Connection of StorageExplorer to AzureStack still not working

Question

I am now using the current Azure Dev Pack (18.03). When following the tutorial for connection there is now the following error when trying to connect:

The problem is, that the tutorial is only mentioning the following dialog for connecting a storage: where the ARM endpoint has to be set to "https://adminmanagement.local.azurestack.external".

But after this dialog another dialog is shown which is not mentioned in the documenation at all: Here it is not clear what is meant by the "Sign in ressource id" or the "ARM resource id".

I found something, which might be at least the "ARM resource id":

So finally: What to insert for "Sign in resource id" and "ARM resource id"?

EDIT: So after the answers below I requested these IDs manually:

But I still don't know exactly how to insert it. Doing it the following way: still ends up in another error message:

EDIT 2: So what I corrected was, that I again checked to use a base64 encoded Certificate. Further it appeared to be an issue that in above screenshot I had ARM Endpoint for "adminmanagement..." and the resource ids I requested were for "management...". So I altered the Rest call for the ID to (Invoke-RestMethod -Uri https://adminmanagement.local.azurestack.external/metadata/endpoints?api-version=1.0).authentication.audiences[0]. IT appears to be an improvement, because it ends up in a brand new error message: Additional hint: If I now use a nonesense login not available at the stack, I get the Unable to sign in: access_denied: AADSTS65005: Invalid resource error message in the popup at the top border of the Azure explorer.

Could you only enter the ID after the / , starting with the 86..... ? Let me know if this works and I'll edit my answer as well — Adam Smith - Microsoft Azure, Apr 17 '18 at 15:25
It is not working. If I do so it sais: `Unable to sign in: invalid_resource: AADSTS50001: The application named 86ec1c36-b31c-419a-a575-2XXXXXXbedd1df was not found in the tenant named rXXXXXst.onmicrosoft.com. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant. Trace ID: 10c59e10-7aXXX-467b-XXXb-b5c23f394e00 Correlation ID: 7cfbXXXX-6bf0-4e7f-a2ed-54efc296fc66` — BaluJr., Apr 18 '18 at 13:09
Could you reimport the cert using the format in the screenshot and retry again? — Adam Smith - Microsoft Azure, Apr 18 '18 at 13:13

Adam Smith - Microsoft Azure · Answer 1 · 2018-04-17T15:32:44.543

1

From an internal program manager, This seems to be caused by some known regression issue in Storage Explorer 0.9.6 version that Sign in resource id and ARM resource id aren’t fetched properly during sign-in.

As a workaround, user can execute the sample cmdlet for ASDK below and then input the returned value for these two resource ids.

For multi-node integrated system, the Azure Stack endpoint needs to be changed according to the environment configuration.

PowerShell:

Invoke-RestMethod -Uri (https://management.local.azurestack.external/metadata/endpoints?api-version=1.0 -Method Get).authentication.audiences[0]

There is also a new release of Storage Explorer to fix this bug soon.

Second Fix:

This issue could also happen when the incorrect certificate type is exported. The certificate must be exported in Base-64 x.509 format:

edited Apr 17 '18 at 15:32

answered Apr 16 '18 at 15:17

Adam Smith - Microsoft Azure

2,495
2
12
24

Unfortunately I get an error message when executing the above line: `Invoke-RestMethod : Cannot bind parameter 'Method'. Cannot convert value "Get.authentication.audiences[0]" to type "Microsoft.PowerShell.Commands.WebRequestMethod". Error: "Unable to match the identifier name Get.authentication.audiences[0] to a valid enumerator name. Specify one of the following enumerator names and try again: Default, Get, Head, Post, Put, Delete, Trace, Options, Merge, Patch" At line:1 char:112 ...` – BaluJr. Apr 16 '18 at 16:06
1

`...+ ... ata/endpoints?api-version=1.0 -Method Get.authentication.audiences[0] + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [Invoke-RestMethod], ParameterBindingException + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.PowerShell.Commands.InvokeRestMethodCommand` – BaluJr. Apr 16 '18 at 16:06
I escalated the case to the internal team. I will get back to you as soon as I get an update on the command. – Adam Smith - Microsoft Azure Apr 16 '18 at 16:11
Thanks a lot. Also from our MS Partner. Or did I miss to install the correct version of "ASDK"? How to check which one is installed? – BaluJr. Apr 16 '18 at 16:13
1

Could you send me your subscription ID, link to this thread, and include attn Adam in the subject to AzCommunity[AT]microsoft.com ? I'll enable a free support ticket to quickly escalate it. – Adam Smith - Microsoft Azure Apr 16 '18 at 16:37

score 0 · Answer 2 · answered Apr 16 '18 at 23:09

0

Try entering the invoke command like this:

(Invoke-RestMethod -Uri https://Adminmanagement.3171r06a.azcatcpec.com/metadata/endpoints?api-version=1.0).authentication.audiences[0]

or

(Invoke-RestMethod -Uri https://Adminmanagement.3171r06a.azcatcpec.com/metadata/endpoints?api-version=1.0).authentication

Returned results for me. Replace you region and dns with what you have deployed.

answered Apr 16 '18 at 23:09

Tolli Lowell-Forker

1

Thanks a lot. Works for me. Please see updated question. – BaluJr. Apr 17 '18 at 05:53
Turns out my issue was that I hadn't exported my cert as base64 format to import into Storage Explorer (had done DER instead). Once I exported/imported the correct cert format it just worked with no other prompts. – Tolli Lowell-Forker Apr 18 '18 at 06:32

score 0 · Accepted Answer · answered Apr 26 '18 at 06:48

0

The problems have been solved together with Azure Storage Explorer v1.0.

answered Apr 26 '18 at 06:48

BaluJr.

1,010
2
11
25

Connection of StorageExplorer to AzureStack still not working

3 Answers3

Linked