azure azure-service-fabric azure-resource-manager rdp windowsdomainaccount

Cannot RDP to an instance of virtual machine scale set of a Service Fabric cluster in Azure

I have created a Service Fabric cluster by using the well-known azure-quickstart-templates/service-fabric-secure-cluster-5-node-1-nodetype template.

During the deployment I have specified the adminUsername and adminPassword strings as the ARM template parameters. I have just used 2 long strings of random characters and written them down for later.

The deployment has succeeded and I can for example open the SF cluster explorer webpage with the famous green circles.

When I try to connect to one of the nodes of the VMSS though, in order to check my SF application logs, the RDP connection is being refused:

I use the Loader public IP address for the RDP connection and have verified that there is an LB rule for that:

When I enter the adminUsername and adminPassword strings I had specified during the ARM template deployment, the RDP connection prepends the domain of my corporate notebook.

So I have tried prepending the LB public ip address followed by a backslash in front of the adminUsername, but that does not work either.

Also I have tried .\adminUsername (takes my corporates notebook's domain which is wrong) and \adminUsername and nt1vm_1\adminUsername (still does not connect):

How can I please RDP-connect to the VMSS instances of my SF cluster?

I have also created the Github issue #7684 for my problem.

UPDATE:

Cannot connect with Microsoft Remote Desktop for mac OS either:

UPDATE 2:

Apologies for oversimplifying my problem description -

I have actually not written the RDP credentials to paper, but generated and saved them in a Key Vault, then outputted them as the pipeline variables (I know, not so secure...) and passed them to the SF template:

So this is not the issue of me writing down wrong credentials. And this YAML file is used by 5 pipelines, to fill 5 different RGs (with CosmosDb, Key Vault, SF) - all having the above RDP connection problem.

UPDATE 3:

Because I have 3 nodes in the SF cluster, I have tried using nt1vm_0\username, nt1vm_1\username, nt1vm_2\username and even nt1vm\username as username at the RDP dialog, but alas that does not work:

Solution

Try doing a password reset on the scaleset to see if the credentials may have been changed somehow.

Login-AzAccount
Get-AzSubscription
Set-AzContext -SubscriptionId 'yourSubscriptionID'

$nodeTypeName = 'nt1vm'
$resourceGroup = 'sfclustertutorialgroup'
$publicConfig = @{'UserName' = 'newuser'}
$privateConfig = @{'Password' = 'PasSwo0rd$#!'}
$extName = 'VMAccessAgent'
$publisher = 'Microsoft.Compute'
$node = Get-AzVmss -ResourceGroupName $resourceGroup -VMScaleSetName $nodeTypeName
$node = Add-AzVmssExtension -VirtualMachineScaleSet $node -Name $extName -Publisher $publisher -Setting $publicConfig -ProtectedSetting $privateConfig -Type $extName -TypeHandlerVersion '2.0' -AutoUpgradeMinorVersion $true

Update-AzVmss -ResourceGroupName $resourceGroup -Name $nodeTypeName -VirtualMachineScaleSet $node