I was trying to make a dummy diagnostics worker role using the following article
When i run the following command in step 4 :
(Get-AzureServiceAvailableExtension -ExtensionName 'PaaSDiagnostics' -ProviderNamespace 'Microsoft.Azure.Diagnostics').PublicConfigurationSchema | Out-File -Encoding utf8 -FilePath 'WadConfig.xsd'
I get the following error in azure powershell, we need the subscription in this command but not sure where.
Also, is there a place where I can find how to make a dummy diagnostics worker role.
VERBOSE: 3:32:14 PM - Begin Operation: Get-AzureServiceAvailableExtension
Get-AzureServiceAvailableExtension : No default subscription has been designated. Use Select-AzureSubscription
-Default <subscriptionName> to set the default subscription.
At line:1 char:2
+ (Get-AzureServiceAvailableExtension -ExtensionName 'PaaSDiagnostics' -ProviderNa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureServiceAvailableExtension], ApplicationException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.Extensions.GetAzureServiceAvailableExt
ensionCommand
VERBOSE: 3:32:14 PM - Completed Operation: Get-AzureServiceAvailableExtension
Out-File : Access to the path 'C:\WadConfig.xsd' is denied.
At line:1 char:148
+ ... rationSchema | Out-File -Encoding utf8 -FilePath 'WadConfig.xsd'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (:) [Out-File], UnauthorizedAccessException
+ FullyQualifiedErrorId : FileOpenFailure,Microsoft.PowerShell.Commands.OutFileCommand
First add your credentials using:
add-azureaccount
Next, select desired subscription (if you have more than one) using:
Select-AzureSubscription -SubscriptionId <id>
Finally, try again.
Related
I am new to powershell so would need need to resolve this issue.
We are trying to execute a powershell script via Azure devops pipelines and the script is made to access a network shared drive to identify a particular file.
The script runs perfectly fine in the gui session and is able to get the file.
However when we run it from AZ pipelines, it fails stating the access is denied.
The user being used in AZ Pipelines has admin access over the file.
The N/w drive path looks something like this.
\\ServerName\builds\PACKAGES\MainMasterBuildDrop\MainScheduledBuild\axmodel
Code ::
$locr = "\\ServerName\builds\PACKAGES\MainMasterBuildDrop\MainScheduledBuild\axmodel"
$axfiler = Get-ChildItem -Path $locr | Select FullName | ft -hidetableheaders | Out-String
$filever = $($($axfiler.split("\")[-1]).Split("_")[-1]).Replace(".axmodel", "")
Error ::
2022-01-14T07:19:22.6339088Z o -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command ". 'C:\User
2022-01-14T07:19:22.6339869Z s\SRV_Deployment\AppData\Local\Temp\61e3d867-9d07-41cc-91c1-c4a04717bc2d
2022-01-14T07:19:22.6340311Z .ps1'"
2022-01-14T07:19:22.6340436Z
2022-01-14T07:19:22.7446332Z ls : Access is denied
2022-01-14T07:19:22.7446823Z At line:1 char:1
2022-01-14T07:19:22.7447184Z + & 'C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe' -NoLogo ...
2022-01-14T07:19:22.7447867Z + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2022-01-14T07:19:22.7448434Z + CategoryInfo : NotSpecified: (ls : Access is denied:String) [],
2022-01-14T07:19:22.7448858Z RemoteException
2022-01-14T07:19:22.7449188Z + FullyQualifiedErrorId : NativeCommandError
2022-01-14T07:19:22.7449545Z
2022-01-14T07:19:22.7449643Z
2022-01-14T07:19:22.7618724Z At E:\DeploymentTeam\Scripts\DeploymentValidation\Test.ps1:1 char:1
2022-01-14T07:19:22.7619629Z + ls "\\Server\builds\PACKAGES\MainMasterBuildDrop\ ...
2022-01-14T07:19:22.7620370Z + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2022-01-14T07:19:22.7620732Z
2022-01-14T07:19:22.7620874Z
2022-01-14T07:19:22.7731192Z + CategoryInfo : PermissionDenied: (\\ServerName\...edBuild\axmo
2022-01-14T07:19:22.7731830Z del:String) [Get-ChildItem], Unauthoriz
2022-01-14T07:19:22.7732125Z
2022-01-14T07:19:22.7732299Z
2022-01-14T07:19:22.7845365Z edAccessException
2022-01-14T07:19:22.7845602Z
2022-01-14T07:19:22.7846744Z
2022-01-14T07:19:22.7966282Z + FullyQualifiedErrorId : ItemExistsUnauthorizedAccessError,Microsoft.Power
2022-01-14T07:19:22.7966826Z Shell.Commands.GetChildItemCommand
2022-01-14T07:19:22.7966978Z
2022-01-14T07:19:22.7967080Z
I'm trying to create an access policy so that I can create meetings using Microsoft Graph API on the user's behalf. To do this I need to do a script that is similar to this:
Connect-MicrosoftTeams
New-CsApplicationAccessPolicy -Identity Random -AppIds "applicationid" -Description "Users"
Grant-CsApplicationAccessPolicy -PolicyName Random -Identity "userId"
But when I try to run the second line I get this error:
At C:\Program Files\WindowsPowerShell\Modules\MicrosoftTeams\2.3.1\net472\SfBORemotePowershellModule.psm1:63 char:22
+ $remoteSession = & (Get-CsOnlineSessionCommand)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-CsOnlineSession], UnauthorizedAccessException
+ FullyQualifiedErrorId : UnauthorizedAccessException,Microsoft.Teams.ConfigApi.Cmdlets.GetCsOnlineSession
Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument that is
not null or empty, and then try the command again.
At C:\Program Files\WindowsPowerShell\Modules\MicrosoftTeams\2.3.1\net472\SfBORemotePowershellModule.psm1:22959 char:38
+ ... -Session (Get-PSImplicitRemotingSession -CommandName 'New-CsApplic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Invoke-Command], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
I'm guessing it has something to do with the first command that it's not remembering my login, but I can't find anywhere on how to do this. Does anyone know what I'm doing wrong and what the correct way is?.
Edit:
I finished the first problem. I needed to create an account on the active directory itself because Microsoft accounts weren't allowed. But my second error is still here:
Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument that is
not null or empty, and then try the command again.
At C:\Program Files\WindowsPowerShell\Modules\MicrosoftTeams\2.3.1\net472\SfBORemotePowershellModule.psm1:22959 char:38
+ ... -Session (Get-PSImplicitRemotingSession -CommandName 'New-CsApplic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Invoke-Command], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
Is there a way to set the session via a parameter or is this something you need to do outside this method?
I want to check if VMHost is configured with Syslog forwarding
I have written the following cmdlets but it is not giving "Syslog forwarding" status.
$esxcli = Get-EsxCli -VMHost abc.com
$esxcli.system.syslog | Select-Object *
$esxcli.system.syslog | gm is returning an error
gm : You must specify an object for the Get-Member cmdlet.
At line:1 char:25
+ $esxcli.system.syslog | gm
+ ~~
+ CategoryInfo : CloseError: (:) [Get-Member], InvalidOperationException
+ FullyQualifiedErrorId : NoObjectInGetMember,Microsoft.PowerShell.Commands.GetMemberCommand
$esxcli.system.syslog.config.get() is returning an error:
You cannot call a method on a null-valued expression.
At line:1 char:1
+ $esxcli.system.syslog.config.get()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
PowerCLI includes the Get-VMHostSysLogServer cmdlet. In the context of your question, this command would return the Syslog Server for the VMHost abc.com:
Get-VMHostSysLogServer -VMHost abc.com
Trying PS command:
Set-FsrmFileGroup -Name "Anti-Ransomware File Groups" -IncludePattern #((Invoke-WebRequest -Uri "https://fsrm.experiant.ca/api/v1/combined" -UseBasicParsing).Content | ConvertFrom-Json | % {$_.filters})
Getting error:
New-FsrmFileGroup : Invalid namespace
At line:1 char:1
+ New-FsrmFileGroup -Name "Anti-Ransomware File Groups" -IncludePattern #((Invoke- ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : MetadataError: (MSFT_FSRMFileGroup:Root/Microsoft/...T_FSRMFileGroup) [New-FsrmFileGroup], CimException
+ FullyQualifiedErrorId : HRESULT 0x8004100e,New-FsrmFileGroup
I also notice some errors in FSRM:
Firewall is off and I am domain admin running this as admin. SFC and a WMI repair came back as good. I am going based off a guide (https://fsrm.experiant.ca/). This has worked across a ton of other servers so I don't believe the commands to be improperly formatted.
Output of Get-WmiObject -Namespace 'Root/Microsoft/Windows/Fsrm' -List:
Get-WmiObject : Could not get objects from namespace Root/Microsoft/Windows/Fsrm.
Invalid namespace
At line:1 char:1
+ Get-WmiObject -Namespace 'Root/Microsoft/Windows/Fsrm' -List
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : INVALID_NAMESPACE_IDENTIFIER,Microsoft.PowerShell.Commands.GetWmiObjectCommand
We are trying to setup a machine for PSRemoting using the following command
Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI
for some reason this only works when we open the powershell in the context of a domain user who is a local administrator.
PS C:\Windows\system32> Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI
Confirm
Are you sure you want to perform this action?
Performing operation "Set-PSSessionConfiguration" on Target "Name:
Microsoft.PowerShell".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help
(default is "Y"):A
Access is denied.
At line:15 char:26
+ if ((!$pluginName) -or <<<< !(test-path "$pluginDir"))
+ CategoryInfo : InvalidOperation: (:) [], InvalidOperationExcept
ion
+ FullyQualifiedErrorId : WsManError
Join-Path : Access is denied.
At line:22 char:35
+ $pluginFileNamePath = Join-Path <<<< "$pluginDir" 'FileName'
+ CategoryInfo : NotSpecified: (:) [Join-Path], InvalidOperationE
xception
+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.Power
Shell.Commands.JoinPathCommand
Test-Path : Cannot bind argument to parameter 'Path' because it is an empty str
ing.
At line:23 char:19
+ if (!(test-path <<<< "$pluginFileNamePath"))
+ CategoryInfo : InvalidData: (:) [Test-Path], ParameterBindingVa
lidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAl
lowed,Microsoft.PowerShell.Commands.TestPathCommand
Get-Item : Cannot bind argument to parameter 'LiteralPath' because it is an emp
ty string.
At line:29 char:43
+ $pluginFileName = get-item -literalpath <<<< "$pluginFileNamePath"
+ CategoryInfo : InvalidData: (:) [Get-Item], ParameterBindingVal
idationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAl
lowed,Microsoft.PowerShell.Commands.GetItemCommand
Set-PSSessionConfiguration : Session Configuration "Microsoft.PowerShell" is no
t a PowerShell based shell.
At line:89 char:27
+ Set-PSSessionConfiguration <<<< $args[0] $args[1] $args[2] $args[3] $args[4]
$args[5] $args[6] $args[7] $args[8]
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorExcep
tion
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorExceptio
n,Set-PSSessionConfiguration
PS C:\Windows\system32>
it looks to me that there is something that is preventing access to the wsman:\localhost\plugin but can't understand how that can be fixed. This only happens in our test bed, but in our development environment we have no such issues.
Does any one have any clue as to what additional user access is for this command to work that an local administrator user may not have?
Here is an article that explains how to resolve this problem... basically to fix this you set LocalAccountTokenFilterPolicy to True in the registry.
http://www.shirmanov.com/2011/04/winrm-access-is-denied-on-local.html