![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 93%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.
269 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 57.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hello Dhruv-5639 ,
I am not sure how you have hosted the application which you are trying to orchestrate and manage using Service fabric. As far as I know , if you have application hosted on Azure (*Not on Azure Virtual Machines. Azure VM *) you will be required to use the azure AD authentication . you cannot use windows authentication with the same. If you do not have admin access to azure AD then you may need to contact a global admin as the script goes through admin consent for the whole tenant which only global admin can provide. hence the script needs to be run with Global azure AD admin credentials.
If you require to do this in production with windows auth , it wont be possible for any app that is hosted in Azure . But if you can host your app locally on a windows machine or a Azure VM then you can use the gMSA account with standalone service fabric cluster . Using a gMSA with a standalone Service Fabric cluster requires Active Directory on-premises within your domain , so you may use your production AD and contact the domain admin for helping you create a gMSA account as mentioned in the linked article.
In case you are testing something , I would suggest you to signup for a test free trial subscription where you can run the same as you would have both rights on azure subscriptions as well as the associated directory if you create it with a new email account in a private browser session. Generally we tend to create a new azure subscription with our production email which is tied to original directory where we do not have rights hence I have mentioned to use a private browser session and use a Outlook.com account or any personal email address to create the free trial subscription. If you would like to do it on azure VMs then you can create a active directory domain controller on a Azure VM within your test setup and setup the service fabric cluster accordingly by adding it on other Azure VMs for role separation.
Hope the clarification helps. Should you have any further queries , please feel free to let us know and we will be happy to help . In case the information provided helps , please do accept it as answer so that it can be helpful to other community members.
Thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 44%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)