azure-samples / active-directory-lab-hybrid-adfs Goto Github PK

I need to set up an ADFS lab environment, but I'd like to use Windows Server 2016 or 2019 instead of 2012. Would this project work with a later version of Windows Server? What's likely to be incompatible?

Hi I'm getting the error below when attempting to deploy the lab, any help will be appreciated

{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.","details":[{"code":"Conflict","message":"{\r\n "status": "Failed",\r\n "error": {\r\n "code": "ResourceDeploymentFailure",\r\n "message": "The resource operation completed with terminal provisioning state 'Failed'.",\r\n "details": [\r\n {\r\n "code": "DeploymentFailed",\r\n "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.",\r\n "details": [\r\n {\r\n "code": "BadRequest",\r\n "message": "{\r\n \"error\": {\r\n \"code\": \"DnsRecordInUse\",\r\n \"message\": \"DNS record contosodc1.eastus.cloudapp.azure.com is already used by another public IP.\",\r\n \"details\": []\r\n }\r\n}"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}"}]}

how to do

Hi,

I get this when i deploy the template with "no/with clients" option.

{ "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'.", "details": [ { "code": "VMExtensionProvisioningError", "message": "VM has reported a failure when processing extension 'Microsoft.Powershell.DSC'. Error message: \"DSC Configuration 'DomainController' completed with error(s). Following are the first few: No match was found for the specified search criteria for the provider 'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified package has the tags. No match was found for the specified search criteria for the provider 'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified package has the tags. No match was found for the specified search criteria and provider name 'NuGet'. Try 'Get-PackageProvider -ListAvailable' to see if the provider exists on the system.\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionDSCWindowsTroubleshoot " } ] } }

I received this validation error when attempting to deploy the first link template.
I think it has to do with multi-dotted FQDN (sub.domainname.com):
"companyNamePrefix": "[split(parameters('adDomainName'),'.')[0]]",

First of all, thank you very much for your great work.

Now when this is out of the way :)

Tried deploying it in "North Europe" region

1. internal domain name should really be ".local", not "contoso.com".
2. public FQDN on test labs can be long (mine is "digital-online-somecompany.com"), this fails creating windows machines with "names are too long". (i added another parameter to template in my fork)
3. There's no internet connectivity from crated VMs to the outside internet, so any steps that download something from public internet will fail
4. Prolly due to #3 created VMs can't be joined to domain
5. Created VMs have Network "Ethernet" marked as "public"
6. DC role is not installed, prolly due to #3.

I was able to run this NoClientDeploy setup before, but the recent deployment I've tried fails on resource with display name "DeployAD".

Any help is appreciated.

Looks to be failing on the GitHub URL. That URL works fine manually, but the relative path in the script is not working.

{
  "code": "DeploymentFailed",
  "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.",
  "details": [
    {
      "code": "Conflict",
      "message": "{\r\n  \"status\": \"Failed\",\r\n  \"error\": {\r\n    \"code\": \"ResourceDeploymentFailure\",\r\n    \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n    \"details\": [\r\n      {\r\n        \"code\": \"VMExtensionProvisioningError\",\r\n        \"message\": \"VM has reported a failure when processing extension 'Microsoft.Powershell.DSC'. Error message: \\\"The DSC Extension failed to execute: Error downloading https://raw.githubusercontent.com/Azure-Samples/active-directory-lab-hybrid-adfs/master/lab-hybrid-adfs/DSC/adDSC.zip after 29 attempts: The remote name could not be resolved: 'raw.githubusercontent.com'.\\r\\nMore information about the failure can be found in the logs located under 'C:\\\\WindowsAzure\\\\Logs\\\\Plugins\\\\Microsoft.Powershell.DSC\\\\2.80.0.0' on the VM.\\\".\"\r\n      }\r\n    ]\r\n  }\r\n}"
    },
    {
      "code": "Conflict",
      "message": "{\r\n  \"status\": \"Failed\",\r\n  \"error\": {\r\n    \"code\": \"ResourceDeploymentFailure\",\r\n    \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n    \"details\": [\r\n      {\r\n        \"code\": \"DeploymentFailed\",\r\n        \"message\": \"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.\",\r\n        \"details\": [\r\n          {\r\n            \"code\": \"Conflict\",\r\n            \"message\": \"{\\r\\n  \\\"status\\\": \\\"Failed\\\",\\r\\n  \\\"error\\\": {\\r\\n    \\\"code\\\": \\\"ResourceDeploymentFailure\\\",\\r\\n    \\\"message\\\": \\\"The resource operation completed with terminal provisioning state 'Failed'.\\\",\\r\\n    \\\"details\\\": [\\r\\n      {\\r\\n        \\\"code\\\": \\\"VMExtensionProvisioningError\\\",\\r\\n        \\\"message\\\": \\\"VM has reported a failure when processing extension 'joindomain'. Error message: \\\\\\\"Exception(s) occured while joining Domain 'ADtest4'\\\\\\\".\\\"\\r\\n      }\\r\\n    ]\\r\\n  }\\r\\n}\"\r\n          }\r\n        ]\r\n      }\r\n    ]\r\n  }\r\n}"
    }
  ]
}