I have tried to run Intu Manager according to the directions found here: https://rg-gateway.mybluemix.net/README.pdf without success. I have a valid & registered organization and group, and am able to log into Bluemix and access resources. However, when I fire ups Intu Manager it first says "Registering com outer to Intu Gateway for authorization", and then displays an error message that says:
Gateway Login FailOrganization does not have a parent associated with it
The organization you are trying to sign into does not have a Parent Self instance associated with it.
Contact a system administrator to resolve this issue!
My Organization is TRI, and my group is TARS.
Any suggestions?
Related
We currently have one DevOps repository, with a functional CI/CD pipeline. We have another website hosted on a different instance (and different region) on Azure. We are trying to use our existing repo to deploy to the other Azure instance, but it is giving is the following message:
Failed to query service connection API: 'https://management.azure.com/subscriptions/c50b0601-a951-446c-b637-afa8d6bb1a1d?api-version=2016-06-01'. Status Code: 'Forbidden', Response from server: '{"error":{"code":"AuthorizationFailed","message":"The client '2317de35-b2c2-4e32-a922-e0d076a429f5' with object id '2317de35-b2c2-4e32-a922-e0d076a429f5' does not have authorization to perform action 'Microsoft.Resources/subscriptions/read' over scope '/subscriptions/c50b0601-a951-446c-b637-afa8d6bb1a1d'."}}'
I have tried all of the recommended trouble-shooting, making sure that the user is in a Global Administrator role and what-not, but still not luck. The secondary Azure subscription that we are hoping to push our builds to is a trial account. I'm not sure if it being a trial account matters.
I came across the same error. It turns out that, as the error message states, the service principal didn't have Read permission over the subscription. So the solution was to go to Azure Portal, select the subscription, select IAM and assign the role Reader to my service principal. Full explanation on here:
https://clydedz.medium.com/connecting-azure-devops-with-azure-46a908e3048f
I have the same problem. There are one repository and two instances of the application on the Azure portal. For the first instance, the subscription Pay-As-You-Go is used, and there were no problems for it when creating the service connection and CI/CD settings. For the second instance, a free subscription is used and when trying to create a new service connection (Azure Resource Manager) I get the same error.
I tried to do it with the permissions of Owner and Contributor
UPD: I was helped by the re-creation of the application in the azure portal
https://learn.microsoft.com/en-ca/azure/active-directory/develop/howto-create-service-principal-portal
Another option would be to save without verification if the Service Principle will not require permissions at the Subscription level. Like for example providing access to a Keyvault.
Check if the service connection for the second instance is correctly added in project settings:
I have followed the steps on https://learn.microsoft.com/en-us/vsts/accounts/connect-account-to-aad?view=vsts to get my VSTS instance to use Azure Active Directory. When I click "Connect" I get the error:
Account [VSTS instance name] connection to an AAD Tenant failed due to
the error : Aad guest user cannot be made an owner of the account.
Owner identity: (id: [id]; mid: [id]; cuid: [id])
Looking through the list of users I can see that I am logged in as a user that is present on both VSTS and AAD, and that the AAD user has a User Type = Member
Originally the user was setup as Guest, and using powershell I changed them to Member. This seemed to change the user type immediately, but I still get the error above, even after waiting approx. 36 hours so far.
Is there something else I need to do here?
As per my comment above:
I have managed to fix this by dropping the user completely and creating a brand new MSA account and starting again. I don't know what I did wrong the first time round, but it is working now with the brand new user.
I use this tutorial to deploy a business network on a free bluemix cluster: https://ibm-blockchain.github.io/
I also deploy the REST Server and communicate via Web apps.
All went fine till yesterday. The REST Server was not accessible anymore.
I deleted everything on the cluster using the script delete_all available in the ibm-container-service repository.
I followed the install procedure using the create_all script. I could access the composer playground (port 31080) again but was not really able to deploy an online business network using the "profile" hlfv1. Now it asks at the bottom of the "deploy UI" for credentials.
I don't know what to fill in. I tried to use ID+Password. On this way I was able to deploy but I got access error by clicking on "connect now". I was able to start the REST server then but if i try to access it in the browser (port 31090), I get the feedback that I'm not authorized.
Any ideas?
And do you know which changes have been made in the last month, which could bring these troubles?
Thx
Phil
The tutorial pointed to only covers playground when used with a Web Browser connection not a real fabric. When you deploy to a real fabric you have to provide an initial identity that you want bound to an initial participant in the business network. The initial participant will be of type org.hyperledger.composer.system.NetworkAdmin and given a name of the initial identity name you provide.
This dialog looks like this
To get you started you should select the ID and Secret radio button. Then for Enrollment ID enter admin and for the Enrollment Secret enter adminpw.
This is the name and secret of the bootstrap identity that exists in the fabric-ca server that has been deployed as part of the scripts.
By providing this information that identity will be enrolled and it's public certificate will be bound to a NetworkAdmin participant which will be called admin. This identity admin will then have access to the business network as only identities that are bound to a participant in the business network can have any sort of access.
I am new to API connect and I'm trying to create a simple loopback application and publish the product and API to bluemix.
Steps I've followed so far:-
On Bluemix:-
Added a API connect service to my organization ('subhash.pesh#gmail.com'), US South region and and test space.
Default Sandbox catalog created in APIConnect.
On Local machine:-
Got the APIC CLI
Created a loopback app by running: apic loopback
Ran the API designer by using apic edit
Express server started listening in on a port and the GUI editor opened up in my default browser.
Tried to publish the product by adding a bluemix target.
Here is where I'm facing the issue:
I'm able to enter my bluemix credentials and it chooses US South region by default, but I'm not able to see any organizations within the next dropdown.
I've tried doing this while the app is running locally and while it's stopped (I dont think it should make any difference, but I was getting desperate)
Ive attached the pictures of the publishing option/ empty organization dropdown here:-
Organization dropdown can be seen here
Unable to see any of my organizations, dropdown is blank
I'm sure I'm missing something vital, but I'm just not able to figure this out.
I've tried going through the documentations and video tutorials and by their account, I should be able to select the organizations and then the catalog to which I want to publish the API.
EDIT: I observed something while trying to publish from CLI:
After logging in to us.apiconnect.ibmcloud.com, when I run
apic orgs --server us.apiconnect.ibmcloud.com
I get a blank response.. Not sure why my bluemix organizations are not being recognized
And when I run
apic catalogs --all-organizations --server us.apiconnect.ibmcloud.com
I get
Error: No catalogs found in all organizations
Error: No catalogs found in org null
I have a Bluemix account with organization defined, but when I login to IoTF via the webpage https://internetofthings.ibmcloud.com/ my organization is not shown. I see a message that says "You are not a member of any organization".
I am unable to add any devices as a result. What could be causing this issue?
The likely explanation is that you were a temporary member of your IoTF organization and that has subsequently expired.
When you create an IoTF service using Bluemix, an IoTF organization is created and your IBM ID is added as a temporary member. This temporary membership expires after 24 hours and the effect is similar to what you are describing.
If you were to access IoTF using the service tile in Bluemix (Launch Dashboard) then you would be logged straight in to your organization. At this point you will be able to add members (including yourself) to the IoTF organization and then be able to log in directly at https://internetofthings.ibmcloud.com/
The reason for this is that if a Bluemix user created an IoTF service, there is not necessarily the affirmation that that user will forever be authorized to access it. By making that user a temporary member, it is able to log in directly for 24 hours only until the ID is added as a permanent member, or that user always accesses the IoTF dashboard using the Bluemix service tile. The intention is that without positive action the user creating the service will still need access in Bluemix, in order to access IoTF.