Error Message:
Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension 'domainZone-domainJoin'. Error message: \"Exception(s) occured while joining Domain 'domainZOne.zone'\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/vmextensionwindowstroubleshoot "
│
│ with azurerm_virtual_machine_extension.domainJoin[1],
│ on main.tf line 194, in resource "azurerm_virtual_machine_extension" "domainJoin":
│ 194: resource "azurerm_virtual_machine_extension" "domainJoin" {
Current Implementation for that:
resource "azurerm_virtual_machine_extension" "domainJoin" {
count = var.nb_instances #2 #module.winserv.nb_instances #"${var.domain_joined ? var.rdsh_count : 0}"
name = "datashieldzone-domainJoin"
# name = "${var.vm_hostname}-${count.index + 1}-domainJoin"
virtual_machine_id = module.winserv.vm_ids[count.index]
publisher = "Microsoft.Compute"
type = "JsonADDomainExtension"
type_handler_version = "1.3"
auto_upgrade_minor_version = true
depends_on = [
module.winserv,
]
#"/subscriptions/<subscription id>/resourceGroups/WIN10/providers/Microsoft.Compute/virtualMachines/win10addsman" #"${azurerm_virtual_machine.main.*.name[count.index]}"
lifecycle {
ignore_changes = [
settings,
protected_settings,
]
}
settings = <<SETTINGS
{
"Name": "${var.domain_name}",
"User": "${var.domain_adminuser}",
"OUPath": "${var.domain_ou}",
"Restart": "true",
"Options": "3"
}
SETTINGS
protected_settings = <<PROTECTED_SETTINGS
{
"Password": "${var.domain_password}"
}
PROTECTED_SETTINGS
}
I'm using the guides from Microsoft but it seems that I'm using the right extension. I'm doing this manually on my local machine and is giving me this issue. If I run this pipeline under Github Actions everything seems fine but I don't know why locally is giving me those error messages.
Does anyone have any insights on what this issue could be? Does anyone have any possible solutions?
Initially, I got the same error in my environment when we created the domain join extension to the virtual machine.
Error:
The above error states that the VM was unable to join the domain; thus, please check that the parameters domainToJoin, ouPath, existingDomainUPN, and existingDomainPassword
are supplied with the proper values.
I tried with the proper Domain Controller setup and used the same code.
main.tf
provider "azurerm" {
features {}
}
data "azurerm_resource_group" "example" {
name = "resource-grp"
}
data "azurerm_virtual_machine" "example"{
name = "vm-name"
resource_group_name = data.azurerm_resource_group.example.name
}
resource "azurerm_virtual_machine_extension" "domainJoin" {
name = "datashieldzone-domainJoin"
# name = "${var.vm_hostname}-${count.index + 1}-domainJoin"
virtual_machine_id = data.azurerm_virtual_machine.example.id
publisher = "Microsoft.Compute"
type = "JsonADDomainExtension"
type_handler_version = "1.3"
auto_upgrade_minor_version = true
lifecycle {
ignore_changes = [
settings,
protected_settings,
]
}
settings = <<SETTINGS
{
"Name": "<domainname>.com",
"User": "<domainname>\\<username>",
"OUpath":"",
"Restart": "true",
"Options": "3"
}
SETTINGS
protected_settings = <<PROTECTED_SETTINGS
{
"Password": "<Password>"
}
PROTECTED_SETTINGS
depends_on = [data.azurerm_virtual_machine.example]
}
Output:
Portal:
VM: