I am trying to run 'Connect-AzureVM' by importing it from the gallery. But no service or VM are created as I get these errors in job 'History'. The credential 'xyz' and subscription name 'ABC' both exist; I don't know why it's throwing an error.
workflow m1
{
$Cred = Get-AutomationPSCredential -Name "xyz"
Add-AzureAccount -Credential $Cred
InlineScript {
Select-AzureSubscription -SubscriptionName "ABC"
Get-AzureVM | select InstanceName
}
}
I am getting these errors:
Error: System.Management.Automation.ParameterBindingValidationException: Cannot bind argument to parameter 'Credential' because it is null
Error: The subscription named 'ABC' cannot be found. Use Set-AzureSubscription to initialize the subscription data.
It appears $Cred is null in the above runbook. Are you sure you have created the credential "xyz" as an Automation credential asset in the automation account where this runbook is running?
If you add the lines:
$CredIsNull = $Cred -eq $Null
Write-Output $Cred
Write-Output $CredIsNull
When you run the runbook, what does it output for $Cred and $CredIsNull?
Related
My problem
I try to run Get-AzureADGroup connected with an App Registration, but get this error message:
Get-AzureADGroup : You must call the Connect-AzureAD cmdlet before
calling any other cmdlets.
But what I am running is:
$secPasswd = ConvertTo-SecureString $secret -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential($appId , $secpasswd)
Connect-AzAccount -Credential $cred -ServicePrincipal -Tenant $tenantId
$gpe = Get-AzureADGroup -SearchString "group1"
Connect-AzAccount is run, so I don't understand this error message.
My execution context
I just created an App Registration and a secret to connect with.
What I need
Why do I get this message since I run Connect-AzureD?
What should I do?
Thanks
Comments are helpful.
Get-AzureADGroup is under Azure AD module while Connect-AzAccount is under Az.Accounts module. They are different.
To run Get-AzureADGroup, you need to sign in with Connect-AzureAD which is the login command in Azure AD module.
If you don't want to install Azure AD module, you can choose to use Get-AzADGroup instead of Get-AzureADGroup.
I have a PowerShell script which works fine on windows server 2016 azure VM but fails to execute the same script from my build agent which is also window server 2016 OS azure VM.
No errors get logged in PowerShell due to which i am not able to figure out what is the reasons?
Is there any Prerequisites that i need to validate or install on the server for executing this script?
Below is the script which execute batch file present on another another VM.
$Username = 'ABC'
$Password = 'XYZ'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
try {
Invoke-Command -ComputerName "ServerName" -credential $cred -ErrorAction Stop -ScriptBlock {Invoke-Expression -Command:"cmd.exe /c 'C:\CI\Demo_CI.bat'"
Write-Host "done"
}
} catch {
Write-Host "error"
}
I believe what you are facing here is a Credential delegation issue, You can try enabling CredSSP in your build agent and the target "ServerName". To know more about credssp , see here, therwise you will have to use psexec in CI.
I am trying to develop a custom task using Powershell which needs to use Start-Job -Cred to switch to another user in places. Agent is running as user A and I need to switch to user B. Logging in to the server running the agent as user A and then running the script works fine - the Start-Job switches credentials and runs a scriptblock as user B.
Running exactly the same thing from VSTS in the cloud using the same (on-prem) agent server running the agent as user A fails with the uninformative error:
"The background process reported an error with the following message: ."
I have done more debugging and there is no other error message anywhere. It seems to be related to the -Cred parameter of Start-Job as it makes no difference what is in the script block run and if I remove the -Cred parameter, it's also fine.
User A is in the Adminstrators group on the server running the agent
Agent runs as user A
Any ideas?
Try it with Invoke-Command, for example (output current user name):
$mypwd = ConvertTo-SecureString -String "[password, could use variable]" -Force -AsPlainText
$Cred = New-Object System.Management.Automation.PSCredential('[user name]',$mypwd)
$scriptToExecute =
{
$VerbosePreference='Continue'
Write-Output "$env:UserName"
# Write-Verbose "Verbose" 4>&1
}
$b = Invoke-Command -ComputerName localhost -ScriptBlock $scriptToExecute -Credential $Cred
Write-Output "Content of variable B"
Write-Host $b
Based on your experiences, your credentials are not being passed properly. Try this method and insert it into your script:
Outside of your script, get the securestring object-
Read-Host -AsSecureString | ConvertFrom-SecureString
Take the output of this command (where you enter the password), and put it before your start-job-
$Secure = ConvertTo-SecureString -String 'above output'
$Cred = New-Object System.Management.Automation.PSCredential('Username',$Secure)
Start-Job -Credential $Cred
The SecureString can be reversed by someone with know-how, but if the script and/or account is secure, then that doesn't matter.
I am unable to run the ‘Get-Azurermlog’ in Azure runbook.I get the error "The term 'Get-Azurermlog' is not recognized as the name of a cmdlet, function, script file, or operable program". It a standard powershell cmdlet and works fine on my laptop PS console. Please advise.
workflow Write-SB
{
$Cred = Get-AutomationPSCredential -Name ‘Cre’
Add-AzureAccount -Credential $Cred
Select-AzureSubscription -SubscriptionName “My subscription”
InlineScript
{
Get-Azurermlog }
}
You have to install Azure Powershell.
You can follow the instructions here:
https://azure.microsoft.com/en-us/documentation/articles/powershell-install-configure/
I am getting the following error. I am in fact setting the default subscription name.
4/27/2015 10:28:28 AM, Error: Get-AzureVM : No default subscription
has been designated. Use Select-AzureSubscription -Default
to set the default subscription. At test:9 char:9
+
+ CategoryInfo : CloseError: (:) [Get-AzureVM], ApplicationException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.GetAzureVMCommand
Here is my code:
workflow test
{
# Initial set up
$Cred = Get-AutomationPSCredential -Name "******"
Add-AzureAccount -Credential $Cred
Select-AzureSubscription -Default -SubscriptionName 'Beebunny'
$vmName = "MyMachineName"
Get-AzureVM -servicename $vmName
Write-output "All done."
}
If I try Select-AzureSubscription -Default 'SubscriptionName' it throws an error saying the syntax is invalid.
Edit: I have also tried Select-AzureSubscription -SubscriptionName 'SubscriptionName' without the Default flag.
Funny thing is that if I run this in AzurePS directly from Windows, it runs just fine. I am about 95% sure this is an Azure bug but wanted to get a second opinion first.
What version of the Azure module do you have loaded? Are you using the default module provided by the Automation service? Also, have you imported any other modules to this subscription?
Try creating a clean runbook with the following code, replacing the credential and subscription with the proper names. Can you get the credential and authenticate successfully?
workflow Test-GetVM
{
$Cred = Get-AutomationPSCredential -Name 'AdAzureCred'
if(!$Cred) {
Throw "Could not find an Automation Credential Asset named. Make sure you have created one in this Automation Account."
}
$Account = Add-AzureAccount -Credential $Cred
if(!$Account) {
Throw "Could not authenticate to Azure. Make sure the user name and password are correct."
}
Select-AzureSubscription -SubscriptionName "Visual Studio Ultimate with MSDN"
Get-AzureVM
}
UPDATE: Do you have the Resource Manager module loaded to the subscription as well?
I had the same problem and the solution was execute Add-AzureAccount, do the login process requested and once done all was working.