Tag: cloud


Add Azure CentOs server to Domain


Joining a Linux machine to a Windows domain is not straight forward.

You will need to connect to the server via an SSH app (f.eks Putty)

  1. Sign-in with the admin and password you created when deploying the server
  2. To do some of the commands you will need to be ROOT, but you don’t know this password, so run the following command: sudo -i
    enter the password for the adm account you created
  3. Install realm: yum install realm realmd -y
  4.  Add to domain: realm join yourdomain.com –user youradmin@yourdomain.com
     If you get error: realm: Couldn’t join realm: Necessary packages are not installed: oddjob, oddjob-mkhomedir, sssd, samba-common-tools, you need to install the missing packages.
    f.eks: yum install oddjob -y 

And now the machine is in the domain

 

 

 


Select Azure Subscription to work with


When you have a larger organisation, you will have several Azure Subscriptions to work against. So here is how you switch.

1. Open Powershell

2. Type in: Add-AzureRmAccount​
(in pop-up enter admin id and password)

3. It will list up the subscription you are connected to when you have authenticated


4. Type in: Get-AzureRmSubscription
(will list out all your subscriptions)

5. Find the Subscription you want to connect to

6. Type in: Select-AzureRmSubscription -SubscriptionId “ENTER THE SUBSCRIPTION ID”

You can choose SubscriptionName too, but I prefere SubscriptionID


Can’t Create Resources in Resource Group


I created a resource group and gave my colleague the contributor access to the resources group.

Then he was going to deploy Logic App, but got an error that he does not have access and is not authorized. So he tried to deploy a VM, same issue.
I deployed Logic App for him (not problem).

The error he gets looks like this:
Resource creation fails with the error which looks like below- Registering the resource providers has failed. Additional details from the underlying API that might be helpful: ‘AuthorizationFailed’ – The client xxx@xxx.com’ with object id ‘af648edh-5336-sf55-ff2f-14873afdc259’ does not have authorization to perform action ‘Microsoft.Compute/register/action’ over scope ‘/subscriptions/245455vgd4-34gg-afe4-975f-3345gdgs34s’. (Code: AuthorizationFailed)

Hmmmm….. What’s going on here?

With the contributor access to a resource group, you can create a resource e.g. a VM or Logic App. What went wrong here if we look at the error message and focus on ‘Microsoft.Compute/register/action’ over scope ‘/subscriptions/245455vgd4-34gg-afe4-975f-3345gdgs34s’. is that he is not authorized to create a resource, it is the authorization error to register a resource provider. So how do we solve it?

Well after a bit of Googling if found a solution that worked for me,

  • ​Log into Azure with an identity which has a subscription level access to register a resource provider e.g. admin/owner.
  •  Using PowerShell (PoSh) register the resource providers you need at the subscription level. You can also see which providers are available and registered already.

Open Powershell and enter the following:

– Login-AzureRmAccount

#List out all Subscriptions you have access to
– Get-AzureRmSubscription

– $subscriptionId= “<Subscription Id>”

– Select-AzureRmSubscription -SubscriptionId $subscriptionId

 
#List all available providers and register them
– Get-AzureRmResourceProvider -ListAvailable | Register-AzureRmResourceProvider -Force​​
*****UPDATE****
with the “new” AZ Module, you can now run this command:
Get-AzResourceProvider -ListAvailable | Register-AzResourceProvider