Problem:
I am attempting to add a new VM as a second domain contoller to an existing domain and error when attempting to add it to the same Cloud Service.
Steps1:
Created a virtual network
Assigned an Affinity Group to the network (cloudAG)
Scripted the creation of a VM following the protocol to add a DC with DNS.
As part of this process a Cloud Service was created for this VM (DCcloudservice) in the Affinity Group.
Scripted the creation of a second VM , when attempting to related it to the same Cloud Service using this line:
$service = 'DCcloudservice'
(please note i have amended all other parameters and am 100% sure this command value is causing the conflict error)
Error1:
The following error is displayed:
New-AzureVM : "An exception occurred when calling the ServiceManagement API. HTTP Status Code: 409. Service Management Error Code: ConflictError. Message: The specified DNS name is already taken.. Operation Tracking ID: 121129c1212be49c8be9f81411178a61ac." At line:25 char:1 + New-AzureVM -ServiceName $service -AffinityGroup $AG -VMs $MyVM1 -DnsSettings $m ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (:) [New-AzureVM], ServiceManagementClientException + FullyQualifiedErrorId : Microsoft.WindowsAzure.Management.ServiceManagement.IaaS.PersistentVMs.NewAzureVMCommand
Steps2:
So using the Azure Mgt Portal I try to create the same VM. When selecting the existing DC Cloud Service name I receive the message:
Error2:
"The cloud service you have chosen is deployed in a region or affinity group that does not currently support virtual machines"
Following STEP 7 in this article:
"Step 7 - Add Second Domain Controller"
It suggests:
"What this does is creates the virtual machine in an existing cloud service so that it can be added to an availability group later".
Question:
Simply put, POWERSHELL ISE and AZURE MGT PORTAL do not allow me to add a new VM to an existing Cloud Service and I cannot understand why.
Thank you for any help.
EDITED TO ADD the region is NORTH EUROPE.
29/07/13 EDITED TO ADD RESPONSE TO TABREZ:
Thank you for the reply. Hope the detail below helps explain.
1) the VNET was created within the last month in NORTH EUROPE. Access to this specific sub was 25/06/13.
2) this is the script used for domain joining a new vm. Works to add a node to the domain perfectly if i create a new cloud serice value. If I use the existing DC cloud service value i get the DNS error explained above.
$myDNS = New-AzureDNS -Name 'myDNS' -IPAddress '172.16.0.4'
$image = 'Windows-Server-2012-Datacenter-201305.01-en.us-127GB.vhd'
$service = 'cloudDC1'
$AG = 'cloudAG'
$vnet = 'cloudvnet'
$pwd = 'password'
$size = 'Small'
$vmname = 'DC2' $MyVM1 = New-AzureVMConfig -name $vmname -InstanceSize $size -ImageName $image | Add-AzureProvisioningConfig -WindowsDomain -Password $pwd -Domain 'domain' ->DomainPassword 'password' -DomainUserName 'adminuser' -JoinDomain 'domain.COM'| Set-AzureSubnet -SubnetNames 'Back'
New-AzureVM -ServiceName $service -AffinityGroup $AG -VMs $MyVM1 -DnsSettings $myDNS -VNetName $vnet
3) Another Q. There are many articles about adding the FIRST DC to a VNET using powershell and why its important to make the value $MYDNS = 127.0.0.1. When using DOMAIN JOIN to add an ADDITIONAL DC to the same domain I must enter the first DC IP address as the $MYDNS value for the domain join to be successful.
If using 127.0.0.1 it cannot find the domain.
If i use 172.16.0.4 as the $myDNS value for the additional DC and DC1 then fails the additional DC (DC2) surly has a problem resoling DNS queries ?
No info on the net explaining how to add a second domain controller / additional domain controller / backup domain controller / replica domain controller on AZURE that addresses the $myDNS issues that is so important to creating the first DC DNS correctly using 127.0.0.1 loopback IP.
Please note my VNET has the following DNS server IPS
172.16.0.4 (dc1). 172.16.0.5 (dc2) once created. 8.8.8.8 google1 8.8.8.4 google2 192.168.1.3 (site to site VPN DC2) 192.168.1.1 (site to site VPN DC1)
Site to site VPN currently down as KEY keeps changing if you dont use CISCO or JUNIPER routers. I need to install an ISA server to maintain this connection.