Troubleshooting Windows Azure Pack Portal issues and data collection


 

Most common issues I have seen I  Windows Azure pack is the admin and tenant portal errors. When we see any runtime errors in the portals. Either the error might be because of configuration within the Admin/Tenant Site or it might be because the Admin API/Tenant API is throwing an error when a call is being made to them.

Things to Check:

First thing we do is check the event logs to see if there any errors in Application and Services Logs->Microsoft->Windows Azure Pack and check the logs for Admin/Tenant Site and the Admin/Tenant API sites. Most of the times this gives us insight on what might be happening

Second thing we do is we want to identify if the issue is in API or the site itself. To isolate this normally we want to keep a track of all the calls going from the site to the API internally. To keep a track of the out going calls we can actually hook fiddler to the admin site or tenant site.

Steps to capture fiddler for outgoing calls.

There are two methods we can use to achieve this. but there are some steps common to both.

Common Steps:

1. This is the most common method used. you can download and install Fiddler from http://www.telerik.com/download/fiddler

2. Before you start capturing the requests you need to make sure that fiddler is able to decrypt the https traffic.

3. To be able to decrypt the https traffic in fiddler start fiddler and go to Tools->Fiddler Options and make sure highlighted check boxes are selected. When prompted to install the fiddler certificate click on Yes.

image

Method 1:

1. Here you can fiddler as a proxy in the site web.config. But as we know that we cant make any changes directly to the WAP sites config as it is encrypted.

2. So before adding fiddler as a proxy, you need to decrypt the config by running below commands in the WAP PowerShell command let as below.

To decrypt the configuration of Admin Site

Unprotect-MgmtSvcConfiguration -Namespace "AdminSite"

To decrypt the configuration of Tenant Site

Unprotect-MgmtSvcConfiguration -Namespace "TenantSite"

Reference: https://technet.microsoft.com/en-us/library/dn520996%28v=sc.20%29.aspx?f=255&MSPPError=-2147217396

3. Take a backup of your original web.config before proceeding with any changes. Once you are done decrypting the web.config file, you can add the below entries in your web.config and make sure fiddler is running.

<system.net>
        <defaultProxy>
            <proxy proxyaddress="
http://localhost:8888" />
        </defaultProxy>
    </system.net>
</configuration>

4. Now fiddler will start listening to traffic going outside of Admin Site/Tenant Site

5. After you are done capturing the data, revert the changes and encrypt the web.config again by running the below PowerShell command lets.

To encrypt the configuration of Admin Site

Protect-MgmtSvcConfiguration -Namespace "AdminSite"

To encrypt the configuration of Tenant Site

Protect-MgmtSvcConfiguration -Namespace "TenantSite"

I personally prefer method 2 as method 1 is a little tedious.

Method 2:

1. Create a file named setproxy.aspx page within admin site/ tenant site physical folder location depending for which site you want to capture the traffic.

2. Copy the below snippet to your setproxy.aspx page

<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Net" %>

<script language="C#" runat=server>
public void Page_Load(Object sender, EventArgs E)
{
//sample that makes httpwebrequest call to a URL.
//it then returns the data to the client and uses the same content-type header.
//You can change the URL to test different sites

    System.Net.WebRequest.DefaultWebProxy = new WebProxy("http://127.0.0.1:8888", false);
Response.Write("Set Proxy already");
}
</script>

3. Make sure fiddler is running and now browse the setproxy.aspx page. Now fiddler will be automatically attached to your process and will keep listening to the outgoing requests.

4. To revert the changes and stop fiddler from listening to your requests is very simple, you just need to recycle the application pool for the site and to enable it again just browse the page.

Hope this helps Smile


Comments (1)

  1. Todd Heron says:

    Nice article Chiranth, especially the in-depth detail about using Fiddler to deeply analyze the TCP session.

    --

    Best Regards,

    Todd Heron | Active Directory Consultant

    Please remember to mark replies as answers if they resolve the issue

Skip to main content