Guid Error on connect-azurermaccount and others #6410
Comments
|
@jasonpnnl The call stack is complaining about the tenant id. Are you providing a GUID tenant ID in this case, or are you providing the tenant name? |
|
@markcowl thanks for your question. The same thing happens with both. I have tried supplying the tenant ID as a GUID or as the tenant name. Primarily I use the tenant name. Sometimes the Connect-AzureRmAccount will succeed with the tenant name, more frequently it fails with the above error. This was not happening prior to a week or two ago. I updated AzureRM modules and started using cert auth about this time. |
|
Debug output when using GUID tenantID in case this helps. connect-azurermaccount -ServicePrincipal -CertificateThumbprint $thumbprint -ApplicationId <applicationid guid> -TenantId <tenantid guid>
DEBUG: 12:46:33 PM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'ServicePrincipalCertificateWithSubscriptionId'.
DEBUG: 12:46:33 PM - using account id '<removed>'...
DEBUG: 12:46:33 PM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 12:46:33 PM - No autosave setting detected in environment variable 'AzureRmContextAutoSave'.
DEBUG: 12:46:33 PM - Using Autosave scope 'CurrentUser'
DEBUG: [Common.Authentication]: Authenticating using configuration values: Domain: '<removed>', Endpoint: 'https://login.microsoftonline.com/', ClientId:
'<removed>', ClientRedirect: 'urn:ietf:wg:oauth:2.0:oob', ResourceClientUri: 'https://management.core.windows.net/', ValidateAuthrity: 'True'
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 06/07/2018 19:46:33: <removed> - AcquireTokenHandlerBase: === Token Acquisition started:
Authority: https://login.microsoftonline.com/<removed>/
Resource: https://management.core.windows.net/
ClientId: <removed>
CacheType: Microsoft.Azure.Commands.Common.Authentication.ProtectedFileTokenCache (3 items)
Authentication Target: Client
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 06/07/2018 19:46:33: - TokenCache: Deserialized 3 items to token cache.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 06/07/2018 19:46:33: <removed> - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 06/07/2018 19:46:33: <removed> - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 :
DEBUG: 06/07/2018 19:46:33: <removed> - TokenCache: 52.9762195933333 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 06/07/2018 19:46:33: <removed> - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 :
DEBUG: 06/07/2018 19:46:33: <removed> - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash: <removed>
Refresh Token Hash: [No Refresh Token]
Expiration Time: 06/07/2018 20:39:32 +00:00
User Hash: null
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/subscriptions?api-version=2016-06-01
Headers:
x-ms-client-request-id : <removed>
accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Pragma : no-cache
x-ms-ratelimit-remaining-tenant-reads: 14999
x-ms-request-id : 2ce79668-6799-4ccb-b7d4-c1facb894705
x-ms-correlation-request-id : 2ce79668-6799-4ccb-b7d4-c1facb894705
x-ms-routing-request-id : NORTHCENTRALUS:20180607T194634Z:2ce79668-6799-4ccb-b7d4-c1facb894705
Strict-Transport-Security : max-age=31536000; includeSubDomains
X-Content-Type-Options : nosniff
Cache-Control : no-cache
Date : Thu, 07 Jun 2018 19:46:33 GMT
Body:
{
<snip>
]
}
connect-azurermaccount : Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
At line:1 char:1
+ connect-azurermaccount -ServicePrincipal -CertificateThumbprint $thum ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Connect-AzureRmAccount], FormatException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
DEBUG: AzureQoSEvent: CommandName - Connect-AzureRmAccount; IsSuccess - False; Duration - 00:00:01.3216099; Exception - System.FormatException: Guid should contain 32 digits with 4
dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
at System.Guid.GuidResult.SetFailure(ParseFailureKind failure, String failureMessageID, Object failureMessageFormatArgument, String failureArgumentName, Exception innerException)
at System.Guid.TryParseGuidWithNoStyle(String guidString, GuidResult& result)
at System.Guid.TryParseGuid(String g, GuidStyles flags, GuidResult& result)
at System.Guid..ctor(String g)
at Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureTenantExtensions.GetId(IAzureTenant tenant)
at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.<>c__DisplayClass45_0.<TryFindContext>b__0(KeyValuePair`2 c)
at System.Linq.Enumerable.FirstOrDefault[TSource](IEnumerable`1 source, Func`2 predicate)
at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.TryFindContext(IAzureContext context, String& name)
at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.TrySetDefaultContext(IAzureContext context)
at Microsoft.Azure.Commands.Common.Authentication.ResourceManager.AzureRmAutosaveProfile.TrySetDefaultContext(IAzureContext context)
at Microsoft.Azure.Commands.Common.Authentication.ResourceManager.AzureRmAutosaveProfile.TrySetDefaultContext(String name, IAzureContext context)
at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String
subscriptionName, SecureString password, Boolean skipValidation, Action`1 promptAction, String name)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass83_0.<ExecuteCmdlet>b__0(AzureRmProfile localProfile, RMProfileClient profileClient, String name)
at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action`3 setContextAction)
at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 12:46:35 PM - ConnectAzureRmAccountCommand end processing.
DEBUG: 12:46:35 PM - ConnectAzureRmAccountCommand end processing.``` |
|
@jasonpnnl Hey Jason, would you mind running |
|
Closing this issue for inactivity. @jasonpnnl If you still run into this issue after following the instructions in the previous comment, feel free to reopen. |
|
Still receiving this error. |
|
@lanndoc Are you running the most current version of AzureRM, and have you tried running the commands Cormac described above? |
|
Thank you yes, i did,
Everything is working as it should.
…On Wed, Jul 25, 2018 at 1:18 PM Maddie Clayton ***@***.***> wrote:
@lanndoc <https://github.com/lanndoc> Are you running the most current
version of AzureRM, and have you tried running the commands Cormac
described above?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#6410 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AbR9m0sP86d0zM9REWCpuHr1JTU3a_MQks5uKKhfgaJpZM4UdeWA>
.
|
|
Hi, I hit the exact same issue, and wasted about half a day trying to figure out what was wrong. Running |
|
My question now is, how do I apply this workaround in the context of a script. Do I need to include something in each script to allow it to function or will this fix apply to all scripts? Also, is this a bug? Is there something that needs to be fixed to make it so this workaround isn't necessary or is this working as intended? Can you help explain what is happening here? |
|
@jasonpnnl @joslevin we are currently working on fixing this bug. This occurs when running We plan on tracking the status of this bug with issue #6709 |
|
@cormacpayne Thanks for your reply! |
|
@jasonpnnl @joslevin candidate fix for this issue can be found in PR #6822 |
Description
Receive Guid should contain 32 digits with 4 dashes when running some azure powershell commands, including connect-azurermaccount with cert auth.
Script/Steps for Reproduction
It does not happen all the time. Unknown what causes it to start working again and then break again.
Module Version
Environment Data
Debug Output
The text was updated successfully, but these errors were encountered: