Getting error Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.

Sneha Salunke 1 Reputation point
2021-03-05T05:25:18.983+00:00

HI,

I was resolving the "Windows web servers should be configured to use Secure communication protocols".
I have resolved this by enabling the protocols in registry settings. But the compliance status is not reflecting in the Azure policy services.

When I checked the GClog (Guest Configuration log files) I see the below error.

Failed to get the base agent service url with message:- Failed to get the msi_information from meta_data url : http://169.254.xxx.xxx/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.core.windows.net%2F. Status Code '400'. Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.. Retrying with old agent service endpoint. endpoint: https://agentserviceapi.azure-automation.net</GCLOG>
<GCLOG>[2021-03-04 05:46:38.785] [PID 12908] [TID 9164] [TELEMETRY Pull Client] [ERROR] [164bb63f-59b7-4628-b28b-c3b5e0973ee9] Failed to update assignments Error : Failed to get the msi_information from meta_data url : http://169.254.xxx.xxx/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.core.windows.net%2F. Status Code '400'. Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.</GCLOG>
<GCLOG>[2021-03-04 05:46:38.785] [PID 12908] [TID 9164] [TELEMETRY Timer Manager] [ERROR] [164bb63f-59b7-4628-b28b-c3b5e0973ee9] Failed to Run Pull Refresh for 'dsc_refresh_timer' Error : Failed to get the msi_information from meta_data url : http://169.254.xxx.xxx/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.core.windows.net%2F. Status Code '400'. Error Message '{"error":"invalid_request","error_description":"Identity not found"}'.</GCLOG>
<GCLOG>[2021-03-04 05:47:38.276] [PID 12908] [TID 10236] [TELEMETRY Timer Manager] [INFO] [c5cc9d69-6b79-485e-b317-d45b0d7c27bd] Run gc check_worker_process timer Worker_Status</GCLOG>

I have Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity

Please help me resolve this error.

Thank you

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,557 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
830 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,612 questions
{count} votes