Azure - Trying to join VM to domain using JsonADDomainExtension in Terraform

1
votes

Trying to join Azure CentOS VM to existing AD Domain. But, it fails. Error message is cryptic and not helpful.

Tried to join Azure CentOS VM to existing AD Domain using JsonADDomainExtension in Terraform. I have tried the following so far,

  • Manually, I could join VM to domain using 'realm join'
  • Tried TF code without OUPath -> doesn't help

Code is very similar to that of https://github.com/Azure/azure-quickstart-templates/blob/master/201-vm-domain-join-existing/azuredeploy.json

resource "azurerm_virtual_machine_extension" "adjoin" {
  name                 = "${azurerm_virtual_machine.testextn01.name}-adjoin"
  location             = "${azurerm_resource_group.testextn.location}"
  resource_group_name  = "${azurerm_resource_group.testextn.name}"
  virtual_machine_name = "${azurerm_virtual_machine.testextn01.name}"
  publisher            = "Microsoft.Compute"
  type                 = "JsonADDomainExtension"
  type_handler_version = "1.3"

  settings = <<SETTINGS
    {
        "Name": "NEXT.CLOUD.COM",
        "User": "DOMAIN\\ad-join",
        "OUPath": "\"OU=Centos,OU=Servers,OU=Operations,DC=NEXT,DC=CLOUD,DC=COM\"",
        "Restart": "true",
        "Options": "3"
    }
SETTINGS
  protected_settings = <<PROTECTED_SETTINGS
    {
      "Password": "topsecret"
    }
  PROTECTED_SETTINGS

}

Terraform apply was not returning back the prompt,

azurerm_virtual_machine_extension.adjoin: Still creating... (1h26m21s elapsed)
azurerm_virtual_machine_extension.adjoin: Still creating... (1h26m31s elapsed)
azurerm_virtual_machine_extension.adjoin: Still creating... (1h26m41s elapsed)
^CInterrupt received.
Please wait for Terraform to exit or data loss may occur.
Gracefully shutting down...
stopping operation...

Error message reads as below in /var/log/waagent.log file,

2019/07/18 05:06:41.630295 ERROR ExtHandler Event: name=Microsoft.Compute.JsonADDomainExtension, op=Install, message=eJytkcFKxDAURff9ivcBTtK0ndZ2N9gRR3B0PxTJJOkQaPJKkmrHrzdUFBcKMrh8i3s4993Ddg7Keo126xy6DvZoV2/KIahZBxAoVQMsq65AWx/4MBBhZHLwQeIUuiRLWU3TirJrSNdNWjZ5Tco0q6oSdvvbR4j0O27loBxspFQSnnYtsHVRQEAQJ4fTCNSfPe09/TipGCf6ygdtp5mflA1EfRp6+qCFQ499IDdoxikocu/RbtoWDdf2q8ozIznJfpHL86K+WM4og+78T37J8kflXJfQF+7ooI+RvED/SlotJPptmwaimgLWwFHbHzNROG4q0JhYHiwG6HGyMnkHeGWxYg==, duration=0


Error message is clueless and not of much help.

1
azureterraformterraform-provider-azure
Any process on your side?Nancy Xiong
Tried what you suggested on OUPath, it didn't really help. Have you tried joining CentOS/Linux VM to AD using this extension ?user3362908
Please check my update, your linking template is used to join an existing Windows virtual machine into an existing Windows Active Directory Domain. so it's nope for CentOS VMNancy Xiong
If my reply is helpful, you could accept it as an answer, thanks.Nancy Xiong

1 Answers

1
votes

You may take attention to the user and OUPath format in your settings, it should not have the "\, you could change it to "OUPath":"OU=Centos,OU=Servers,OU=Operations,DC=NEXT,DC=CLOUD,DC=COM",

Also, you could add depends_on in the extension block as the extension creation replies on the VM generation. You could get more references about using Terraform to join a new Azure Virtual Machine to a Domain from this1 and this2.

Update

In fact, your linking template is used to join an existing Windows virtual machine into an existing Windows Active Directory Domain. enter image description here