The VSTS task - Azure File Copy keeps giving me an access denied error, even though I have configured WinRM over HTTPS for my Azure VM.
I am running the build agent locally (not hosted) and from my machine, I am successfully able to PsRemote into my Azure VM.
i.e. Enter-PsSession executes successfully.
I tried giving all sorts of combinations for the user from .\Administrator .\administrator nithish and .\nithish (which is the user name I chose while creating the VM)
What can be the problem here?
Detailed error
Connecting to remote server dscwitharm.eastus2.cloudapp.azure.com failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.To fix WinRM connection related issues, select the 'Enable Copy Prerequisites' option in the task. If set already, and the target Virtual Machines are backed by a Load balancer, ensure Inbound NAT rules are configured for target port (5986). Applicable only for ARM VMs. For more info please refer to https://aka.ms/azurefilecopyreadme
Please try to use HOSTNAME\username instead of username in VSTS task. I had same problem, and it solved now.
In Your case it will be DSCWITHARM\admin_username_or_whatever_you_are_using
I have similar problem.
During vsts task copy to ARM VMs does not work at all. I can conect to target host via ssl version of WinRM using powershell.
Upload on blob storage also works fine.
2016-09-16T13:22:30.9409877Z ##[error]Connecting to remote server _______________ failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.To fix WinRM connection related issues, select the 'Enable Copy Prerequisites' option in the task. If set already, and the target Virtual Machines are backed by a Load balancer, ensure Inbound NAT rules are configured for target port (5986). Applicable only for ARM VMs. For more info please refer to https://aka.ms/azurefilecopyreadme
2016-09-16T13:22:30.9878694Z Finishing task: AzureFileCopy
Related
I am trying to install Oracle Client 19c when i starts the installation its freezes at stage 1, checked logs it hangs on "INFO: Checking whether the IP address of the localhost could be determined...", i refer some article to skip stage mentioned step but it also stuck on stage 7.
My System is in Domain
I tried the installation on recently formatted System and it worked with antivirus.
also tried to disable the Antivirus from my system but faced the same freezing issues. if unjoin the Domain and try it works.
I suspect the issue with any Domain Policy but dont understand the which policy is creating the problem, please suggest the solution.
If you are seeing "Reading from the pipe" message in ...\Inventory\logs OUT files then, login Windows with an admin account and run the services called "Server" and "Workstation".
I am attempting to take my existing cloud composer environment and connect to a remote SQL database (Azure SQL). I've been banging at my head at this for a few days and I'm hoping someone can point out where my problem lies.
Following the documentation found here I've spun up a GKE Service and SQL Proxy workload. I then created a new airflow connection as show here using the full name of the service azure-sqlproxy-service:
I test run one of my DAG tasks and get the following:
Unable to connect: Adaptive Server is unavailable or does not exist
Not sure on the issue I decide to remote directly into one of the workers, whitelist that IP on the remote DB firewall, and try to connect to the server. With no command line MSSQL client installed I launch python on the worker and attempt to connect to the database with the following:
connection = pymssql.connect(host='database.url.net',user='sa',password='password',database='database')
From which I get the same error above with both the Service and the remote IP entered in as host. Even ignoring the service/proxy shouldn't this airflow worker be able to reach the remote database? I can ping websites but checking the remote logs the DB doesn't show any failed logins. With the generic error and not many ideas on what to do next I'm stuck. A few google results have suggested switching libraries but I'm not quite sure how, or if I even need to, within airflow.
What troubleshooting steps could I take next to get at least a single worker communicating to the DB before moving on the the service/proxy?
After much pain I've found that Cloud composer uses ubuntu 1804 which currently breaks pymssql as per here:
https://github.com/pymssql/pymssql/issues/687
I tried downgrading to 2.1.4 to no success. Needing to get this done I've followed the instructions outlined in this post to use pyodbc.
Google Composer- How do I install Microsoft SQL Server ODBC drivers on environments
I have been trying to setup Docker in Windows Server 2016 in an AWS instance to run an IIS program.
From this question,
Cannot access an IIS container from browser - Docker, IIS has been setup inside a container and it is accessible from the host without port mapping.
However, if I want to allow other users from the Internet/Intranet to access the website, after Google-ing it, I guess we do need port mapping...
The error I have encountered in port mapping is given in the above question so... I guess using nat is not the correct option. Therefore, my team and I tried to create another network (custom/bridge) following instructions from
https://docs.docker.com/v17.09/engine/userguide/networking/#user-defined-networks
However, we cannot create a network as follows:
; Googled answer:
https://github.com/docker/for-win/issues/1960
My team guessed maybe its because AWS blocked that option, if anyone can confirm me, please do.
Another thing that I notice is: when we create an ECS instance in AWS,
So... only default = NAT network mode is accepted in Windows server?
Our objective: put the container hosted IIS application to Internet/Intranet in Windows Server 2016...
If anyone has any suggestion/advice, please tell me, many thanks.
I am getting below error when trying to login into my AWS EC2 instance. Last login was around 2 weeks back and everything was working fine so the password I am using is correct. No other information is available on the error message.
Is there a way I can see any logs through management console ?
Appreciate any help on this.
Remote Desktop Connection
An authentication error has occurred.The function requested is not supported
It seems like you are facing this issue.
Bottemline, This is caused by a Microsoft Security Patch. The Microsoft Security patch issued on Tuesday, May 8th 2018 triggered the problem by setting and requiring remote connections at the highest level.
Simply adjust the Remote Desktop settings on the host machine to a lower security level. From File Explorer, choose Computer, right-click and select Properties, then click Change Settings, and go to the Remote tab.
From Windows 10, uncheck the option to “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)”
From Windows 7, it’s setting the option to the Less Secure option rather than More Secure
Once these are set, users can remote to the machine again.
If you don't have any other way into the machine except Remote Desktop, I'm afraid the machine is lost.
For anyone facing this issue. Below is response from AWS technical support team:
Looking at the error message you posted, this is due to a recent patch (KB4103727) that Microsoft has released to fix a vulnerability. It is a mandatory requirement from Microsoft that both the client machine (the computer from which you are trying to RDP into your instances) and the remote server (your EC2 instance) has the latest updates installed. If one of these machines has the latest updates installed and the other does not, RDP connection would fail.
Note: If you see your Windows is up to date and you do not see the KB4103727 installed, it could be a different KB article which applied the KB4103727 as a cumulative update. If this is the case, please uninstall all KBs that were installed recently before the RDP connection was broken.
For more information about this hotfix, please refer to the Microsoft documentation below:
https://blogs.technet.microsoft.com/yongrhee/2018/05/09/after-may-2018-security-update-rdp-an-authentication-error-occurred-this-could-be-due-to-credssp-encryption-oracle-remediation/
https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
There are multiple workarounds for this issue:
Option 1: If the update is installed on your client (workstation) and is not installed on your EC2 instance.
Uninstall KB4103727 from your client machine. After you uninstall the KB and gain RDP access to the EC2 instance, you can patch the instance with latest updates first and then update your client machine with the KB by running Windows Update again.
Alternately, you can keep your client machine updated and you can install latest Windows updates on your EC2 instance remotely using SSM Run Command. For detailed instructions on how to configure your instance to use SSM Run Command, please refer to the below documentation:
SSM Prerequisites: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-prereqs.html
Run Command Tutorial: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/tutorial_run_command.html#rc-tutorial-ui
After you configure your instance to use SSM Run Command, you can execute the Run Command document "AWS-InstallWindowsUpdates" remotely on your instance.
Option 2: If the KB is installed on your EC2 instance and is not installed on your client machine
Run Windows Update on your client machine and install latest software updates. Once the latest updates are installed on both your instance and the client machine, you should be able to RDP into the instance.
Alternately, if you have a backup AMI or an EBS snapshot created before the patch was installed on your EC2 instance, you may consider restoring your instance from the backup to roll back the installed software updates.
Option 3: There is a workaround suggested by third party websites to disable the check altogether on the unpatched Windows machine and RDP should work normally. On the unpatched machine, open a command prompt with Administrator privileges and run the command mentioned below:
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters" /f /v AllowEncryptionOracle /t REG_DWORD /d 2
Please note, you may have to reboot your Windows machine for the changes to take effect after you install/uninstall the KB.
So, finally I had to uninstall mentioned update from client machine(using which I was trying to connect to the aws instance) which allowed me to connect to the instance. Once connect, I updated the instance with windows updates and rebooted it which resolved the issue.
I have RAILO (Railo 3.1.2.001 final) installed on an AMAZON EC2 instance and everything seems to be working fine for the tests I have done. I can connect to mySQL and simple commands work. The applications I am planning to run on it make extensive use of CFFTP to pull files in from clients and process them. The OPEN command works fine and I get a succeeded in Active and Passive mode, but when I try to do anything (check for a file, put a file, download) I get : 500 Illegal PORT command.
My thought here is the AMAZON firewall is blocking some ports and something needs to be setup for this to function.
Anyone have any experience with this and can point me in the correct direction?
Thanks in advance,
Jeff
do you connect from outside amazon to the instance ? if you do check the security group and allow the ip/port for your application.