locked
Install Azure Stack POC, "To sign into this application the account must be added to the management.core.windows.net directory." RRS feed

  • Question

  • I'm getting the error in bold when trying to Install Azure Stack POC script. I created a global admin & a tenant account in AAD.

    How do I added the account (s) to management.core.windows.net directory?

    VERBOSE: Starting AzureStack configuration.

    Get-AADToken : Exception calling "AcquireToken" with "3" argument(s): "AADSTS50034: To sign into this application the account must be added to the management.core.windows.net directory.
    Trace ID: dcf04a7f-1f0a-4c2a-9e67-4a5dc6afb9e2
    Correlation ID: 0d5e2f3c-9546-4de1-bf72-fb086ae5dfe9
    Timestamp: 2017-02-14 17:52:57Z"
    At C:\CloudDeployment\Setup\Common\AzureADConfiguration.psm1:133 char:14
    + ...    $token = Get-AADToken -ResourceUri $AzureURIs.ManagementServiceUri ...
    +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (:) [Get-AADToken], MethodInvocationException
        + FullyQualifiedErrorId : AdalServiceException,Get-AADToken

    Tuesday, February 14, 2017 6:31 PM

Answers

All replies

  • Hello,

    Before running ‘.\InstallAzureStackPOC.ps1’ again, let’s verify your AAD Global Admin account can authenticate from the deployment box.

    NOTE: Azure Stack TP2 must be deployed with Azure AD Global Admin Account created from Azure Active Directory (AAD)

    EXAMPLE

    Yes = AzureStackAdmin@ForumGuys.onmicrosoft.com

    No = AzureStackAdmin@Hotmail.com

    Wrong - AAD GlobalAdmin  = v-gagal@microsoft.com   AADDirectoryTenantName  ForumGuys.onmicrosoft.com

    Correct - AAD GlobalAdmin = AzureAdmin@ForumGuys.onmicrosoft.com   AADDirectoryTenantName  ForumGuys.onmicrosoft.com

    1. Open an elevated PowerShell console and Import the AzureRM Module version 1.2.6
    2. In PowerShell, run this command ‘Login-AzureRmAccount’
    3. Sign in to Azure AD with your AAD Global Admin account & Password.

    -          Make sure the account belongs to the Azure Active directory specified in the AADDirectoryTenantName  deployment parameters.

    -          Make sure the password was reset after creating the AAD GlobalAdmin account

    -          Make sure you are connected to the internet.

    It should return something like this:

    PS C:\Windows\system32>  Login-AzureRmAccount

    Environment           : AzureCloud

    Account               : AzureAdmin@PMDogfood.onmicrosoft.com

    TenantId              : a542c100-0059-48fe-9f0e-b285fad09f32

    SubscriptionId        : 8b2ca751-4f32-4ac4-a132-a3a1f4f7f18c

    CurrentStorageAccount :

    Let us know if you still receive the same deployment error after validating your AAD GlobalAdmin account.

    Thanks,

    Gary Gallanes

    • Proposed as answer by Ruud BorstMVP Tuesday, February 14, 2017 7:20 PM
    Tuesday, February 14, 2017 7:12 PM
  • Hello,

    I'm able to login to ADD using global admin account. Getting this error.

    VERBOSE: Starting AzureStack configuration.
    Get-AADToken : Exception calling "AcquireToken" with "3" argument(s): "accessing_ws_metadata_exchange_failed: Accessing WS metadata exchange failed"
    At C:\CloudDeployment\Setup\Common\AzureADConfiguration.psm1:133 char:14
    + ...    $token = Get-AADToken -ResourceUri $AzureURIs.ManagementServiceUri ...
    +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (:) [Get-AADToken], MethodInvocationException
        + FullyQualifiedErrorId : AdalServiceException,Get-AADToken

    Tuesday, February 14, 2017 9:39 PM
  • Azure Stack TP3 has been released on March 1, 2017.

    If you are experiencing any issues with the TP2 release, please download and redeploy using the latest Azure Stack POC deployment package

    Please see the updated deployment documentation:

    https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-run-powershell-script

    And updated Azure Stack Docs:

    https://docs.microsoft.com/en-us/azure/azure-stack/

    If you experience any issues with TP3 release, feel free to contact us.

    https://azure.microsoft.com/en-us/blog/hybrid-application-innovation-with-azure-and-azure-stack/

    Thanks,


    Gary Gallanes

    Wednesday, March 1, 2017 5:28 PM