![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 43%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,113 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Thank you for posting this question here and I am sorry for the inconvenience you are facing. Please check the following and follow the steps mentioned below to troubleshoot/resolve this issue. As the type of runbook worker was not mentioned (whether Extension based OR agent based), the steps below are listed for both types.
1. In Azure Portal --> Azure Automation Account --> select "Hybrid worker groups"
2. Select the specific runbook worker group --> "Hybrid worker". Here, verify the "last seen time". Ensure that this is recent, which would give an idea whether the runbook worker is reporting back to Azure Automation Account or not
3. I could not understand the statement "i renewed recently the automation account self-signed certificate but didn't import it on my VM" - Certificates are generally not required to run runbook on a Hybrid runbook worker. Please check if simple runbook like the one below also fails on Hybrid runbook worker.
write-output "Hello World!"
Self-signed certificates are generally used in Azure Automation Hybrid Runbook Worker, when you have configured Hybrid Runbook Worker to run only signed runbooks. In this case, all the runbooks that can be run on the worker needs to be signed with the certificate. You can see this link for more details about it.
4. If your question is related to "RunAs Account certificate" (as available under "Azure Automation Account" --> "Run as Account"), you can use the steps mentioned in this article to install certificate on Hybrid runbook worker. This exports the runas certificate from Automation Account and imports it in Hybrid Worker. This script is to be run as "Azure Automation Runbook" from "Azure Automation Account".
You can also use the steps as mentioned in the article below, to export certificate to a storage account and download it locally on your machine.
https://learn.microsoft.com/en-us/answers/questions/126252/azure-automation-account-certificate.html
Please note that support for Azure Automation Run As Account will retire on September 30, 2023 and will be replaced with Managed Identities. Before that date, you'll need to start migrating your runbooks to use managed identities. For more information, see migrating from an existing Run As accounts to managed identity to start migrating the runbooks from Run As account to managed identities before 30 September 2023.
---
If the runbook worker has not reported to the Automation Account for a while (as verified in step 2. above), you can follow the steps linked below to reinstall Hybrid worker service on the worker VM.
1. If the Type of hybrid runbook worker is "Extension based", you can remove the server from the "Hybrid worker group" and add it again. That should help register the VM again as a hybrid worker. You can also check "Microsoft-SMA" logs on the VM for any errors related to hybrid worker service.
2. If the Type of hybrid runbook worker is "Agent based", follow these steps to remove the hybrid runbook worker AND these steps to add it back. You can also check "Microsoft-SMA" logs on the VM for any errors related to hybrid worker service.
---
If the steps above does not help, please help answer the following questions:-
1. Can you please elaborate the statement "i renewed recently the automation account self-signed certificate but didn't import it on my VM" - please share additional context like
a>>. How did you renew this certificate? Are you talking about "Certificates" as available under "Shared resources" in Azure Automation Account as shown below? If yes, these are not related to Hybrid worker runbooks.
b>>. Also, please share details of Hybrid Worker - is it Agent based OR Extension based (Note that - using Extension based (V2) is the recommended platform for Hybrid runbook worker)
c>>. Please ensure that the "Hybrid runbook woroker" service is running on the worker VM. And check the logs under "Microsoft-SMA" in eventviewer of worker VM for any errors.
Please let me know if you have any questions.
---
Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.