How can I configure Azure DevOps Server Environment agent as I keep getting VS30063 error?
I have an installation of Azure DevOps Server 2020.1.1 which is running on a EC2 windows virtual machine (Server 2019). I have been able to install an instance of the agent that is running as a build agent but when I try to install a copy of the agent as an Environment agent it is giving me VS30063: You are not authorized to access . I have a valid PAT that has been given full permissions. When I installed the build agent I had to give the url as https://[FQDN]/Sandbox where Sandbox is the name of my collection, however when installing an Environment agent it doesn't like this format of the url and insists on it being https://[FQDN]. I have configured IIS to only have the https binding and have allowed both Anonymous Authentication and Windows Authentication. The FQDN exists in DNS but is overwritten in the hosts file because of a network load balancer that the FQDN points to which sits in front of the server, this is because the NLB did not like traffic coming from the server and going back to itself.
Can someone please help me with what I need to do to allow access using the PAT token.
BTW the PAT was generated for a user that is an administrator as configured in the Azure DevOps console.
The command that I run in powershell is:
.\config.cmd --environment `
--agent ${Env:computername} `
--url "$(${Env:AZP_URL})" `
--auth PAT `
--token "$(Get-Content ${Env:AZP_TOKEN_FILE})" `
--work '_work' `
--sslskipcertvalidation `
--runasservice `
--environmentname ${Env:AZP_ENVIRONMENT_NAME} `
--collectionname ${Env:AZP_COLLECTION_NAME} `
--projectname ${Env:AZP_PROJECT_NAME} `
--addvirtualmachineresourcetags `
--virtualmachineresourcetags ${Env:AZP_ENVIRONMENT_TAGS}
I am trying to do this in a docker container but have also tried running the agent install directly on the server and get the same error there as well.
The problem is that by default the PAT organization level is set to current Collection level scope (in your scenario, it should be https://[FQDN]/Sandbox). But in the script to setup Environment agent, the URL is specified to the server level (https://[FQDN]).
So, in this case, you need to edit the PAT and change the organization level to āAll accessible organizationsā.
- Not able to migrate using nkdAgility, getting group name already exists in scope error
- Azure DevOps Pipeline Expression Evaluation
- Azure DevOps Pull Requests line colours
- Pull Requests: Referencing code in comment replies
- How can you create a board in Azure DevOps?
- TriggerBuild Could not queue the build because there were validation errors or warnings
- NuGet Package Including DACPAC SQLProj
- How to trigger pipeline only when there is a merge request completes in azure devops
- Deploying to azure agent virtual machine - yml question
- How to check if a field is locked in Azure DevOps with Power Automate?
- Unable to locate executable file: 'bash'. Please verify either the file path exists
- How to get project iterations through the Azure API
- Download and publish artifact only if exist in azure pipeline
- Azure DevOps yaml pipeline: configure Azure Artifacts "package" resource
- Unable to Authenticate to DevOps API with Angual MSAL
- GitVersion doesn't cause error in Azure Devops Pipeline
- Azure Pipelines Trying to Find Correct Environment Value repository checkout
- How to login via Service Principal having Federated Credentials rather than Client Secrets
- Can I have two Libraries within one Azure Repo and install them using requirements.txt
- Send arguments/params to pytest via command without conftest.py
- Writing a secret from AzureKeyVault in a Azure DevOps Pipeline to a file with powershell
- Azure ML: Unable to find workspace
- The app build failed to produce artifact folder Angular Azure Static Web App Deployment Issue
- How do I modify a file in a repository from an azure pipeline YAML, after a PR?
- How do I get MSSQL service container working in Azure DevOps pipeline?
- How to manually publish a file to Azure Artifacts?
- "Build after the previous execution has succeeded" in Azure Devops
- Azure Pipelines, Using Bash Output Variables in conditions on jobs is not working correctly
- Azure pipelin: how to publish ASP.NET MVC app in normal file structure
- Azure Devops - Clean Destination Directory Before Deployment