Updated: Hybrid Cloud with NVGRE (Cloud OS) Whitepaper V5

Our whitepaper received a new version (version 5) and now more looks like a book. Book is not the right word in these modern times so I will call it Whitepaper as a Service (WaaS). We’ve included the Windows Azure Pack (WAP) experience in it. The reason for that is because if you build your Hybrid Cloud you need a front end that your customers can see and what better way than using Windows Azure Pack. No other words are necessary just grab the latest version from here and start reading.

WMI Error Upon Network Service (Windows Server Gateway) Refresh in VMM 2012 R2

When you try to refresh Network Service in VMM 2012 R2 and particularly Network Service for Windows Server Gateway you may received the following error:

image

Unable to connect to the network service. Check connection string and network connectivity. Error Execution of Microsoft.SystemCenter.NetworkService::OpenDeviceConnectionEx on yje configuration provider <GUID> failed. Detailed exception: Microsoft.Carmine.WSManWrappers.WSManProviderException: A Hardware Management error has occurred trying to contact server hyperv.contoso.com :w:InternalError:HRESULT 0x8033381e8:The WS-Management service cannot process the request. This service has exceeded its maximum concurrent operations per user allowed for plugin “WMI Provider”. Tretry the request later or raise the Maximum Operations per User quota. .

WinRM: URL: [http://hyperv.contoso.com:5985]. Verb: [ENUMERATE].

Resource:

[http://schemas.microsoft.com/wbem/wsman/1/wmi/root/virtualization/v2/Msvm_VirtualSystemManagementService]. Filter []

ID: 50000

 

One solution to this issue is to restart the WMI service on the mentioned Hyper-V host.

If still there are issues restart of the Hyper-V host can also be solution.

Error 500 on Windows Azure Pack (WAPack) Admin Portal

I’ve been playing around with Windows Azure Pack and I’ve deleted all self-signed certificates from the personal store. Apparently I’ve missed some configuration and WAP{ was still using them. After deleting the certificates when I’ve opened the Admin Portal I’ve got white page with Error 500 displayed on it.

To get clear description of the issue I’ve opened the WAP event logs and the following errors were logged:

- System

  – Provider

   [ Name]  Microsoft-WindowsAzurePack-MgmtSvc-WindowsAuthSite
   [ Guid]  {0F6CC87B-DB81-49B2-8C49-3A677668CE01}
 
   EventID 12
 
   Version 0
 
   Level 2
 
   Task 65522
 
   Opcode 0
 
   Keywords 0×0
 
  – TimeCreated

   [ SystemTime]  2014-03-24T07:56:59.013740200Z
 
   EventRecordID 1943
 
   Correlation
 
  – Execution

   [ ProcessID]  1940
   [ ThreadID]  1476
 
   Channel Microsoft-WindowsAzurePack-MgmtSvc-WindowsAuthSite/Operational
 
   Computer Wap.contoso.com
  – Security

   [ UserID]  S-1-5-82-2549926429-2988919198-231587694-2103424236-3831772697
 

- EventData

  message Unhandled exception: System.NullReferenceException: Object reference not set to an instance of an object. at Microsoft.WindowsAzure.Server.Authentication.Controllers.WSFederationController.Metadata() at lambda_method(Closure , ControllerBase , Object[] ) at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass42.<BeginInvokeSynchronousActionMethod>b__41() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass37.<>c__DisplayClass39.<BeginInvokeActionMethodWithFilters>b__33() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass37.<BeginInvokeActionMethodWithFilters>b__36(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass25.<>c__DisplayClass2a.<BeginInvokeAction>b__20() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult) at System.Web.Mvc.Controller.<>c__DisplayClass1d.<BeginExecuteCore>b__18(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) at System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) at System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) at System.Web.Mvc.MvcHandler.<>c__DisplayClass8.<BeginProcessRequest>b__3(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) at System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
  requestId 
  subscriptionId 
  clientRequestId 
  principalId 
  version 
  pageRequestId 
  acceptLanguage 
  operationName
 

image

 

- System

  – Provider

   [ Name]  Microsoft-WindowsAzurePack-MgmtSvc-WindowsAuthSite
   [ Guid]  {0F6CC87B-DB81-49B2-8C49-3A677668CE01}
 
   EventID 12
 
   Version 0
 
   Level 2
 
   Task 65522
 
   Opcode 0
 
   Keywords 0×0
 
  – TimeCreated

   [ SystemTime]  2014-03-24T07:52:20.289550500Z
 
   EventRecordID 1942
 
   Correlation
 
  – Execution

   [ ProcessID]  1940
   [ ThreadID]  5940
 
   Channel Microsoft-WindowsAzurePack-MgmtSvc-WindowsAuthSite/Operational
 
   Computer wap.contoso.com
 
  – Security

   [ UserID]  S-1-5-82-2549926429-2988919198-231587694-2103424236-3831772697
 

- EventData

  message Unhandled exception: System.NullReferenceException: Object reference not set to an instance of an object. at Microsoft.WindowsAzure.Server.Authentication.Controllers.WSFederationController.SignIn(SignInRequestMessage message, ClaimsPrincipal principal) at Microsoft.WindowsAzure.Server.Authentication.Controllers.WSFederationController.Issue() at lambda_method(Closure , ControllerBase , Object[] ) at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass42.<BeginInvokeSynchronousActionMethod>b__41() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass37.<>c__DisplayClass39.<BeginInvokeActionMethodWithFilters>b__33() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass37.<BeginInvokeActionMethodWithFilters>b__36(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass25.<>c__DisplayClass2a.<BeginInvokeAction>b__20() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult) at System.Web.Mvc.Controller.<>c__DisplayClass1d.<BeginExecuteCore>b__18(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) at System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) at System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) at System.Web.Mvc.MvcHandler.<>c__DisplayClass8.<BeginProcessRequest>b__3(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) at System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
  requestId 
  subscriptionId 
  clientRequestId 
  principalId 
  version 
  pageRequestId 
  acceptLanguage 
  operationName 

image

 

- System

  – Provider

   [ Name]  Microsoft-WindowsAzurePack-MgmtSvc-WindowsAuthSite
   [ Guid]  {0F6CC87B-DB81-49B2-8C49-3A677668CE01}
 
   EventID 12
 
   Version 0
 
   Level 2
 
   Task 65522
 
   Opcode 0
 
   Keywords 0×0
 
  – TimeCreated

   [ SystemTime]  2014-03-24T07:52:18.032927500Z
 
   EventRecordID 1941
 
   Correlation
 
  – Execution

   [ ProcessID]  1940
   [ ThreadID]  3020
 
   Channel Microsoft-WindowsAzurePack-MgmtSvc-WindowsAuthSite/Operational
 
   Computer wap.contoso.com
 
  – Security

   [ UserID]  S-1-5-82-2549926429-2988919198-231587694-2103424236-3831772697
 

- EventData

  message Unhandled exception: System.Configuration.ConfigurationErrorsException: Unable to find a unique signing certificate in certificate store. Make sure a certificate exists in the Local Machine\My certificate store and that exactly one certificate matches the configured thumbprint. at Microsoft.WindowsAzure.Server.Authentication.CustomSecurityTokenServiceConfiguration..ctor(IdentityProvider identityProvider, String certificateThumbprint, String authenticationType, IEnumerable`1 relyingParties, IEnumerable`1 additionalHandlers, ClaimsAuthenticationManager claimsAuthenticationManager) at Microsoft.WindowsAzure.Server.Authentication.CustomSecurityTokenServiceConfiguration.Initialize(IdentityProvider identityProvider, String authenticationType, String certificateThumbprint, IEnumerable`1 relyingParties, IEnumerable`1 additionalHandlers, ClaimsAuthenticationManager claimsAuthenticationManager) at Microsoft.WindowsAzure.Portal.Authentication.WindowsAuthApplication.Application_Start()
  requestId 
  subscriptionId 
  clientRequestId 
  principalId 
  version 
  pageRequestId 
  acceptLanguage 
  operationName
 

image

image

 

The resolution was simple: I’ve run the run the configuration site of WAP once again with the same SQL credentials and passphrase. The deleted self-signed certificates were restored in the personal store, Admin portal was running once again and no data was lost.

image

Happy 2nd Year

Yesterday the blog has passed it’s second year. For those 2 years this blog helped sustain my knowledge and learn even more, I’ve met many IT Pros with which I’ve had great discussions and many of them I can call friends as they help me in need. I hope you still like my blog and find it useful. I will continue to help in the community as much as I can. Thank you to all who visited my blog over the past 2 years. THANK YOU.

User Roles Disappearing from VM Network Properties Access Tab in SCVMM 2012 R2 Update Rollup 1

Issue

Imagine the following situations:

  1. You create VM Network in SCVMM 2012 R2 UR1

image

image

  1. You create User Role with Profile Tenant Administrator:

image

  1. In the Networking tab of User Role you add VM Network:

image

  1. When you add the VM Network in the User Role, the Access tab of that VM Network Properties is filled with the User role:

image

  1. If you restart the VMM server service or wait 24 hours the User Role/s disappear from VM Network Properties Access tab.

image

image

  1. In the User Role’s properties the VM Network is still visible though:

image

  1. If you try to add the User in the VM Network Properties Access tab the job will execute as successful but the User Role will not be added.

image

image

image

Applies to:

This behavior is present only after installing Update Rollup 1 for SCVMM 2012 R2. It is not present in the RTM version of SCVMM 2012 R2 or any previous version.

Workarounds:

If in your environment you are using the User Roles in the VM Network Properties Access tab you can use the following workarounds:

  1. Do not install UR1, stay on SCVMM 2012 R2 RTM until official fix is released from Microsoft.
  2. For every User Role open the Properties, remove he VM Network(s) listed in the Networking tab. Click OK to save. Open the Properties again and add the VM Network(s) again. This will add the User Role again in the VM Network Properties Access tab. Keep in mind that you will need to that at least on 24 hour interval or upon VMM server service restart.

image

  1. Try to build a PowerShell script that will do the same steps as in workaround 2. Run the script automatically every 30 mins or 1 hour.

None of these workarounds is good enough but these are the only ones I’ve found until official fix is released from Microsoft.

Updated MP: Windows Licensing Check

Cameron Fuller made small but nice management pack that will alert you when your Windows Server is not activated. Unfortunately this was in 2009 and now the MP does not work with latest version – Windows Server 2012 and Windows Server 2012 R2. I’ve contacted Cameron to ask him to test a modified by me version that works with Windows Server 2012 and R2. When test was successful we’ve agreed to publish the new version. The new version is tested with System Center 2012 R2 Operations Manager for Windows Server 2012 and Windows Server 2012 R2. There is a good chance that will work also with Windows Server 2008 R2 as the events that the MP is monitoring are probably the same. The new version number is 1.0.3.0 and can be downloaded from here. Feel free to leave any comments if you see improvements that can be made.

Here is description for the MP provided by Cameron:

Sample MP with three monitors that appear under Windows Computer / Configuration to show the status of windows from an activation perspective.

This monitor generates alerts if the server is either about to fail activation or has a failed activation. The health of the monitor is shown in health explorer under Entity Health / Configuration / Licensing Check Status.

The monitor looks for event id’s which indicate that either the Windows Activation Licensing is about to fail or has failed. If it’s about to fail that means that it’s not currently activated and will expire soon. If it has failed that means that it needs to have windows activated. This functionality I believe has been added into the windows server operating system management pack but it was not there when I created this as a sample.

Whitepaper UPDATE: Troubleshooting and FAQ – Hybrid Cloud with NVGRE (WSSC 2012 R2)

A new version of our whitepaper is out. For those who count it is version 3. The latest update includes Troubleshooting and FAQ section. As usual you can download it from here.

Begin Your Journey to the Cloud with the Cloud Administrator

Follow

Get every new post delivered to your Inbox.

Join 596 other followers