Fails to onboard Azure Stack Nodes

jpcapone 1,376 Reputation points

I am attempting to install Azure Stack HCI onto a Hyper V host following the steps provided by the official Microsoft documentation and a youtube video depicting a 23H2 deployment. When I get to the portion that registers the nodes with Azure I get the following results when i run this command:

$ARMtoken = (Get-AzAccessToken).Token

Get-AzAccessToken : Authentication failed against tenant XXXXXXXXXXXXXXXXXXXXXXXXXXX. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). If you need to access

subscriptions in that tenant, please rerun 'Connect-AzAccount' with additional parameter '-TenantId 703b43b4-97e4-4bca-9b08-0bc2d8b22e09'.

At line:1 char:14

+ $ARMtoken = (Get-AzAccessToken).Token

+ ~~~~~~~~~~~~~~~~~

+ CategoryInfo : CloseError: (:) [Get-AzAccessToken], AzPSAuthenticationFailedException

+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.GetAzureRmAccessTokenCommand

I didn't have this issue when I performed this process a day or so ago. And I did what the error indicates and reran the cmdlet but I got the same results. Any suggestions?

Azure Stack HCI
Azure Stack HCI
A hyperconverged infrastructure operating system delivered as an Azure service that provides security, performance, and feature updates.
295 questions
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
363 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Prrudram-MSFT 22,936 Reputation points

    Hello @jpcapone

    It seems you’re encountering an authentication issue while registering your Azure Stack HCI nodes. Let’s troubleshoot this together!

    Here are some steps you can take to resolve this issue:

    1. Check Multi-Factor Authentication (MFA):
    • The error message suggests that user interaction might be required due to multi-factor authentication (MFA) settings. Ensure that MFA is configured correctly for the account you’re using to register the nodes.
    • You can try running the following command with the -TenantId parameter to specify the tenant ID explicitly:
           Connect-AzAccount -TenantId 70xx43b4-xxxx-4bca-xxxx-0bc2xxxx2e09 
    1. Collect Registration Logs:
    • To troubleshoot further, collect PowerShell registration logs. When you run the Register-AzStackHCI and Unregister-AzStackHCI cmdlets, log files named RegisterHCI_{yyyymmdd-hhss}.log and UnregisterHCI_{yyyymmdd-hhss}.log are created.
    • You can set the log directory for these files using the -LogsDirectory parameter in the Register-AzStackHCI cmdlet. By default, these files are created in C:\ProgramData\AzureStackHCI\Registration.
    1. Check Internet Connectivity: During registration, each server in the cluster must be up and running with outbound internet connectivity to Azure.

    Review Known Issues:

    • Sometimes, issues related to registration can be specific to the version of Azure Stack HCI. Make sure you’re following the correct troubleshooting steps for your version.
    • For older versions (such as 22H2), refer to the official documentation.
    • If you’re using the latest version (23H2), consider checking for any updates or known issues specific to that release.

    Remember that Azure Stack HCI registration involves communication between your on-premises servers and Azure services, so ensuring proper connectivity and authentication is crucial. If you continue to face issues, consider reaching out to Microsoft support for further assistance.
    Good luck with your deployment!

    If I have answered your query, please click "Accept as answer" as a token of appreciation

    0 comments No comments

  2. Jean Luc Vaulay 1 Reputation point

    After the AZ.Account module upgrade I could not register any Azure Stack Node.

    This command solves this issue.

    Update-AzConfig -CheckForUpgrade $false -DisplayBreakingChangeWarning $false -DisplayRegionIdentified $false -DisplaySecretsWarning $false -DisplaySurveyMessage $false -EnableDataCollection $false -EnableLoginByWam $false -LoginExperienceV2 "Off" -Scope CurrentUser -WarningAction SilentlyContinue | Out-Null
    0 comments No comments