Azure Files with AD DS authentication - DNS forwarder setup

Copper Contributor

I have the setup running via Private Endpoint and now want to be able to find the private endpoint IP through my own DNS setup. I'm trying to do this via the DNS forwarder setup here

https://docs.microsoft.com/en-us/azure/storage/files/storage-files-networking-dns

 

I have already used the AzHybridFiles module for the setup, so it seems to work, but when running this:

 

import-module AzFilesHybrid

$ruleSet = New-AzDnsForwardingRuleSet -AzureEndpoints StorageAccountEndpoint

Connect-AzAccount

$SubscriptionId = "subscriptionID"

Select-AzSubscription $SubscriptionId


# Deploy and configure DNS forwarders

New-AzDnsForwarder `

        -DnsForwardingRuleSet $ruleSet `

        -VirtualNetworkResourceGroupName "vnetRG" `

        -VirtualNetworkName "vnetname" `

        -VirtualNetworkSubnetName "vnetSubnet" -SkipParentDomain

 

I'm getting this:

 

Get-ArmTemplateObject : A parameter cannot be found that matches parameter name 'Depth'.

At C:\Users\username\Documents\WindowsPowerShell\Modules\AzFilesHybrid\0.2.0.0\AzFilesHybrid.psm1:5113 char:24

+ ... teVersion = Get-ArmTemplateObject -ArmTemplateUri $DnsForwarderTempla ...

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Get-ArmTemplateObject], ParameterBindingException

    + FullyQualifiedErrorId : NamedParameterNotFound,Get-ArmTemplateObject

 

Does anyone have an idea, what this could come from?

8 Replies

@Dan Hansen i am getting the exact same thing at the exact same point.....did you get round it?

@saint_stevo   I just spent several hours working on this.  I wanted to share how I get it working.

 

Excuse my terminology I am not great at powershell, but I did get this going.

The function that creates Get-ArmTemplateObject has a mention of ConvertFrom-Jason -Depth 100 on line 5077 in the AzFilesHybris.psm1. That -Depth parameter was introduced in powershell 6.2. I am running PS 5.1. So I deleted the -Depth 100 part from the psm1 file located in C:\Users%username%\Documents\WindowsPowerShell\Modules\AzFilesHybrid\0.2.0.0 then I remove the module and then Imported the module again and re-ran the command and it then ran and created DNS VMs in my Azure account.

@RaiderNationTX 

Thanks for this - I've now made it through to the next issue - possibly caused by my delay since trying this the last time:

Now I'm getting this error:

Assert-DnsForwarderArmTemplateVersion : The template for deploying DNS forwarders in the Azure repository is a newer version 
than the AzureFilesHybrid module expects. This likely indicates that you are using an older version of the AzureFilesHybrid 
module and should upgrade. This can be done by getting the newest version of the module from 
https://github.com/Azure-Samples/azure-files-samples/releases.
At C:\Users\username\Documents\WindowsPowerShell\Modules\AzFilesHybrid\0.2.0.0\AzFilesHybrid.psm1:4872 char:5
+ Assert-DnsForwarderArmTemplateVersion
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Assert-DnsForwarderArmTemplateVersion

I'm running the 0.2 version of AzFilesHybrid, which seems to be the latest available version, but maybe the DNSForwarder functionality has been updated in the last month?

@Dan Hansen 

 

Hi,

 

I am in the same situation as you.

Tried Powershell 7.0.3, 6.2.1 and 6.2.4 but they all give the same error message.

Any update on this?

Is there another way to make the dns forwarders?

 

Regards,

 

Diederik

 

Hi Diederik,

 

I went with just using my already existing AD integrated DNS in my hybrid setup.

I have domain controllers running on-premises and in Azure, so I made the following:

 

On on-premises DCs:

a Conditional Forwarder for core.windows.net that points to the DC in Azure, not stored in the AD

 

On Azure DC:

a Conditional Forwarder for core.windows.net that point to the Azure DNS server 168.63.129.16

 

this works great, and only down side I've found is that I manually have to create the Conditional Forwarder when building new DCs

@Dan Hansen 

 

Hi Dan,

 

Thank you. I just did that and it works.

 

Regards,

 

Diederik

@Dan Hansen  Thanks for this, was sick of bashing my head into the wall

@Dan Hansen 

Hi

 

Sorry...now I am totally confused :)

Cause I am trying this and getting the same error

Get-ArmTemplateObject : A parameter cannot be found that matches parameter name 'Depth'.

(using the AZFilesHybrid v0.2.3)

I have NO On premise AD, only the Azure AD DS running.

There I have created a conditional forwarder for core.windows.net (168.63.129.16)

 

I also created private endpoints for the storage account in the VNet

 

And now?

running the script doesn't work (error above) - what to do now?

 

Best,

Lutz