Cube refresh with Automation Account in Azure SSAS - powershell

I'm currently trying to create an automation runbook to process a cube in Azure. I've tried multiple PowerShell scripts like this one :
$AzureCred = Get-AutomationPSCredential -Name "RefreshTest"
Add-AzureRmAccount -Credential $AzureCred | Out-Null
Invoke-ProcessASDatabase -databasename "MKTGCube" -server "AzureServerName" -RefreshType "Full" -Credential $AzureCred
With that kind of error (despite the fact that I installed the SQLServer module).
Invoke-ProcessASDatabase : The term 'Invoke-ProcessASDatabase' is not
recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or
if a path was included, verify that the path is
correct and try again.
Or this script :
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
##Getting the credential which we stored earlier.
$cred = Get-AutomationPSCredential -Name 'CredMat'
## Providing the Server Details
$ServerName = "AzureServerName"
Invoke-ProcessASDatabase -databasename "MKTGCube" -server $ServerName –ProcessType "ProcessFull"
$error[0].Exception.Message
$error[0].Exception.StackTrace
With that error message.
Invoke-ProcessASDatabase : Authentication failed: User ID and Password
are required when user interface is not
available.
At line:32 char:1
Invoke-ProcessASDatabase -databasename "MKTGCube" -server $ServerName ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : NotSpecified: (:) [Invoke-ProcessASDatabase], ArgumentException
FullyQualifiedErrorId : System.ArgumentException,Microsoft.AnalysisServices.PowerShell.Cmdlets.ProcessASDatabase
I think the problem is linked to the credentials because we need to provide ones to access the source database but I have no ideas on how to do it through a PowerShell script. Any idea ?
Thanks a lot.


You need import module Azure.AnalysisServices and SqlServer to your automation account.
You could import these two module from this link and this link.
Note: There is a mistake in your script. You should use Login-AzureASAccount not Add-AzureRmAccount to login, you could use the following example:
$Conn = Get-AutomationConnection -Name AzureRunAsConnection
Add-AzureAnalysisServicesAccount -RolloutEnvironment "southcentralus.asazure.windows.net" -ServicePrincipal -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint -TenantId $Conn.TenantID
Invoke-ProcessTable -Server "asazure://southcentralus.asazure.windows.net/myserver" -TableName "MyTable" -Database "MyDb" -RefreshType "Full"
More information about this please check this blog.

Related

Invoke-ProcessTable : The provided application id is invalid

This is what I've got in my Invoke-ProcessTable powershell script (snippet)
# create pscredential object
$credObject = New-Object -TypeName System.Management.Automation.PSCredential `
-ArgumentList $ServicePrincipal, $secStringPassword
#Get App Id for Service Principle
$SPDetails = Get-AzADServicePrincipal -DisplayName $ServicePrincipal
$SP_AppId = ($SPDetails).AppId
Invoke-ProcessTable `
-TableName $TableName `
-DatabaseName $DatabaseName `
-RefreshType Full `
-Server $Server `
-ServicePrincipal `
-Credential $credObject `
-TenantId $TenantId `
-ApplicationId $SP_AppId
$TenantId is hard coded in the script.
and this is the error I'm getting
Invoke-ProcessTable : The provided application id 'app:"service
principle name"#6"tenant id"5' is invalid. Parameter name: id At
C:\temp\powerrshell\invoke-processtable.ps1:25 char:1
Invoke-ProcessTable `
+ CategoryInfo : NotSpecified: (:) [Invoke-ProcessTable], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.AnalysisServices.PowerShell.Cmdlets.ProcessTable
I wasn't expecting the Application Id to be in the format that is being shown in the error message.
Anyway, where am I going wrong?

School boy error
I was passing in the wrong parameter to the $credObject object
I was sending in the ServicePrincipleName ($ServicePrincipal) instead of the Application Id ($SP_AppId).
Once I did this all worked.
#Get App Id for Service Principle
$SPDetails = Get-AzADServicePrincipal -DisplayName $ServicePrincipal
$SP_AppId = ($SPDetails).AppId
# create pscredential object
$credObject = New-Object -TypeName System.Management.Automation.PSCredential `
-ArgumentList $SP_AppId, $secStringPassword

PowerShell script to process cube on Azure - connection issue

I am trying to process cube on Azure with Powershell script. Have this kind of code:
# PowerShell code
# Connect to a connection to get TenantId and SubscriptionId
$Connection = Get-AutomationConnection -Name "AzureRunAsConnection"
$TenantId = $Connection.TenantId
$SubscriptionId = $Connection.SubscriptionId
# Get the service principal credentials connected to the automation account.
#$null = $SPCredential = Get-AutomationPSCredential -Name "Samcred"
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
# Select the correct subscription
Write-Output "Selecting subscription '$($SubscriptionId)'."
$null = Select-AzureRmSubscription -SubscriptionID $SubscriptionId
# Get variable values
$DatabaseName = Get-AutomationVariable -Name 'DatabaseName'
$AnalysisServerName = Get-AutomationVariable -Name 'AnalysisServerName'
# Show info before processing (for testing/logging purpose only)
Write-Output "Processing $($DatabaseName) on $($AnalysisServerName)"
#Process database
$null = Invoke-ProcessASDatabase -databasename $DatabaseName -server $AnalysisServerName -RefreshType "Full" -Credential $SPCredential
# Show done when finished (for testing/logging purpose only)
Write-Output "Done"
After execution there is connection error:
Invoke-ProcessASDatabase : Authentication failed: User ID and Password are required when user interface is not
available.
At line:46 char:9
+ $null = Invoke-ProcessASDatabase -databasename $DatabaseName -server ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Invoke-ProcessASDatabase], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.AnalysisServices.PowerShell.Cmdlets.ProcessASDatabase
Using Microsoft SQL Analysis Server (version 15.0.0.52).
Somehow there is need again to put account and password, which I already done.

PowerShell script to refresh tabular cube on Azure

I need to setup powershell script for refreshing tabular model cube on Azure, Microsoft SQL Analysis Server (version 15.0.0.52).
I wrote this solution, but every time when it's executed I have same errors.
# PowerShell code
# Connect to a connection to get TenantId and SubscriptionId
$Connection = Get-AutomationConnection -Name "AzureRunAsConnection"
$TenantId = $Connection.TenantId
$SubscriptionId = $Connection.SubscriptionId
# Get the service principal credentials connected to the automation account.
$null = $SPCredential = Get-AutomationPSCredential -Name "Samcred"
# Login to Azure ($null is to prevent output, since Out-Null doesn't work in Azure)
Write-Output "Login to Azure using automation account 'Samcred'."
$null = Login-AzureRmAccount -TenantId $TenantId -SubscriptionId $SubscriptionId -Credential $SPCredential
# Select the correct subscription
Write-Output "Selecting subscription '$($SubscriptionId)'."
$null = Select-AzureRmSubscription -SubscriptionID $SubscriptionId
# Get variable values
$DatabaseName = Get-AutomationVariable -Name 'DatabaseName'
$AnalysisServerName = Get-AutomationVariable -Name 'AnalysisServerName'
# Show info before processing (for testing/logging purpose only)
Write-Output "Processing $($DatabaseName) on $($AnalysisServerName)"
#Process database
$null = Invoke-ProcessASDatabase -databasename $DatabaseName -server $AnalysisServerName -RefreshType "Full" -Credential $SPCredential
# Show done when finished (for testing/logging purpose only)
Write-Output "Done"
Errors are:
Login to Azure using automation account 'Samcred'.
Login-AzureRmAccount : unknown_user_type: Unknown User Type
At line:12 char:9
+ $null = Login-AzureRmAccount -TenantId $TenantId -SubscriptionId $Sub ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Add-AzureRmAccount], AadAuthenticationFailedException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.AddAzureRMAccountCommand
Selecting subscription 'fb3456-56c2-40a2-aae6-9eeace345678'.
Select-AzureRmSubscription : Run Login-AzureRmAccount to login.
At line:16 char:9
+ $null = Select-AzureRmSubscription -SubscriptionID $SubscriptionId
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Set-AzureRmContext], PSInvalidOperationException
+ FullyQualifiedErrorId : InvalidOperation,Microsoft.Azure.Commands.Profile.SetAzureRMContextCommand
Processing TabCube on asazure://westus.asazure.windows.net/dex:rw
Invoke-ProcessASDatabase : Exception has been thrown by the target of an invocation.
At line:26 char:9
+ $null = Invoke-ProcessASDatabase -databasename $DatabaseName -server ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Invoke-ProcessASDatabase], TargetInvocationException
+ FullyQualifiedErrorId :
System.Reflection.TargetInvocationException,Microsoft.AnalysisServices.PowerShell.Cmdlets.ProcessASDatabase
Done
Any advice about this ?

$null = $SPCredential = Get-AutomationPSCredential -Name "Samcred"
If you use Microsoft account to login Azure, you will get the error log. In Azure runbook, you could use service principal to login, not use a account. Change your script like below:
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}

Error while running Azure runbook which executes PowerShell command on Virtual Machine

I am trying to execute this code in runbook, using "Invoke-Command" to connect to VM.
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure"
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
# Use the subscription that this Automation account is in
$null = Select-AzureRmSubscription -SubscriptionId $servicePrincipalConnection.SubscriptionID
Get-AzureRmVM | Select Name
$dcred = Get-AutomationPSCredential -Name 'myvm1creds'
Write-Output $DomainCred
$opts = New-PSSessionOption -SkipCACheck
Invoke-Command -Computername 'myVM1' -Credential $dcred -ScriptBlock {Get-Process} -SessionOption $opts
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
Getting the below error:
[myVM1] Connecting to remote server myVM1 failed with the following error message : The WinRM client cannot process the
request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain,
then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting.
Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You
can get more information about that by running the following command: winrm help config. For more information, see the
about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (myVM1:String) [], PSRemotingTransportException
+ FullyQualifiedErrorId : ServerNotTrusted,PSSessionStateBroken
Any idea what have to be done to run powershell script via runbook on Azure Virtual Machines

In Azure runbook, we can't use transport HTTP to connect Azure VMs, because Azure runbook can't add trust host, so we need use HTTPS to connect Azure VMs.
Here are my steps:
1.Create a self-signed certificate.
Use makecert.exe to create it.
2.Config Winrm listen on HTTPS, run this script in CMD:
winrm create winrm/config/Listener?Address=*+Transport=HTTPS #{Port="5986" ;Hostname="jasonvm" ;CertificateThumbprint="98941E137CDF9553CCB0C28D5814EB9EDB1AC87D"}
3.Add port 5986 in Azure NSG inbound rules and windows firewall inbound rules.
4.we can use this runbook to connect Azure VM:
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
$null = Select-AzureRmSubscription -SubscriptionId $servicePrincipalConnection.SubscriptionID
Get-AzureRmVM | Select Name
$dcred = Get-AutomationPSCredential -Name 'jasonvm'
Write-Output $DomainCred
$opts = New-PSSession -ConnectionUri 'https://52.185.148.177:5986' -Credential $dcred -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)
Invoke-Command -Session $opts -ScriptBlock {Get-Process}
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
Here is my result:

Import VMware Image to Azure - Credentials?

I try to create a Virtual Computer in Azure Portal from VMWare Image. I worked with this tutorials:
https://azure.microsoft.com/de-de/documentation/articles/virtual-machines-windows-upload-image/#uploadvm
(german)
https://buildwindows.wordpress.com/2015/12/20/how-to-add-a-nic-to-an-azure-virtual-machine-arm/
(english)
In the german tutorial you´ll find
$vm = Set-AzureRmVMOperatingSystem -VM $vmConfig -Windows -ComputerName $computerName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
To get $cred i used:
$cred = Get-Credentials
a login windows will appear to enter credentials
What kind of credentials i have to enter here? The credentials of the Image or Azure? In what format i have to enter it? I tried Computername\User and password (e.g. ARES\Administrator and the password.
EDIT 1
with the machine credentials MyMachineName\Administrator i got the following error:
PS C:\WINDOWS\system32> $cred = Get-Credential
Cmdlet Get-Credential an der Befehlspipelineposition 1
Geben Sie Werte für die folgenden Parameter an:
Credential
PS C:\WINDOWS\system32> $vm = Set-AzureRmVMOperatingSystem -VM $vmConfig -Windows -ComputerName $computerName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
PS C:\WINDOWS\system32> $result = New-AzureRmVM -ResourceGroupName $rgName -Location $location -VM $vm
New-AzureRmVM : Windows admin user name cannot be more than 20 characters long, end with a period(.), or contain the following characters: \ / " [ ] : | < > + = ; , ? * #.
StatusCode: 400
ReasonPhrase: Bad Request
OperationID : ''
In Zeile:1 Zeichen:11
+ $result = New-AzureRmVM -ResourceGroupName $rgName -Location $locatio ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureRmVM], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.NewAzureVMCommand
Edit 2
After the tip to read the example of https://msdn.microsoft.com/en-us/library/mt603843.aspx i got this one. My user is Administrator, but i got the message, ist no allowed?!
PS C:\WINDOWS\system32> $SecurePassword = ConvertTo-SecureString "mypassword" -AsPlainText -Force
PS C:\WINDOWS\system32> $Credential = New-Object System.Management.Automation.PSCredential ("Administrator", $SecurePassword);
PS C:\WINDOWS\system32> $AvailabilitySet = Get-AzureRmAvailabilitySet -ResourceGroupName "KGSCloud"
PS C:\WINDOWS\system32> $vmName = "titan"
PS C:\WINDOWS\system32> $computerName = "TITAN"
PS C:\WINDOWS\system32> $vm = Set-AzureRmVMOperatingSystem -VM $vmConfig -Windows -ComputerName $computerName -Credential $Credential -ProvisionVMAgent -EnableAutoUpdate
PS C:\WINDOWS\system32> $result = New-AzureRmVM -ResourceGroupName $rgName -Location $location -VM $vm
New-AzureRmVM : The Admin Username specified is not allowed.
StatusCode: 400
ReasonPhrase: Bad Request
OperationID : ''
In Zeile:1 Zeichen:11
+ $result = New-AzureRmVM -ResourceGroupName $rgName -Location $locatio ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureRmVM], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.NewAzureVMCommand
Can someone help me?
Kind Regards

For Set-AzureRmVMOperatingSystem you will need to enter the credentials of the virtual machine. So the format would be the local administrator account and password at this stage.