Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,686 questions
Virtual machine agent installation powershell issue
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 66%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHT%3C/text%3E%3C/svg%3E)
Handinata Tanudjaja
190
Reputation points
Hi everyone,
I captured a specialized image from an existing VM that runs normally.
By design, the existing VM only has private IP and it's RDP accessible due to VPN gateway.
So when I created the new VM with the specialized image, it also has private IP only and it should only be accessible via RDP.
However, I am not able to RDP to it because I have this error message in the new VM: "virtual machine agent status is not ready."
I think I read somewhere that VM that created from specialized image doesn't have virtual machine agent installed by default.
I have tried the powershell command from documentation but it doesn't work:
$vm = Get-AzVM -Name <VM Name> -ResourceGroupName <Resource Group Name> $vm.OSProfile.AllowExtensionOperations = $true
$vm | Update-AzVM
I even tried redeploy, reapply, restart, stop and start as well after the powershell command has finished executing.
Anyone knows what I did wrong?
Thank you
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 53%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPY%3C/text%3E%3C/svg%3E)
Pramidha Yathipathi 320 Reputation points Microsoft External Staff2025-04-08T03:44:20.41+00:00 Can you Confirm whether the VM Agent Exists in Source VM (Before Capturing).Because if the original VM did not have the Azure VM agent installed or was corrupted, the new VM created from the specialized image will not have it either, and it cannot be installed post-creation unless you generalize and use a custom script (which defeats the idea of a specialized image).
Please let us know the information so that we can help you further
Thank You.
-
Handinata Tanudjaja 190 Reputation points
2025-04-08T15:10:21.45+00:00 Hi @Pramidha Yathipathi ,
Yes the original VM does have Azure VM agent installed.
This is the info from the original VM:- Agent Status: Ready
- Agent Version: 2.7.41491.1149
Thank you
-
Pramidha Yathipathi 320 Reputation points Microsoft External Staff
2025-04-09T06:59:34.6533333+00:00 After capturing the specialised image from the existing VM.
i am also getting the "Agent status as not ready".
After Stop,Start and Restarting the VM able to see the "Agent status as ready" and it is running state.
If still the VM agent status shows as not ready try to recreate an image.
If the comment was helpful, please don't forget to click "Upvote".
If the issue still persist feel free to reach out us.
Thank You.
-
Handinata Tanudjaja 190 Reputation points
2025-04-09T17:23:45.22+00:00 Hi @Pramidha Yathipathi ,
I might found a clue why the RDP is not working but I still don't know how to solve it.
This existing VM that I captured has its OS disk encrypted (Azure Disk Encryption).
Whenever I captured a specialized image from this VM and create a VM from it, virtual machine agent will not be installed.But if I do capture a specialized image from a VM that doesn't have OS disk encrypted, I can do RDP to it without any issue to the VM created from this image.
So maybe the correct questions are:
- How do I properly create a specialized image from a VM that has OS disk encrypted?
- How do I properly create a VM from that specialized image then?
Thank you
-
Handinata Tanudjaja 190 Reputation points
2025-04-10T21:56:03.84+00:00 Anyone has any idea for the solutions on the two questions above?
Thank you
-
Pramidha Yathipathi 320 Reputation points Microsoft External Staff
2025-04-11T05:47:22.1933333+00:00 Hi Handinata Tanudjaja ,
First, shut down the VM
Navigate to Azure Portal, find the virtual machine you want to create an image from, and stop it. Make sure it reaches the “Stopped (deallocated)” state — this is important before you can capture the image.
- Double-check that the OS disk isn’t being used
Once the VM is fully deallocated, the OS disk detaches from any running state, so your good to go.
- Capture the image
• Go back to the VM overview page in the portal
• Click “Capture” from the top menu
• Give your image a clear name so it’s easy to identify later
• You’ll see a checkbox that says “Automatically delete this VM after image creation.” Uncheck it if you plan to reuse or restart the VM later
• Choose the right resource group and region where you want the image to be stored
• Click “Review + create,” then click “Create”.
- Ensure encryption settings are properly configured.
If your VM’s OS disk is encrypted using Azure Disk Encryption (ADE) with a Key Vault, those settings will carry over to the image. Just make sure the Key Vault and its permissions are still in place and accessible. If a Disk Encryption Set (DES) was used, make note of it for future reference.
- Verify your new image
Once it’s created, go to the “Images” section in the Azure Portal. Your new image should appear there with the type listed as “Specialized.”
How do I properly create a VM from that specialized image then?
- Create a VM from a specialized image by accessing your images in the Azure Portal.
- Navigate to the Images section and click on the specialized image you created earlier. Start the VM creation process
- Once inside the image page, click “Create VM.”
Fill in the VM details
Pick a name and region
Choose the VM size that fits your workload
Set up the admin username and password (if your image doesn’t already have them preconfigured)
- Set up networking attach the VM to a virtual network that allows you to connect — either through public IP with RDP enabled or using a private IP with VPN/Bastion access
- Create the VM
Click “Review + create,” and then click “Create.” Azure will provision a VM using the specialized image you selected.
Note: Since this is a specialized image, it’s a snapshot of the exact state your VM was in — including installed apps, settings, and (if not changed) credentials. This is different from a generalized image which resets everything.
Please refer the document:
https://learn.microsoft.com/en-us/azure/virtual-machines/image-version-encryption?tabs=portal
If the comment was helpful, please don't forget to click "Upvote".
Thank You.
-
Handinata Tanudjaja 190 Reputation points
2025-04-12T02:19:00.0466667+00:00 Hi @Pramidha Yathipathi ,
I followed your steps but still noticed that virtual machine agent didn't get installed.
And I noticed that the created VM has the OS disk unencrypted.
When I tried to encrypt it with the same keyVault from the original VM, it failed.Also I couldn't RDP to it, as expected.
-
Pramidha Yathipathi 320 Reputation points Microsoft External Staff
2025-04-14T04:05:07.72+00:00 Hi Handinata Tanudjaja ,
Can you please share what exact error your getting when tried. So that i can assist you further.
Thank You.
Sign in to comment
Sign in to answer