none
Set-AzureRmDataLakeStoreItemAclEntry fails with account name incalid

    Question

  • hi there,

    I want to execute powershell and grant permissions on our ADLS account. I am using the following command

    Set-AzureRmDataLakeStoreItemAclEntry -AccountName $ADLSAccountName -Path / -AceType User -Id $Id -Permissions All

    I get the following error. It was working a few days ago but not working now. Can you please check?

    WARNING: The output type defined for this cmdlet is incorrect and will be updated to reflect what is actually returned

    (and defined in the help) in a future release.
    Set-AzureRmDataLakeStoreItemAclEntry : Account name accountname.azuredatalakestore.net/ is invalid. Specify
    the full account including the domain name.
    At line:1 char:1
    + Set-AzureRmDataLakeStoreItemAclEntry -AccountName "eventstoragem365ap ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : CloseError: (:) [Set-AzureRmDataLakeStoreItemAclEntry], ArgumentException
        + FullyQualifiedErrorId : Microsoft.Azure.Commands.DataLakeStore.SetAzureDataLakeStoreItemAclEntry

    The account exists and its name contains small letters and numbers

    Thanks

    Friday, January 4, 2019 9:26 PM

All replies

  • What changes have you made to the account? Have you tried with full account including the domain name?

    Monday, January 7, 2019 6:18 AM
    Moderator
  • I don't know how/where to get my full account name. for example my account is "testppeaccount" then what is my full account name including domain?
    Monday, January 7, 2019 9:34 PM
  • Domain name is nothing but the Data Lake Store default name. Ex: testppeaccount.azuredatalakestore.net.

    You may check the documentation and blog post for reference.

    Tuesday, January 8, 2019 11:10 AM
    Moderator
  • I can see how this can be confusing - 

    First prove to yourself that you are using 6.13.1 (what I have at this time) via:

    Get-Module AzureRM -ListAvailable | Select-Object -Property Name, Version, Path

    For the following example, let:

    • $DataLakeAccountName = "myscladls"

    With this, you should always confirm first that the ADLS exists via:

    If (Test-AzureRmDataLakeStoreAccount -Name $DataLakeAccountName)

    {

    # Then run the "Set-AzureRmDataLakeStoreItemAclEntry"

    }

    • When you run "Test-AzureRmDataLakeStoreAccount -Name $DataLakeAccountName", the $DataLakeAccountName is the ADLS string name "myscladls".
    • When you run "Set-AzureRmDataLakeStoreItemAclEntry", the -Account param needs to be "myscladls.azuredatalakestore.net".

    That will resolve your error.


    SCL

    • Proposed as answer by Sean Leavitt Tuesday, March 19, 2019 3:21 PM
    Tuesday, March 19, 2019 3:20 PM
  • Hi Sean,

    Thanks for adding your insights for the issue, which might be beneficial to other community members reading this thread. 

    Wednesday, March 20, 2019 6:19 AM
    Moderator