Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,878 questions
Getting error Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.
Sneha Salunke
1
Reputation point
HI,
I was resolving the "Windows web servers should be configured to use Secure communication protocols".
I have resolved this by enabling the protocols in registry settings. But the compliance status is not reflecting in the Azure policy services.
When I checked the GClog (Guest Configuration log files) I see the below error.
Failed to get the base agent service url with message:- Failed to get the msi_information from meta_data url : http://169.254.xxx.xxx/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.core.windows.net%2F. Status Code '400'. Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.. Retrying with old agent service endpoint. endpoint: https://agentserviceapi.azure-automation.net</GCLOG>
<GCLOG>[2021-03-04 05:46:38.785] [PID 12908] [TID 9164] [TELEMETRY Pull Client] [ERROR] [164bb63f-59b7-4628-b28b-c3b5e0973ee9] Failed to update assignments Error : Failed to get the msi_information from meta_data url : http://169.254.xxx.xxx/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.core.windows.net%2F. Status Code '400'. Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.</GCLOG>
<GCLOG>[2021-03-04 05:46:38.785] [PID 12908] [TID 9164] [TELEMETRY Timer Manager] [ERROR] [164bb63f-59b7-4628-b28b-c3b5e0973ee9] Failed to Run Pull Refresh for 'dsc_refresh_timer' Error : Failed to get the msi_information from meta_data url : http://169.254.xxx.xxx/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.core.windows.net%2F. Status Code '400'. Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.</GCLOG>
<GCLOG>[2021-03-04 05:47:38.276] [PID 12908] [TID 10236] [TELEMETRY Timer Manager] [INFO] [c5cc9d69-6b79-485e-b317-d45b0d7c27bd] Run gc check_worker_process timer Worker_Status</GCLOG>
I have Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity
Please help me resolve this error.
Thank you
{count} votes
-
JamesTran-MSFT 29,721 Reputation points Microsoft Employee2021-03-10T17:26:43.983+00:00 @Sneha Salunke
Thank you for your post and I apologize for the delayed response!- For the "Windows web servers...", you resolved it by enabling protocols in the registry settings. Was your environment working prior to enabling those protocols?
- Can you "disable" those protocols to see if you're still receiving the 400 error - "invalid_request","error_description":"Identity not found"?
- What protocol was it that you disabled? And was this on an Azure VM?
- Where were you seeing the "Windows web servers... Secure communication protocols" message?
Any additional details would be greatly appreciated!
If you have any other questions or would like to work with our support team to resolve this issue, please let me know.
Thank you for your time and patience throughout this issue. -
JamesTran-MSFT 29,721 Reputation points Microsoft Employee
2021-03-11T17:49:58.617+00:00 @Sneha Salunke
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue? -
Michael Greene 21 Reputation points Microsoft Employee
2021-08-23T16:09:01.417+00:00 @Sneha Salunke just following up to make sure the error has been resolved. Thank you!
Sign in to comment