Lab 4: Deploy-WACAzVM.ps1 fails w/errors

[TesterTesterson1004]

Module: 00

Lab/Demo: 04

Exercise 3

Task: 01

Step: 08

Description of issue

Deploy-WACAzVM.ps1 script will error at this point, preventing fully successful completion of the balance of the Lab:

Repro steps:

1. Follow lab to that point, as-written
2. Note that in Lab 4, Exercise 2, Task 2, Step 2: Instructions reference sea-svr2.contoso.com however given context, and the VMs specified in the course manifest, this is likely a typo and the VM ought to be sea-adm1.contoso.com

Interestingly, the VM itself, and a variety of the resources are in fact, created successfully, however certain items (such as the DNS name) do not get populated. You can log in to the VM using RDP and the Student account, but due to the errors seen in script it is uncertain what else may have failed.

Also, I realize this is a different course issue BUT - this is essentially the identical behavior seen in WS-012, in this still open/unfixed issue that appeared relatively recently in identical .ps1, used almost identically as it is in AZ-800: https://github.com/MicrosoftLearning/WS-012T00-Windows-Server-2019-Hybrid-and-Azure-IaaS/issues/36

Because a suspiciously similar issue was seen with this very same Deploy-WACAzVM.ps1 script in yet one more past WS-012 issue (but was fixed ~April 7th, 2021) I feel it might be productive to take a look at some of the various bug reports down that chain. Apologies if these end up being red herrings - but the behaviors (relating to configuration of WSRemoting + forcing ignore of self-signed certs - are just so very similar to the behavior in the here and now for this AZ-800 error behavior.

See also: https://github.com/MicrosoftDocs/azure-docs/issues/68262

I have tried using various previous versions of the https://www.powershellgallery.com/packages/PSWSMan/2.3.0 module, and various other troubleshooting on this new AZ-800 issue but have as-yet been unsuccessful in understanding why we fail here.

[garjam73]

the issue is with the $scriptParams block in step 6. it's missing the parameter to create a public IP on the VM so the script can't connect to the internet to download WAC.

The correct code should be:

$scriptParams = @{ ResourceGroupName = $rgName Name = 'az800l04-vmwac' VirtualNetworkName = $vnetName SubnetName = $subnetName PublicIPAddressName = $pipname SecurityGroupName = $nsgname GenerateSslCert = $true size = $size }

[TesterTesterson1004]

Thanks very much, @garjam73, that solution seemed to work for the older ws-012 course, I will test it for this course now and hopefully same success!

[sotiris84]

I am also facing an issue with this specific step. I have followed garjam73 solution, but still receive the same error.

[Yiizo]

@garjam73 solution fixed the error @TesterTesterson1004 raised. However, I'm now encountering a new error.

Any recommended solutions?

[craigbeeremct]

@Yiizo, I've seen that issue in another situation, caused by an error in the latest version of the PowerShell module. I found some instructions that talked about uninstalling Az.Compute and installing version 4.23.0. This sorted out the issue I was having on my machine, but didn't help in Cloud Shell because I couldn't uninstall the Az.Compute module due to modules using it that were required to run for Cloud Shell to operate. I gave up after a bit of time, so never got to the bottom of it.

See https://github.com/Azure/azure-powershell/issues/17370 https://techcommunity.microsoft.com/t5/azure-virtual-desktop/azure-compute-gallery-quot-vmcustomization-is-not-enabled-for/m-p/3151871

[sotiris84]

@craigbeeremct You can temporarily downgrade the Az.Compute module version in Cloud Shell. The change is not persistent, so when you spin up a new instance of cloud shell the latest version of Az.Compute module will be used again. The process is extremely simple:

install the required version

Install-Module -Name Az.Compute -Force -RequiredVersion 4.23.0

reload the session so the new module is used

pwsh

Verify the version is correct

Get-Module -Name Az.Compute

Unless you click the X button to close the cloud shell, the 4.23.0 version will be used.

(I saw the above in a comment - I don't remember where - so credits not mine)

Now to the problem at hand, while the above solution solved the VMCustomization issue, the script failed later. My solution up to this day is to manually do what the script does (and have my students do the same)

[garjam73]

@sotiris84 I just tried your step to downgrade the AZ.Compute module alongside my $scriptparams fix and with both together the lab script works

[craigbeeremct]

@craigbeeremct You can temporarily downgrade the Az.Compute module version in Cloud Shell.

Thank you for those steps, much appreciated.

[Paterpetri]

Thank you, everyone for the information. After I downgraded the Az.Compute version in CloudShell and corrected the $scriptParams block above, the DNS name and some other items still did not get created successfully. I was not able to resolve this, and so I had to skip Exercise 4, Task 1. Any advice?

[sotiris84]

@Paterpetri You can perform the steps manually.

[Paterpetri]

@sotiris84 Got it. I guess I missed that last part of your previous comment. I should read more carefully.

Thanks again!

[MOC-Labs-Review]

MOC Labs Review has solved this issue with pull requests #15 and #19.

[rdantas9]

Is there any idea? Due to a problem in Exercise 3, Task 1, Step 8, the Deploy-WACAzVM.ps1 script may error and not properly provision the az800l04-vmwac VM, preventing successful completion of the remaining steps of Lab 04. This has been reported to the Content Owner at Microsoft.

[sh8pe]

In the policy it is stated that the name of the VM is only allowing name = az800l04-vm0 and not as stated az800l04-vmwac. In the further tasks also there is a mixture of both vm-names, which must be cleaned up.

If you change $scriptParams = @{ ResourceGroupName = $rgName Name = 'az800l04-vm0' ... The script succeeds, but running in an SSL connection error while connection to VM But maybe changing the policy may the better way!

[dpapkin]

Seems like $pipname doesnt get populated

[TesterTesterson1004]

Regarding the LODS/Cloudslice version (wherein errors indicated VM az800l04-vmwac was blocked by ACP) ...that now appears to be fixed.

[dpapkin]

Hi,

Interesting The courseware updated since last night. Now can create with Policy error.

Get Outlook for Androidhttps://aka.ms/AAb9ysg

---

From: TesterTesterson1004 @.> Sent: Wednesday, September 28, 2022 4:28:34 AM To: MicrosoftLearning/AZ-800-Administering-Windows-Server-Hybrid-Core-Infrastructure @.> Cc: David Papkin @.>; Comment @.> Subject: Re: [MicrosoftLearning/AZ-800-Administering-Windows-Server-Hybrid-Core-Infrastructure] Lab 4: Deploy-WACAzVM.ps1 fails w/errors (Issue #4)

Regarding the LODS/Cloudslice version (wherein errors indicated VM az800l04-vmwac was blocked by ACP) ...that now appears to be fixed.

— Reply to this email directly, view it on GitHubhttps://github.com/MicrosoftLearning/AZ-800-Administering-Windows-Server-Hybrid-Core-Infrastructure/issues/4#issuecomment-1260011618, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AF2LQISZCB7KA34IGXYVS53WANKHFANCNFSM5OPPSVYA. You are receiving this because you commented.Message ID: @.***>

[bsaghir]

Any idea how to fix this problem?

[dpapkin]

Having this error message. All my students have this error message

[sotiris84]

The problem seems to exist still. Most probably the issue lies with the policies in place on online lab hosts. What I do in my classes is to explain the script, but actually perform the steps manually either in advance or as a demo during class.

[bsaghir]

These two commands will allow to download the msi on the machine and to install it with a self-signed certificate. So the first method you connect directly on the machine in rdp, the second method you open a powershell window in admin and you copy the 2 commands. Or as said above via run command and powershell script. You check that each command is well passed. Start-Process msiexec.exe -Wait - "/i $env:USERPROFILE\Downloads\WindowsAdminCenter.msi /qn /L*v log.txt REGISTRY_REDIRECT_PORT_80=1 SME_PORT=443 SSL_CERTIFICATE_OPTION=generate"

I think that some command in the script deploy are not available for the new version of azure.

[bsaghir]

in the script, there is the command invoke-azurevmcommand and this command has changed name with the new version of AZURE. The new name for this command is invoke-AzureVmRuncommand.

[dpapkin]

I modified the Deploy-WAVLVAzVN.ps1 and changed to invoke-AzureVmRuncommand.and it gives a different error now .

A parameter cannot be found that matches parameter name "Scriptblock'

[melvinporter]

When running ./Deploy-WACAzVM.ps1 @scriptParams all students received the following error:

Invoke-WebRequest: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.

SOLUTION: Execute the following commands before running the ./Deploy-WACAzVM.ps1 script

**[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor

Note the fix in the first image below (just above the first bit of yellow text).

Successful output.

[TJGitHubUser]

Thank you. We'll run this through our test process and update accordingly.

[v-asamim]

I tested Lab 4 twice, it works fine; I couldn't find any errors. I also tested with the solution reported by @melvinporter, it works fine too.

The reported solution is: “Execute the following commands before running the ./Deploy-WACAzVM.ps1 script [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor

Here are the lab screenshots.

Tested with default instructions

Tested reported solution