA