I am working on setting up work folders for one of my customers. I have followed the steps given in this guide on TechNet. However, I am receiving a very generic error when attempting to run the PowerShell cmdlet Initialize-ADDeviceRegistration. All it is telling me is
A value in the request is invalid.
Here is a screenshot of the full error message:
CORP\WorkFolders$ is a computer account. You can't use that as a service account. Create and use a dedicated user account instead.
Related
I have a C# console app that I wrote that is trying to enable mail for an AD user.
using (Runspace EnableMailboxRunspace = RunspaceFactory.CreateRunspace(ConnectionInfo(ExchangeServerURI, ExchangeUser, ExchangePassword)))
{
EnableMailboxRunspace.Open();
// Create a pipeline to process the commands
using (Pipeline EnableMailboxPipeline = EnableMailboxRunspace.CreatePipeline())
This works just fine in the dev environment, but I cannot get it to run on any production server. When the CreatePipeline command is executed I get this error:
"Connecting to remote server pc799.csnt.princegeorge.ca failed with
the following error message : The WinRM client cannot process the
request. It cannot determine the content type of the HTTP response
from the destination computer. The content type is absent or invalid.
For more information, see the about_Remote_Troubleshooting Help
topic."
I have tried this running as multiple different users, including domain admins.
This app did work a few months ago, but now it doesn't work. We moved from a fully on prem system, to a hybrid M365/On prem system and something in that seems to have broke it.
We have a Powershell script which downloads some zip files from a website and we have called the script in a scheduled task.
The problem is we are not getting the zip files even after the scheduled task is finished successfully. We are using a service account for that. Running the script manually downloads the zip file without any issues. Also, for another user which we use to login into the server, the task is working fine.
The issue started after our service account got locked out because of too many failed attempts in some other system.
I have tried bypassing the execution policy but no luck.
I have tried creating a similar new task but no luck.
I tried Start-in option to provide the task the location of the script but no luck.
After too much troubleshooting, I found the error in the Powershell logs in Event Viewer. Please find the error below:
Error Message = Unable to connect to the remote server
Fully Qualified Error ID = WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
This shows that the task is unable to invoke the web request. Can this be a permission issue? If yes, then how can I provide the required access?
I troubleshooted a bit more and found that the issue is with the proxy. Can somebody tell me how can I resolve this issue? For the local user it is working fine. Even I am able to access the webpage manually through IE. Shall I import proxy settings from IE? If yes then how to do that?
I finally figured out the solution for this. I added proxy details in the script which will force the Invoke web request command to send the request to that proxy server. This thing has resolved my issue.
Regards,
Mitesh Agrawal
I have a PowerShell script that deploys an ARM template to Azure, but I have encountered an error that I can't quite seem to wrap my head around. When running in PowerShell, itself, I get the following error:
New-AzureRmResourceGroupDeployment : 7:46:01 AM - Error:
Code=CannotUpdatePlan; Message=Resource plan can not be changed.
The error description doesn't seem all that complicated, but I'm not sure why this is the case in the first place. I don't have any locks on the Resource Group, resources, or subscription so it should theoretically be able to work properly, right?
Upon testing in VSTS, I got the error mentioned above along with the following error message preceding it:
Selected subscription is in 'Disabled' state.
I'm not sure if that has to do with the other, but I know the subscription is active as I can deploy resources to it, manually. Also, it clearly says "Active" when viewing the subscription from the portal.
According to your description, I suggest you could check as the following steps.
1.Ensure your subscription is enabled. For test, you could create a web app. If your subscription is really disabled, please refer to this link re-active your subscription.
2.You had better check your subscription connection. Please ensure subscription is right. When you verify connection, it should show Verified.
Note: I use the agent Hosted VS2017 and use Azure PowerShell script to deploy template.
Greeting Everyone,
Hoping someone has a quick insight but I am getting access denied on a service account using the PowerShell command Remove-CMDevice.
This process is as per outlined here, https://technet.microsoft.com/en-us/library/jj821759(v=sc.20).aspx
The account has permission to remove devices from SCCM and this works fine through the GUI but not the command line. I have been unable to find documentation on what permissions the account need to do this via command line, it works fine manually in the GUI.
If anyone can shed light on this it will be wonderful, I do want to keep this service account as having as minimal permissions as possible.
Many thanks,
Edit to Add Image as follows,
After a lot of testing, I'm here with an answer on the Permission part when using PowerShell console to remove CM system object. Of course the symptom is the same: The account can delete from Admin console, however, when using PowerShell, it failed with Permission error message.
The account to perform the Remove-CMDevice cmdlet must have proper RBA Permission on the object. Assume the security scope is default one, the account connected to Configuration Manager console must have below RBA permission which I tested is almost minimal permission:
In the screenshot the Collection part, the permission is easy to understand, Read, Delete Resource, etc.
For the Computer Association part, you may get confused, why?
Steps I did the troubleshooting:
I opened a PowerShell Console connecting to Configuration Manager using my test account and run below command to see what will happen:
Remove-CMDevice 'Rsuraceccc' -Verbose
I got below error:
Yes, it's trying to querying from the SMS_StateMigration. Then I try to run a simple command:
Get-WMIObject -NameSpace root\sms\site_clt -Query 'Select * from SMS_StateMigration'
Once again, I got error. So I get the conclusion that the account needs Permission on SMS_StateMigration. So I add 'Recover User State' permission of Computer Association on the role and tried again, cheers, this time all command runs successfully.
I don't know why it's using SMS_StateMigration, but this is the case here.
In the example below (added carriage returns for readability) I am able to create a resource group and Sql Server just fine. When I run line #19 I get the vague error message:
BadRequest: An error occurred while processing this request.
I've hit a wall without the proper feedback to help me troubleshoot. I can create databases in AzureServiceManager mode just fine, but I'd like to be able to use resource groups to manage my databases. There is so little information available for this scenario so any information to point me in the right direction will be much appreciated!
I think you should use New-AzureRmResource instead of New-AzureResource; since you're working in resource manager mode, the only command to create a new Azure resource is to use New-AzureRmResource.