locked
Cannot login to Azure Stack TP3 with PaaS Update RRS feed

  • Question

  • Can someone please post an example of logging into Azure from MAS-CON01? I am following the instructions on the documentation pages but I keep getting the following errors:

    Login-AzureRmAccount : unknown_user_type: Unknown User Type

    At line:1 char:1
    + Login-AzureRmAccount -EnvironmentName "AzureStackAdmin" -TenantId $Aa ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : CloseError: (:) [Add-AzureRmAccount], AadAuthenticationFailedException
        + FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.AddAzureRMAccountCommand

    These are the variables and commands I setup and ran before running the Login-AzureRMAccount cmdlet:

    Setup the AzureStackAdmin Environment

    PS C:\Temp\AzureStack-Tools-master> Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"

    VERBOSE: Retrieving endpoints from the https://adminmanagement.local.azurestack.external...
    VERBOSE: Updating AzureRm environment AzureStackAdmin

    Name                                              : AzureStackAdmin
    EnableAdfsAuthentication                          : False
    ActiveDirectoryServiceEndpointResourceId          : https://adminmanagement.xxxxxxx.onmicrosoft.com/ebcd6fa6-b390-4696-a7b8-984d5ae810eb
    AdTenant                                          :
    GalleryUrl                                        : https://adminportal.local.azurestack.external:30015/
    ManagementPortalUrl                               :
    ServiceManagementUrl                              :
    PublishSettingsFileUrl                            :
    ResourceManagerUrl                                : https://adminmanagement.local.azurestack.external
    SqlDatabaseDnsSuffix                              :
    StorageEndpointSuffix                             : local.azurestack.external
    ActiveDirectoryAuthority                          : https://login.windows.net/
    GraphUrl                                          : https://graph.windows.net/
    GraphEndpointResourceId                           : https://graph.windows.net/
    TrafficManagerDnsSuffix                           :
    AzureKeyVaultDnsSuffix                            : vault.local.azurestack.external
    AzureDataLakeStoreFileSystemEndpointSuffix        :
    AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix :
    AzureKeyVaultServiceEndpointResourceId            : https://vault.local.azurestack.external

    I did the same for the AzureStackUser

    PS C:\Temp\AzureStack-Tools-master> Add-AzureStackAzureRmEnvironment -Name "AzureStackUser" -ArmEndpoint "https://management.local.azurestack.external"
    VERBOSE: Retrieving endpoints from the https://management.local.azurestack.external...
    VERBOSE: Updating AzureRm environment AzureStackUser

    Name                                              : AzureStackUser
    EnableAdfsAuthentication                          : False
    ActiveDirectoryServiceEndpointResourceId          : https://management.xxxxxxx.onmicrosoft.com/ebcd6fa6-b390-4696-a7b8-984d5ae810eb
    AdTenant                                          :
    GalleryUrl                                        : https://portal.local.azurestack.external:30015/
    ManagementPortalUrl                               :
    ServiceManagementUrl                              :
    PublishSettingsFileUrl                            :
    ResourceManagerUrl                                : https://management.local.azurestack.external
    SqlDatabaseDnsSuffix                              :
    StorageEndpointSuffix                             : local.azurestack.external
    ActiveDirectoryAuthority                          : https://login.windows.net/
    GraphUrl                                          : https://graph.windows.net/
    GraphEndpointResourceId                           : https://graph.windows.net/
    TrafficManagerDnsSuffix                           :
    AzureKeyVaultDnsSuffix                            : vault.local.azurestack.external
    AzureDataLakeStoreFileSystemEndpointSuffix        :
    AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix :
    AzureKeyVaultServiceEndpointResourceId            : https://vault.local.azurestack.external

    I then created the following variables:

    PS C:\Temp\AzureStack-Tools-master> $AadTenantID = Get-DirectoryTenantID -AADTenantName "xxxxxxx.onmicrosoft.com" -EnvironmentName AzureStackAdmin

    PS C:\Temp\AzureStack-Tools-master>

    PS C:\Temp\AzureStack-Tools-master> $UserName = 'xxxxxxxx' | ConvertTo-SecureString -Force -AsPlainText
    PS C:\Temp\AzureStack-Tools-master> $Password = 'xxxxxxxxx' | ConvertTo-SecureString -Force -AsPlainText
    PS C:\Temp\AzureStack-Tools-master> $Credential = New-Object PSCredential ($UserName,$Password)
    PS C:\Temp\AzureStack-Tools-master> Login-AzureRmAccount -EnvironmentName "AzureStackAdmin" -TenantId $AadTenantID -Credential $Credential

    For the $UserName I used the username without the @xxxxxxxx.onmicrosoft.com extension

    For the Password I used the Service Administrator account password

    What am I missing or not doing correctly?

    Thanks In Advance For Your Support,

    Charles


    Charles A. Windom Sr.

    Thursday, April 13, 2017 11:32 PM

Answers

  • Hi , Charles, username should be with @xxx.onmicrosoft.com. Below a official  example I'm using.

    $aadpass = ConvertTo-SecureString 'YOURPASS' -AsPlainText -Force 
    $aadcred = New-Object System.Management.Automation.PSCredential ('user@xxxxxx.onmicrosoft.com', $aadpass)
    
    $AadTenantName = ($aadcred.UserName -split '@')[1]
    
    Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser -Confirm:$false -force
    Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser 
    Install-Module -Name AzureStack -RequiredVersion 1.2.9 -Scope CurrentUser -Confirm:$false -force
    
    invoke-webrequest https://github.com/Azure/AzureStack-Tools/archive/master.zip -OutFile master.zip
    expand-archive master.zip -DestinationPath . -Force
    cd AzureStack-Tools-master
    
    Import-Module .\Connect\AzureStack.Connect.psm1 
    Import-Module .\ComputeAdmin\AzureStack.ComputeAdmin.psm1
    
    $aadTenant = Get-AADTenantGUID -AADTenantName $AadTenantName
    
    Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
    
    Login-AzureRmAccount -EnvironmentName "AzureStackAdmin" -TenantId $AadTenant -Credential $aadcred


    Cheers,

    Ruud
    Twitter:    Blog: AzureStack.Blog  LinkedIn:    
    Note: Please “Vote As Helpful” if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.


    Friday, April 14, 2017 9:00 AM