Open vivyekkanchan opened 5 years ago
Hi Vivyekkanchan.
I was able to replicate your issue and can offer the following help.
According to the Azure CLI documentation, the --password
argument for creating a service principal will not be used in future for security reasons. The documentation states: If you want to use password-based authentication, avoid --password and let the CLI generate a secure password for you.
Please try running the create service principle command again, from lab Step 3, without the --password
argument i.e. az ad sp create-for-rbac --name PU1app
. If it works, the CLI will return a random (secure) password for you to use.
Note : Please be advised that repeating Step 3 may produce the following console output:
Changing "PU1app" to a valid URI of "http://PU1app", which is the required format used for service principal names
'http://PU1app' already exists.
The message http://PU1app' already exists.
indicates that a service principle named http://PU1app
was created the first time you ran sp create
(with the depreciated --password
argument). So, if you see this message, delete the existing http://PU1app
service principle and its role assignments as follows:
http://PU1app
service principle with the command az ad sp list --display-name PU1app
. objectId
value for the service principle.objectId
shown in the console output (or 'copy' the value instead). az ad sp delete --id <objectId value>
. Substitute <objectId value>
for the objectId
value you noted/ copied previously. Note : If you delete the service principle, you can create it again using the command from Step 3 (without the --password
argument i.e. az ad sp create-for-rbac --name PU1app
).
I'll request fixing the lab for future users, thanks, M.
I am getting this error while running this az ad sp create-for-rbac --name PU1app --password Pa$$w0rd01 , this is step 3 in lab excersies
http://microsoft.github.io/PartsUnlimited/pandp/200.1x-PandP-CICDQuickstartwithVSTS.html
C:\Users\VKANCHAN>az ad sp create-for-rbac --name PU1app --password Pa$$w0rd01 Argument 'password' has been deprecated and will be removed in a future release.
Changing "PU1app" to a valid URI of "http://PU1app", which is the required forma t used for service principal names Role assignment creation failed.
role assignment response headers: {'Cache-Control': 'no-cache', 'Pragma': 'no-ca che', 'Content-Type': 'application/json; charset=utf-8', 'Expires': '-1', 'x-ms- failure-cause': 'gateway', 'x-ms-request-id': 'd47eb967-22d8-48e5-9e0f-bf85b10c6 451', 'x-ms-correlation-request-id': 'd47eb967-22d8-48e5-9e0f-bf85b10c6451', 'x- ms-routing-request-id': 'SOUTHEASTASIA:20190514T102856Z:d47eb967-22d8-48e5-9e0f- bf85b10c6451', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains ', 'X-Content-Type-Options': 'nosniff', 'Date': 'Tue, 14 May 2019 10:28:56 GMT', 'Content-Length': '129'}
The subscription '92b796c5-5839-40a6-8dd9-c1fad320c69b' could not be found.
C:\Users\VKANCHAN>az account list [ { "cloudName": "AzureCloud", "id": "92b796c5-5839-40a6-8dd9-c1fad320c69b", "isDefault": true, "name": "N/A(tenant level account)", "state": "Enabled", "tenantId": "92b796c5-5839-40a6-8dd9-c1fad320c69b", "user": { "name": "vkanchan@bmc.com", "type": "user" } } ]
C:\Users\VKANCHAN>