This Machine Doesn 39;t Seem To Have Access

[Tadeo Lentz]

TheAzure IP range is 10.2.0.0/16, split down into much smaller subnets. I have a server subnet for example on 10.2.1.0/24. If I provision a virtual machine in Azure on this subnet, I can access it on my LAN without issues since the site to Azure VNET is in place.

I have gone ahead and created a new Storage Account. Within that, I've created a File Share. I've configured Active Directory on prem using Powershell in order to generate a computer object in AD so that users can authenticate to the file share with the domain credentials. So under the File Shares section on Azure, Active Directory is showing as Configured.

I've configured IAM on the fileshare so that my account has the Storage File Data SMB Share Elevated Contributor role assigned to it. If I try to map the drive using the powershell script, or just by typing in the full UNC path from a domain joined computer \mydataname.file.core.windows.net\az-mydataname-01 it connects without issues, I don't get prompted for credentials since my use account already has access via IAM.

This is all good so far, however, I'd like to lock the share down so that it cannot be accessed externally in any way. Only directly within Azure and over our site to site VNET/VPN. At the moment

file.core.windows.net points to the external IP address to access that store. From the storage account, I went into Networking and selected the Private endpoint connections tab. I created a new endpoint within the same subscription and in the same Resource Group as the storage account. I selected the Target sub-resource as File. For the Virtual Network, I selected the Server subnet (10.2.1.0/24).

The network interface has been given an IP address of 10.2.1.6, in my Azure servers subnet.

The private endpoint object has DNS configuration for: mydataname.privatelink.file.core.windows.net which points to 10.2.1.6 as expected.

This is where thing seem to go wrong... If I try to reconnect the file store on my computer, it fails.

If I go into the storage account and head into File Shares and then try to click on the file share, I now get an error:

This machine doesn't seem to have access. This browser doesn't seem to be able to reach the necessary data plane APIs that interact with the files in an Azure file share. Interacting with share content is different from managing the Azure file share. Managing the share from this browser could be possible while accessing operations like listing the contents of a file share might not be. This is an issue reported from your side of the network. Check that your machine, from the network it is connected to, is expected to have access. If that is the case, check your networking configuration (proxy configuration, IP rules, Azure network settings for storage, etc) in your organization to ensure Azure services can be fully accessed.

Details authMode: 1 content: endpoint: 2 message: undefined name: StorageError requestId: null url: -mydataname-01?

This error seems to go aware if I remove the private endpoint connection... I'm not sure why this would be. The Public Network Access is still set toEnable from all networks.

Hi Travis, reviving this post in an attempt to get automatic backups saved to a location on a network drive and to allow gateway scripts to save files (such as pdfs of generated reports). Did you mean \\servername\backupfolder instead of \servername\backupfolder?

I still have not been successful in this. In addition, I am not able to save reports to a network location using system.report.executeAndDistribute. I really want to save this stuff to a corporate network location rather than to the local Ignition machine.

On Windows, view your local services and find Ignition:

Right-click on Ignition and choose Properties, tap on Log On tab, and change Log on as to This account:

Browse to choose an account with permissions to access the network location you want to save to and enter the appropriate password.

When i change the ingition service to run with a account which has access to network folder, The Service wont start, so i have to revert back to system account.It works with a local folder.

image1090346 55.9 KB.

We have been installing Splunk Enterprise on various virtual servers each for a Search Head, Indexer, HF. So far we have installed more than 5 Splunk Enterprise on each Linux (RHEL) VM, following the standard installation procedure. Also keeping the splunk.secret file the same throughout. Every server is functioning normally. Except for on one server, we cannot access the splunk web interface via localhost.

That Bad Request is exactly what you should get - an "escape character" isn't a valid HTML request. I just tested that my perfectly fine, working server gives exactly that same response. And in fact, that response sort of indicates the web server IS running, and working correctly enough to identify that it was an invalid request and to send back and error message to your telnet session. So this is good.

Speaking of which, I have to admit it's been a decade or more since I had a full windowing system on a linux server to even *try* using the "local web browser" to browse a local "web site". Why are you doing full desktop installs? Probably all sorts of weird things that could go wrong in that.

Now that you've clarified it a bit, I'm not quite as positive the web server IS actually running. I mean, probably, but just that I am not longer as sure of it. Still, my previous answer may be useful to other folks, so we'll leave it. Just don't mark it as accepted!

Seems that if I check this (and I see the "privacy icon" change to teh green square with two people in it rather than the yellow/orange square with just one person in it) that my users still don't have access to the video.

Is MS Stream still in development?? Seems like EVERYTHING at Microsoft is in development right now! SharePoint is like, half-in/half-out of mehing migrated to the "Modern" structure... I hope they straighten this stuff out fast.

@oiversonWhat do you mean with "users still don't have access to the video"? Access from where? When you are the owner, no else is set, the switch is on, you can post such a video in Yammer or in SharePoint with every user has access. What are you trying?

@oiversonI have two users. User A uploads a Video and is owner. User B does not see it under Discover/Videos. When I enable "Allow everyone in your company to view this video" by User A and User B refreshed the Discover/Videos page, the video appears. You do not have to add users as viewers.

To the groups: In Stream you see Microsoft 365 Groups. If you see a group in Teams, you see it in Stream. "Simple" AD groups are not displayed. You can read more here: -us/stream/groups-channels-organization

It DOES seem that the company-wide feature DOES work as intended. I don't know how one can mess up "clicking a link" but I will say that MS and specifically MS Stream are definitely in flux at the moment and there is also significant lag in publishing items. Obviously this is to be expected when you've created an ecosystem that is easier and easier to build out at the touch of a button but are fairly complex in the backend.

I then lost access to the first channel however users could still send me messages which wouldn't make it to my actual 365 account. I also couldn't receive any invitations to re-join the channel as I was technically still a guest. Somehow, I managed to fix this on my desktop and can now see both channels however when I log in to any other device, I can't see the channel that I'm a guest of.

So my theory is, somehow I have both a guest Teams account and an actual Teams account registered under the same email address, same password. I can't login to the guest account except that I was somehow able to make it appear at the same time as my actual 365 account on my desktop.

When I login to Microsoft or to Teams, I'm not prompted to select which account. I just know that I have a second guest account because I only have access on one machine, and have somehow previously been able to log back into that one.

When I'm logged into Teams on my work PC and click on my account icon, I can see my name and '(Guest)' in brackets. And I can see both teams. When I log in to Teams on a new device, I don't have '(Guest)' next to my name and I can only see one team.

I basically need to be able to merge by guest Teams account and my Office 365 account which are both under the same email address. I have no way of logging into my guest Teams account as it automatically opens my Office 365 account.

Hope that makes sense. Also funnily enough, the first time around when I was locked out of my Customers account, the Customers support tech could direct message me in Teams and I'd see the message. This time around, it doesn't seem to be the case.

I have almost exactly the same issue here. There was a guest account in a customer's domain created around 4-5 years for sharepoint access - way before my own organization start using MS team. That was for another project that had been completed quite some time.

Now recently i started to have another project need close coordination and access to some of my customer documents. I can see email to me saying i was invited to a "channel" of my customer but i could NOT access them using my "real" MS team account create by my organization (that would be my preferred account and not guest account). Please may i ask how i could resolve this? Many Thx.

Now whenever I sign into teams (even on a new computer) I am redirected to the customers login and I am signed in as a guest on the customers behalf. I am unable to access my own teams account from my company :( Did you ever get a solution to your problem?

3a8082e126