AAD Join failed with status code: -2145648595
Problem: Recently, a teammate reached out to me for help with an Azure Virtual Desktop deployment error. The session hosts in his ARM template were failing to Entra join in his tenant, but not in mine nor the customer’s tenant. The full error was: {“code”:”VMExtensionProvisioningError”,”message”:”VM has reported a failure when processing extension ‘AADLoginForWindows’ (publisher ‘Microsoft.Azure.ActiveDirectory’…
Filter out the noise in Azure Image Builder (Packer) logs
Problem: Azure Image Builder (AIB) is an image automation solution in Azure that’s built on top of HashiCorp Packer. While the solution works great when your scripts run without any errors, getting to that point can be challenging. Microsoft’s documentation states you should run your code interactively against a test virtual machine. However, sometimes unforeseen…
Azure Resource Deployment Failure Error
Problem: When deploying an ARM template to Azure you may receive the following error: {“code”:”DeploymentFailed”,”message”:”At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.”,”details”:[{“code”:”ResourceDeploymentFailure”,”message”:”The response for resource had empty or invalid content.”}]} Solution: Enable the Service Endpoint for the appropriate Azure service on your subnet. Explanation:…
Deny an Azure Resource Provider using Azure Policy
Problem: An organization wants to deny an Azure Resource Provider for contractual, compliance, or security reasons. Solution: Create a new Azure Policy definition by duplicating the “Not allowed resource types” built-in definition. Fill out the Basics form. For the “Definition Location”, ideally you would select a Management Group. This will allow you to assign the…
Disable the Appx Packages in the Virtual Desktop Optimization Tool using PowerShell
Problem: Prior to February 2022, the Virtual Desktop Optimization Tool (VDOT) would allow you to disable Appx packages by setting the “Optimizations” parameter to either “All” or including “AppxPackages” in the string array. Customer feedback forced the team to change the tool to enable these packages by default, complicating the automation of the tool. Now…
Azure Error: “The response for resource had empty or invalid content.”
Problem: When deploying an Azure Storage Account, you receive the following error: Solution: Enable the appropriate Azure service endpoint on your subnet before adding a service endpoint to an Azure resource. Explanation: In my scenario, this error was thrown because I did not automate or pre-stage a service endpoint on my subnet for “Microsoft.Storage” before…
AD Domain Extension fails in Azure with “userExists”
Problem: When deploying the “JsonADDomainExtension” on an Azure virtual machine, you receive the following error: “userExists” Solution: Either specify the correct OU for the existing object in AD or delete the object from AD and redeploy. Explanation: When domain joining an Azure virtual machine using the “JsonADDomainExtension”, if the object has previously been added to…
“VMExtensionProvisioningTimeout” with Azure Custom Script Extension deployment
Problem: During an Azure deployment, you receive the following error with the Custom Script Extension: “Provisioning of VM extension CustomScriptExtension has timed out. Extension provisioning has taken too long to complete. The extension did not report a message. More information on troubleshooting is available at https://aka.ms/VMExtensionCSEWindowsTroubleshoot” Solution: Validate all the parameters for the script are…
Escaping quotes in an Azure Bicep string
Problem: In developing ARM templates using Bicep, there is a difference in the way you escape quotes for values that have spaces. For instance, when specifying a “commandToExecute” on a Custom Script Extension, often times you’ll need to pass in a value that has a space in it. Using string interpolation in Bicep, you pass…
Get-ADComputer error handling
Problem: When looking for a computer object in Active Directory, depending on how you call “Get-ADComputer” will determine if an error is thrown or not. Solution: To avoid the terminating error, use the “Filter” parameter to search for the computer object. Explanation: I was creating a test case to make one of my scripts idempotent…
Something went wrong. Please refresh the page and/or try again.
Follow My Blog
Get new content delivered directly to your inbox.
Jason Masten 