MicrosoftHello, I followed the directions above except when it got to setting up the the script for Azure Arc there was the section for the network activity to not use the public endpoint but instead use the private endpoint. I did create a Private Link Scope and created an private Endpoint with a NIC for my internal network. I continue to get this error when installing the agent on my server. Although it shows up in Azure Arc the logs are not being sent to Sentinel. Is there a spesicic way I need to configure DNS or a better way to understand how to setup that connection?
ERROR Failed to get MSI certificate. You may delete the ARM resource and run azcmagent connect to try again Attempts=10
ERROR Failed to retrieve MSI Certificate from Service Error="403 Forbidden{\"error\":{\"code\":\"HCRP403\",\"message\":\"Access to the specified resource from Public Internet is disallowed. [VmId=\\u00220242cd0c-3c1f-4e58-9929-dec1227d66d2\\u0022]\",\"target\":\"/machine/0242cd0c-3c1f-4e58-9929-dec1227d66d2/identity\"}}"
ERROR Created Arc resource caab01-wec01 but couldn't connect it. You may delete the ARM resource and run azcmagent connect again to onboard. Error="403 Forbidden{\"error\":{\"code\":\"HCRP403\",\"message\":\"Access to the specified resource from Public Internet is disallowed. [VmId=\\u00220242cd0c-3c1f-4e58-9929-dec1227d66d2\\u0022]\",\"target\":\"/machine/0242cd0c-3c1f-4e58-9929-dec1227d66d2/identity\"}}"
INFO Exit Code: AZCM0081: Failed to Get MSI Certificate from HIS
INFO For troubleshooting, see https://aka.ms/arc/azcmerror
FATAL 403 Forbidden{"error":{"code":"HCRP403","message":"Access to the specified resource from Public Internet is disallowed. [VmId=\u00220242cd0c-3c1f-4e58-9929-dec1227d66d2\u0022]","target":"/machine/0242cd0c-3c1f-4e58-9929-dec1227d66d2/identity"}}
