locked
Service Management Portal / Azure Pack: Can't connect to VM Console RRS feed

  • Question

  • Hello, I've got a strange problem with the new 2012 R2 Azure Pack & Service Provider Foundation for SC VMM 2012 R2. On the Service Management Portal, I can create Plans, Users and Abonnements without problem and I also can access the Tenant-Portal with the Users I created. There I can create, Start/Stop and delete VMs, but there is one thing I can't do: Connect to the machines via Console or RDP. No matter from which Server/Client, or with which Browser and security settings, its not working.

    While using Internet Explorer, after clicking on connect simply nothing happens. When I use Firefox or Chrome, following Errormessage is displayed: "Error downloading the Remote Desktop File for the virtual Computer: [Name]" (crudely translated from german).

    This happens with Linux and Windows VMs.

    On the Azure Pack Server, the following message is logged every time I try to connect:

    Resource provider unexpected exception for request with verb 'GET', operation name 'Outgoing tenant proxy call', request URI 'https://r2-sc2:8090/SC2012R2/VMM/fe8fd994-4377-46d1-a0f3-414ecb4fbbe7/Microsoft.Management.Odata.svc/VirtualMachines(ID=guid'2255635b-f336-4d48-9e84-d726bc50b19a',StampId=guid'd97edce9-d910-4de9-b84c-a62a2271076b')/VMConnection',  version '', client request Id '', server request Id 'f6222642dfd446278922a22dd7ab9ccb.2013-07-24T15:02:19.9992631Z', status code 'InternalServerError', reason 'Internal Server Error', body '<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code /><m:message xml:lang="de-DE">An error occurred while processing this request.</m:message><m:innererror><m:message>Invoking method GetReadStream of type Microsoft.SystemCenter.Foundation.Psws.Spf.SpfOperationManager failed. Cause of the problem: Die globalen VmConnect-Einstellungen wurden nicht festgelegt. Fehlende Einstellung: CertificateThumbprint</m:message><m:type>Microsoft.Management.Odata.CustomModuleInvocationFailedException</m:type><m:stacktrace>   bei Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeMethod(IInvoker invoker, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException)&#xD;
       bei Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeOperationManagerFunction[T](Func`1 func, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException, T defaultResultForNotImplementedException)&#xD;
       bei Microsoft.Management.Odata.Core.OperationManagerAdapter.GetReadStream(DSResource resource, ResourceProperty streamProperty)&#xD;
       bei System.Data.Services.Providers.DataServiceStreamProviderWrapper.&lt;&gt;c__DisplayClass4.&lt;GetReadStream&gt;b__1()&#xD;
       bei System.Data.Services.Providers.DataServiceStreamProviderWrapper.InvokeApiCallAndValidateHeaders[T](String methodName, Func`1 apiCall, DataServiceOperationContext operationContext)&#xD;
       bei System.Data.Services.Providers.DataServiceStreamProviderWrapper.GetReadStream(Object entity, ResourceProperty streamProperty, DataServiceOperationContext operationContext)&#xD;
       bei System.Data.Services.ResponseBodyWriter..ctor(IDataService service, QueryResultInfo queryResults, RequestDescription requestDescription, IODataResponseMessage actualResponseMessageWhoseHeadersMayBeOverridden)&#xD;
       bei System.Data.Services.DataService`1.CreateResponseBodyWriter(RequestDescription requestDescription, IDataService service, QueryResultInfo queryResults, IODataResponseMessage responseMessage)&#xD;
       bei System.Data.Services.DataService`1.WriteSingleElementResponse(RequestDescription description, QueryResultInfo queryResults, Int32 parentResourceIndex, String etagValue, IDataService dataService, IODataResponseMessage responseMessage)&#xD;
       bei System.Data.Services.DataService`1.CompareETagAndWriteResponse(RequestDescription description, IDataService dataService, IODataResponseMessage responseMessage)&#xD;
       bei System.Data.Services.DataService`1.SerializeResponseBody(RequestDescription description, IDataService dataService, IODataResponseMessage responseMessage)&#xD;
       bei System.Data.Services.DataService`1.HandleRequest()</m:stacktrace><m:internalexception><m:message>Die globalen VmConnect-Einstellungen wurden nicht festgelegt. Fehlende Einstellung: CertificateThumbprint</m:message><m:type>Microsoft.SystemCenter.Foundation.WebServiceOperationException</m:type><m:stacktrace>   bei Microsoft.SystemCenter.Foundation.RemoteDesktop.RdpFileGeneratorHelper.SignToken(String token, VmConnectGlobalSettings vmConnectGlobalSettings)&#xD;
       bei Microsoft.SystemCenter.Foundation.RemoteDesktop.RdpFileGeneratorHelper.GenerateRdpFile(ISpfOperationManagerContext context, PSObject virtualMachine)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.Spf.VmmVmRequestInvoker.&lt;&gt;c__DisplayClass2.&lt;GetReadStream&gt;b__1()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.&lt;&gt;c__DisplayClass2b.&lt;GetReadStream&gt;b__2a()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.&lt;&gt;c__DisplayClass2b.&lt;GetReadStream&gt;b__2a()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.&lt;&gt;c__DisplayClass2b.&lt;GetReadStream&gt;b__2a()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.Spf.HybridInvocationDecorator.&lt;&gt;c__DisplayClass3a.&lt;GetReadStream&gt;b__39()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.&lt;&gt;c__DisplayClass2b.&lt;GetReadStream&gt;b__2a()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.&lt;&gt;c__DisplayClass2b.&lt;GetReadStream&gt;b__2a()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.SystemCenter.Foundation.Psws.Spf.SpfOperationManager.&lt;&gt;c__DisplayClass1f.&lt;GetReadStream&gt;b__1e()&#xD;
       bei Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)&#xD;
       bei Microsoft.Management.Odata.Core.OperationManagerAdapter.&lt;&gt;c__DisplayClass18.&lt;GetReadStream&gt;b__14()&#xD;
       bei Microsoft.Management.Odata.Core.OperationManagerAdapter.FunctionInvoker`1.Invoke()&#xD;
       bei Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeMethod(IInvoker invoker, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException)</m:stacktrace></m:internalexception></m:innererror></m:error>'.

    Can someone please help me?

    Thursday, July 25, 2013 8:20 AM

All replies

  • Are you connecting to a Windows VM?
    When you click connect an RDP file is automatically downloaded.

    Do you see this RDP file? What IP is it connecting to?

    You must make sure the VM has an IP address and you must have a network path to that address.

    ~Best Regards
    Alex Allen C.

    Friday, July 26, 2013 7:11 PM
  • This happens regardless of the OS, with Linux and Windows VMs.

    No, no RDP-File is being downloaded. Like I said, in Internet Explorer just nothing happens after klicking on connect. Using other Browsers "Error downloading RDP file" gets displayed.

    The VMs have IP-Adresses and I can open a RDP connection from every Workstation where connecting via the SMP failed.

    I found another Error in the Azure Portal Log, perhaps this will help some more:

    Error:JsonException: Fehler beim Herunterladen der RDP-Datei vom Hoster.
    <Exception>
      <Type>JsonException</Type>
      <Message>Fehler beim Herunterladen der RDP-Datei vom Hoster.</Message>
      <StackTrace><![CDATA[
       bei Microsoft.WindowsAzure.Server.VM.TenantExtension.Controllers.VMController.<CreateRdpFileFromUri>d__12a.MoveNext()
    --- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
       bei System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       bei System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
       bei Microsoft.WindowsAzure.Server.VM.TenantExtension.Controllers.VMController.<GetRdpFileForConsoleConnect>d__11d.MoveNext()
    --- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
       bei System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       bei lambda_method(Closure , Task )
       bei System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult)
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass3f.<BeginInvokeAsynchronousActionMethod>b__3e(IAsyncResult asyncResult)
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass37.<>c__DisplayClass39.<BeginInvokeActionMethodWithFilters>b__33()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass37.<BeginInvokeActionMethodWithFilters>b__36(IAsyncResult asyncResult)
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass25.<>c__DisplayClass2a.<BeginInvokeAction>b__20()
       bei System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult)]]></StackTrace>
      <HttpContext>
        <User IsAuthenticated="true" Name="arne.weinmann@globalways.net" />
        <Request>
          <RawUrl>/VM/GetRdpFileForConsoleConnect?stampId=d97edce9-d910-4de9-b84c-a62a2271076b&amp;subscriptionId=fe8fd994-4377-46d1-a0f3-414ecb4fbbe7&amp;virtualMachineId=dd87773b-db81-458a-8deb-83883cad7571&amp;vmName=2012R2_Test</RawUrl>
          <UserHostAddress>[internal IP]</UserHostAddress>
          <Headers>
            <Header Key="Connection" Value="Keep-Alive" />
            <Header Key="Accept" Value="image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*" />
            <Header Key="Accept-Encoding" Value="gzip, deflate" />
            <Header Key="Accept-Language" Value="de-DE" />
            <Header Key="Host" Value="sc-az:30081" />
            <Header Key="Referer" Value="https://sc-az:30081/" />
            <Header Key="User-Agent" Value="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" />
            <Cookies>
              <Cookie Name="TenantSiteFedAuth" Secure="false" Expires="0001-01-01T00:00:00Z" Domain="" Path="/" Value="Überarbeitet (1400 Zeichen)" />
              <Cookie Name="__RequestVerificationToken_Tenant" Secure="false" Expires="0001-01-01T00:00:00Z" Domain="" Path="/" Value="Überarbeitet (128 Zeichen)" />
              <Cookie Name="__aux" Secure="false" Expires="0001-01-01T00:00:00Z" Domain="" Path="/" Value="Überarbeitet (152 Zeichen)" />
              <Cookie Name="MembershipSiteFedAuth" Secure="false" Expires="0001-01-01T00:00:00Z" Domain="" Path="/" Value="Überarbeitet (1688 Zeichen)" />
            </Cookies>
          </Headers>
        </Request>
      </HttpContext>
    </Exception>, operationName:VM.GetRdpFileForConsoleConnect, version:, accept language:de-DE, subscription Id:fe8fd994-4377-46d1-a0f3-414ecb4fbbe7, client request Id:, principal Id:arne.weinmann@globalways.net, page request Id:, server request id:
    The first line "Error:JsonException: Fehler beim Herunterladen der RDP-Datei vom Hoster." means "Error:JsonException: Error downloading RDP file from Host".


    • Edited by ArneWeinmann Monday, July 29, 2013 9:08 AM internal ip removed
    Monday, July 29, 2013 9:07 AM
  • Tenant portal  send a HTTP(S) request to SPF get the RDP file. This error means the HTTP request failed. So, it wrap it and returns JSON exception.

    Monday, August 5, 2013 2:48 AM
  • Hi,

    Could you solved this issue? I run into the same problem and I can't find the solution.

    Thanks.

    Tuesday, August 6, 2013 1:15 PM
  • No, no clue at all. I installed another Lab Environment in which I get other Errors. But at least its good to know that I'm not alone with this!

    @WZhao

    Yeah I understand that, too. But sadly, it doesen't help me solve this issue...


    Tuesday, August 6, 2013 2:46 PM
  • In the exception, there is a URI. Can you try that in IE?

    https://r2-sc2:8090/SC2012R2/VMM/fe8fd994-4377-46d1-a0f3-414ecb4fbbe7/Microsoft.Management.Odata.svc/VirtualMachines(ID=guid'2255635b-f336-4d48-9e84-d726bc50b19a',StampId=guid'd97edce9-d910-4de9-b84c-a62a2271076b')/VMConnection


    I tried to open the link in a browser. An authentication window was poped out. I tried to login but I can't. I tried every account (service accounts, domain admin accounts, etc) which I'm using in the deployment but neither worked for me.
    Friday, August 9, 2013 7:12 AM
  • Same for me, access denied no matter which account I was using...
    Friday, August 9, 2013 11:45 AM
  • so, we need to address this access denied issue, then WAP will work.

    Unfortunately, I am not a SC2012 guy.

    If you try the user name and password you used to register the SPF, did it work?

    Monday, August 19, 2013 6:49 AM
  • Hi I have created a private Cloud using 

    • Windows server 2012 R2 Preview
    • SCVMM 2012 R2 Preview
    • Azure Pack

    After login as a Tenant site  able to create VM'S Successfully , but if is click Connect Console 

    Getting the following error "Failed to download remote desktop file for virtual machine"

    Need help on resolving this issue.

    Tuesday, August 20, 2013 3:56 PM
  • Your link is this thread we are in.
    Monday, August 26, 2013 7:28 AM
  • so, we need to address this access denied issue, then WAP will work.

    Unfortunately, I am not a SC2012 guy.

    If you try the user name and password you used to register the SPF, did it work?

    I think the root cause (as stand in the error message) is certificate based.

    If I check the Application and Services Logs-->Microsoft-->WindowsAzure-->Server-TenantPortal-->Operaional log on the svcmgmtportal machine I find this error message:

    Error:Failed to download RDP file from plugin, request uri: 'https://svcmgmtportal:30005/e0e9e60d-71b1-42f5-9216-a275bd36b267/services/systemcenter/vmm/VirtualMachines(ID=guid'a3191832-b8d7-4bd2-90e2-141b5c180413',StampId=guid'46e9623f-c57a-4aeb-bec6-9ef1d7825378')/VMConnection'
    System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
       at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
       at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
       at Microsoft.WindowsAzure.Server.VM.TenantExtension.Controllers.VMController.<CreateRdpFileFromUri>d__12a.MoveNext(), operationName:VM.GetRdpFileForConsoleConnect, version:, accept language:en-US, subscription Id:e0e9e60d-71b1-42f5-9216-a275bd36b267,
     client request Id:, principal Id:elemie@mylab.demo, page request Id:, server request id:

    The error message said: (500) Internal Server Error, not 401 Unathorized. I think the authorization process using the Tenant account who is logged on the Tenant portal (in my case this is elemie@mylab.demo). This is not a domain account so because of this we can't use it to authorize directly when we click on the link.

    In the Application and Services Logs-->Microsoft-->WindowsAzure-->Server-Management-TenantApi-->Operational log there is an error message:

    Resource provider unexpected exception for request with verb 'GET', operation name 'Outgoing tenant proxy call', request URI 'https://scvmm.mylab.demo:8090/SC2012R2/VMM/e0e9e60d-71b1-42f5-9216-a275bd36b267/Microsoft.Management.Odata.svc/VirtualMachines(ID=guid'a3191832-b8d7-4bd2-90e2-141b5c180413',StampId=guid'46e9623f-c57a-4aeb-bec6-9ef1d7825378')/VMConnection', 
     version '', client request Id '', server request Id '8f3e82f03a324ad9bb4abc24fd5b766c.2013-08-26T09:01:07.4210188Z', status code 'InternalServerError', reason 'Internal Server Error', body '<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code
     /><m:message xml:lang="en-US">An error occurred while processing this request.</m:message><m:innererror><m:message>Invoking method GetReadStream of type Microsoft.SystemCenter.Foundation.Psws.Spf.SpfOperationManager failed. Cause
     of the problem: VmConnect global settings are not set. Missed setting = 'CertificateThumbprint'.</m:message><m:type>Microsoft.Management.Odata.CustomModuleInvocationFailedException</m:type><m:stacktrace>   at Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeMethod(IInvoker
     invoker, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException)&#xD;

    I think this is the key problem: "VmConnect global settings are not set. Missed setting = 'CertificateThumbprint'." Maybe one of the wizard failed to register somewhere a certificate but how can we debug it?


    • Edited by Zsolteey Monday, August 26, 2013 9:27 AM format
    Monday, August 26, 2013 9:25 AM
  • After Login into tenant site

    for the VM you will get 2 options in Connect

    1. Console
    2. Desktop

    Desktop option is working fine but when you try to select Console it is giving error.

    Thanks

    Pradeep

    Monday, August 26, 2013 9:29 AM
  • Today I reinstalled the SVCMGMTPORTAL machine (it hosts the Admin API, Admin Portal, Tenant API, Tenant Portal, etc) but the error is still the same.

    New OS, new databases, fresh install of the Azure components but still the same issue :(

    Monday, August 26, 2013 2:28 PM
  • follow this

    hyper-v.nu/archives/marcve/2013/01/


    Installing and configuring System Center Service Provider Foundation
    Monday, August 26, 2013 2:31 PM
  • follow this

    hyper-v.nu/archives/marcve/2013/01/


    Installing and configuring System Center Service Provider Foundation

    This article is about the Windows Azure for Windows Server, not the new Azure Pack. Btw the SPF is installed AppPool Identity is OK.

    Monday, August 26, 2013 3:25 PM
  • It's something to do with SPF, and if you run up the SPF management powershell and execute Get-SCSPFVmConnectGlobalSettings you'll see that the certificate thumbprint is indeed blank.  I believe you should be able to set it using Set-SCSPFVmConnectGlobalSettings but I don't know what thumbprint setting you should use.
    Thursday, August 29, 2013 9:06 AM
  • I tried this Set-SCSPFVmConnectGlobalSettings command. I choose a self signed cert which created on the SPF-SCVMM machine.

    Now I have another error message and the Connect to console still not working.

    When I click on the Connect-->Console on the Tenant portal I can see three new error entry in the ManagementOdataService log:

    Operation manager plugin method 'GetReadStream' for resource name 'VMM.VirtualMachine' failed with error messsage 'Invalid algorithm specified.
    '.

    Custom module operation invocation failed exception. 
    Module name: Microsoft.SystemCenter.Foundation.Psws.Spf.SpfOperationManager 
    Method Name: GetReadStream. Exception message: Exception
    Message = Invalid algorithm specified.
    
    Type = System.Security.Cryptography.CryptographicException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
    Source = mscorlib
    Stack Trace =    at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
       at System.Security.Cryptography.Utils.SignValue(SafeKeyHandle hKey, Int32 keyNumber, Int32 calgKey, Int32 calgHash, Byte[] hash, Int32 cbHash, ObjectHandleOnStack retSignature)
       at System.Security.Cryptography.Utils.SignValue(SafeKeyHandle hKey, Int32 keyNumber, Int32 calgKey, Int32 calgHash, Byte[] hash)
       at System.Security.Cryptography.RSACryptoServiceProvider.SignHash(Byte[] rgbHash, Int32 calgHash)
       at Microsoft.SystemCenter.Foundation.RemoteDesktop.RdpFileGeneratorHelper.SignToken(String token, VmConnectGlobalSettings vmConnectGlobalSettings)
       at Microsoft.SystemCenter.Foundation.RemoteDesktop.RdpFileGeneratorHelper.GenerateRdpFile(ISpfOperationManagerContext context, PSObject virtualMachine)
       at Microsoft.SystemCenter.Foundation.Psws.Spf.VmmVmRequestInvoker.<>c__DisplayClass2.<GetReadStream>b__1()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.<>c__DisplayClass2b.<GetReadStream>b__2a()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.<>c__DisplayClass2b.<GetReadStream>b__2a()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.<>c__DisplayClass2b.<GetReadStream>b__2a()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.Spf.HybridInvocationDecorator.<>c__DisplayClass3a.<GetReadStream>b__39()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.<>c__DisplayClass2b.<GetReadStream>b__2a()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.RequestInvokerDecorator.<>c__DisplayClass2b.<GetReadStream>b__2a()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.SystemCenter.Foundation.Psws.Spf.SpfOperationManager.<>c__DisplayClass1f.<GetReadStream>b__1e()
       at Microsoft.ManagementServices.Diagnostics.Activity.ActivityMonitorExtensions.TryCatchRethrow[TResult](IActivityMonitor monitor, Func`1 instrumentedAction)
       at Microsoft.Management.Odata.Core.OperationManagerAdapter.<>c__DisplayClass18.<GetReadStream>b__14()
       at Microsoft.Management.Odata.Core.OperationManagerAdapter.FunctionInvoker`1.Invoke()
       at Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeMethod(IInvoker invoker, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException)
    

    Web Service has got a callback from OData framework about an error. 
    Exception message = Invoking method GetReadStream of type Microsoft.SystemCenter.Foundation.Psws.Spf.SpfOperationManager failed. Cause of the problem: Invalid algorithm specified.
    
    Inner exception message = Invalid algorithm specified.
    
    Response status code = 500
    Response content type = application/xml;charset=utf-8
    Response written = false
    Use verbose error = true

    Any idea?

    Thursday, August 29, 2013 3:42 PM
  • I would guess that your self signed cert isn't using the correct signing algorithm?
    Thursday, August 29, 2013 10:05 PM
  • I would guess that your self signed cert isn't using the correct signing algorithm?

    I tried three type of cert with no luck:

    Signature algorithm: sha1RSA
    Signature hash algorithm: sha1
    Public key: RSA (2048 bits)

    Signature algorithm: md5RSA
    Signature hash algorithm: md5
    Public key: RSA (1024 bits)

    Signature algorithm: sha256RSA
    Signature hash algorithm: sha256
    Public key: RSA (2048 bits)

    First is a self-signed cert on the SPF machine, second and third are also self-signed on the SVCMGMTPORTAL machine. Neither of them worked. I got the same error message all time.

    Friday, August 30, 2013 7:01 AM
  • I have the same error : "VmConnect global settings are not set. Missed setting = 'CertificateThumbprint'.
    Tuesday, September 3, 2013 12:36 PM
  • I have the same Problem. After some goolge searches I came to the following TechEd Session: http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/MDC-B364#fbid=z7oJz2CZyqx?time=25m22s

    In the PowerPoint on slide 17 is the flow of the console connection. It shows that SC2012 R2 generates ans signs tokens. So maybe the certificate must be a signing certificate not a server/client certificate ?

    @MSFT: Can someone from Microsoft give us some advises to use this probelm ? Or is this feature simply not working in the preview?

    • Edited by J0F3MVP Wednesday, September 4, 2013 12:02 PM
    Wednesday, September 4, 2013 12:01 PM
  • Ok has anyone managed to get this feature to work? I just installed my fourth (and last) lab environment, everything works just fine except this!

    Do I need a valid, signed certificate?

    Friday, September 6, 2013 9:37 AM
  • Ok I spend my day at google and bing. I found this conversation on twitter: https://twitter.com/stufox/statuses/373377784212492288

    And since Stu Fox replied here, could you please give us a hint what the correct signing algorithm should be?

    Or perhaps someone can contact https://twitter.com/_marcvaneijk and ask him for help. Sadly I can't...

    I would guess that your self signed cert isn't using the correct signing algorithm?

    I tried three type of cert with no luck:

    Signature algorithm: sha1RSA
    Signature hash algorithm: sha1
    Public key: RSA (2048 bits)

    Signature algorithm: md5RSA
    Signature hash algorithm: md5
    Public key: RSA (1024 bits)

    Signature algorithm: sha256RSA
    Signature hash algorithm: sha256
    Public key: RSA (2048 bits)

    First is a self-signed cert on the SPF machine, second and third are also self-signed on the SVCMGMTPORTAL machine. Neither of them worked. I got the same error message all time.

    I installed a custom certificate and got exactly the same errors you get.  I also tried sha384 and sha512, still not working...
    Friday, September 6, 2013 12:01 PM
  • Hi Guys, console connect is working in the preview bits but as Stu already noticed it requires some configurations steps. I have access to these steps through the TAP, but I'm bound by an NDA. I'll ask the product team if they are willing to share these steps before the RTM.

    Regards, Marc

    Friday, September 6, 2013 1:35 PM
  • Thank you very much for replying! It would be great if this info could be made public, its very frustrating to have the "killer-feature" console connect not working.

    Have a nice weekend!

    Friday, September 6, 2013 2:07 PM
  • Hi MARC

    When can the Configuration steps will be released?


    Pradeep Neudesic Technologies

    Friday, September 6, 2013 2:07 PM
  • Thanks for the info Marc!

    It's great news that Microsoft knows about the problem and not we did something wrong at the installation process. I hope you can got the rights to share the information.

    Btw, you said RTM. Do you have any info about the release date of RTM?

    Friday, September 6, 2013 2:28 PM
  • Fellas, I spoke with some guys from the product team and they asked me to write a blog and allowed me to use the information. You can find the step-by-step instruction for configuring Console Connect for Windows Azure Pack here http://www.hyper-v.nu/archives/marcve/2013/09/windows-azure-pack-console-connect/

    Please note that the configuration of Console Connect will change in RTM, because the management of Console Connect on the Hyper-V hosts will move to VMM.

    But you should be able to configure it in the Preview bits. Hope this is helpful for you all.

    Kind regards,

    Marc van Eijk

    • Proposed as answer by J0F3MVP Tuesday, September 10, 2013 7:31 PM
    Tuesday, September 10, 2013 3:13 PM
  • It's looks easy :D:D

    Thanks for the guideline Marc!

    In the following days I completely rebuild our demo environment with R2 RTM and I try the Azure Pack again. I hope the connect to console would be okay.

    Tuesday, September 10, 2013 4:20 PM
  • Wow very nice! Thank you!

    You saved my POC Installation... ;-)

    Tuesday, September 10, 2013 7:31 PM
  • Marc

    My Lab setup is already up and running.

    i am able to connect using RDP file which will download to client machine, but not with console connect

    Do i need to go through all the steps mentioned in your blog ?

    Pradeep


    Pradeep Neudesic Technologies

    Wednesday, September 11, 2013 9:15 AM
  • Hi Pradeep,

    If you are testing from your internal environment where the clients has direct access to the hosts you do not need to configure the RD Gateway. All other steps should be performed. There is an additional change that I added to the blog a minute ago and it is:

    In a default configuration the SPF service account does not have access to the private key of the Console Connect certificate that is installed on the SPF server.

    After configuring all parts and the tenant uses Console Connect, the ManagementODataService log on the SPF server displays the following error. Operation manager plugin method 'GetReadStream' for resource name 'VMM.VirtualMachine' failed with error messsage 'Keyset does not exist'.

    Add the SPF domain service account to the local administrator group on the SPF server and a reboot the SPF Server.

    If you are still unable to connect after that, please take a look at the application and services logs > ManagementODataService on the SPF server and let me know what is logged.

    Kind regards,

    Marc van Eijk

    Wednesday, September 11, 2013 10:15 AM
  • Hello Marc,

    thank you very much for this guide! I've managed to get Remote Console Connect to work in my lab environment, but only if I'm not using the Remotedesktopgateway!

    After I set the Authorization-Plugin with you script, the Remotedesktop-Gateway Service won't start anymore!

    So following this:

    $g = Get-WmiObject -Namespace root\CIMV2\TerminalServices -Class Win32_TSGatewayServerSettings
    $g.SetAuthenticationPlugin(“FedAuthAuthenticationPlugin”)
    $g.SetAuthorizationPlugin(“FedAuthAuthorizationPlugin”)
    $g.RecycleRpcApplicationPools()

    I get this error if I want to start the service:

    Der Remotedesktop-Gatewaydienst konnte nicht initialisiert werden. Aufgetretener Fehler: 340. Überprüfen Sie, ob folgende Dienste installiert und gestartet wurden, um mögliche Ursachen des Problems zu diagnostizieren: (1) WWW-Publishingdienst (2), Internetauthentifizierungsdienst (IAS), (3) RPC/HTTP-Lastenausgleichsdienst. Überprüfen Sie zudem die Ereignisanzeige für den Netzwerkrichtlinienserver (NPS) und die IIS-Ereignisse, die unter Umständen Hinweise auf NPS- oder IIS-bezogene Probleme enthalten, und prüfen Sie auch, ob die IP-Adresse für HTTP- und UDP-Transport (Portpaar) verwendet wird.

    All required services are running. Prior to setting the authorization the gateway-service can be stopped and started just fine. Of course, without a working RD-Gateway, I'm unable to connect to a vm console from another domain.

    Can you help me once more?

    Wednesday, September 18, 2013 10:28 AM
  • I had exactly the same problem. I'm also very interested for a solution for this problem
    Wednesday, September 18, 2013 10:56 AM
  • Anyone? :(
    Friday, September 27, 2013 12:47 PM
  • Hi all,

    RTM bits are now available and the RTM version of the configuration process is also published:

    http://technet.microsoft.com/en-us/library/dn469415.aspx

    As you can see, in RTM we simplified the process for setting this up.

    Thanks

    Richard


    This posting is provided "AS IS" with no warranties, and confers no rights.

    Tuesday, October 29, 2013 12:52 AM
  • Hi all,

    RTM bits are now available and the RTM version of the configuration process is also published:

    http://technet.microsoft.com/en-us/library/dn469415.aspx

    As you can see, in RTM we simplified the process for setting this up.

    Thanks

    Richard


    This posting is provided "AS IS" with no warranties, and confers no rights.

    I have followed this guide to enable Remote Console. When a enant clicks on the Console menu option, we get a warning that the RDP cant be downloaded. Depending on the browser and json file with a failure is downloaded.

    What's unclear to me, what are the prerequisites for Remove Console?. Does the tenant VM be connected to the same network as the hyper-V management network? Or the VMM network? Or is the Console feature of hyperV used?

    Monday, October 19, 2015 2:16 PM