MicrosoftDocs
diff --git a/‎articles/active-directory/external-identities/azure-ad-account.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/external-identities/azure-ad-account.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/external-identities/media/azure-ad-account/azure-ad-account-identity-provider.png
-7.05 KB b/‎articles/active-directory/external-identities/media/azure-ad-account/azure-ad-account-identity-provider.png
-7.05 KB
diff --git a/‎articles/active-directory/external-identities/media/azure-ad-account/azure-ad-account-invite.png
-2.99 KB b/‎articles/active-directory/external-identities/media/azure-ad-account/azure-ad-account-invite.png
-2.99 KB
diff --git a/‎articles/active-directory/external-identities/media/azure-ad-account/azure-ad-account-user-flow.png
-4.21 KB b/‎articles/active-directory/external-identities/media/azure-ad-account/azure-ad-account-user-flow.png
-4.21 KB
diff --git a/‎articles/aks/update-credentials.md
Lines changed: 1 addition & 1 deletion b/‎articles/aks/update-credentials.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/automation/media/update-agent-issues-linux/actionable-tasks-linux-expanded.png
193 KB b/‎articles/automation/media/update-agent-issues-linux/actionable-tasks-linux-expanded.png
193 KB
diff --git a/‎articles/automation/media/update-agent-issues-linux/actionable-tasks-linux-inline.png
193 KB b/‎articles/automation/media/update-agent-issues-linux/actionable-tasks-linux-inline.png
193 KB
diff --git a/‎articles/automation/media/update-agent-issues/actionable-tasks-windows-expanded.png
311 KB b/‎articles/automation/media/update-agent-issues/actionable-tasks-windows-expanded.png
311 KB
diff --git a/‎articles/automation/media/update-agent-issues/actionable-tasks-windows-inline.png
311 KB b/‎articles/automation/media/update-agent-issues/actionable-tasks-windows-inline.png
311 KB
diff --git a/‎articles/automation/troubleshoot/update-agent-issues-linux.md
Lines changed: 132 additions & 21 deletions b/‎articles/automation/troubleshoot/update-agent-issues-linux.md
Lines changed: 132 additions & 21 deletions
@@ -38,7 +38,7 @@ Azure AD account is an identity provider option for your self-service sign-up us
 ![Azure AD account in a self-service sign-up user flow](media/azure-ad-account/azure-ad-account-user-flow.png)
 
 ## Verifying the application's publisher domain
-As of November 2020, new application registrations show up as unverified in the user consent prompt unless [the application's publisher domain is verified](../develop/howto-configure-publisher-domain.md) ***and*** the company’s identity has been verified with the Microsoft Partner Network and associated with the application. ([Learn more](../develop/publisher-verification-overview.md) about this change.) Note that for Azure AD user flows, the publisher’s domain appears only when using a [Microsoft account](microsoft-account.md) or other Azure AD tenant as the identity provider. To meet these new requirements, do the following:
+As of November 2020, new application registrations show up as unverified in the user consent prompt unless [the application's publisher domain is verified](../develop/howto-configure-publisher-domain.md), ***and*** the company’s identity has been verified with the Microsoft Partner Network and associated with the application. ([Learn more](../develop/publisher-verification-overview.md) about this change.) For Azure AD user flows, the publisher’s domain appears only when using a [Microsoft account](microsoft-account.md) or other Azure AD tenant as the identity provider. To meet these new requirements, follow these steps:
 
 1. [Verify your company identity using your Microsoft Partner Network (MPN) account](/partner-center/verification-responses). This process verifies information about your company and your company’s primary contact.
 1. Complete the publisher verification process to associate your MPN account with your app registration using one of the following options:
@@ -48,4 +48,4 @@ As of November 2020, new application registrations show up as unverified in the
 ## Next steps
 
 - [Add Azure Active Directory B2B collaboration users](add-users-administrator.md)
-- [Add self-service sign-up to an app](self-service-sign-up-user-flow.md)
+- [Add self-service sign-up to an app](self-service-sign-up-user-flow.md)
@@ -37,7 +37,7 @@ To check the expiration date of your service principal, use the [az ad sp creden
 ```azurecli
 SP_ID=$(az aks show --resource-group myResourceGroup --name myAKSCluster \
     --query servicePrincipalProfile.clientId -o tsv)
-az ad sp credential list --id "$SP_ID" --query "[].endDate" -o tsv
+az ad sp credential list --id "$SP_ID" --query "[].endDateTime" -o tsv
 ```
 
 ### Reset the existing service principal credential
 
@@ -25,72 +25,159 @@ This article discusses how to run the troubleshooter for Azure machines from the
 
 ## Start the troubleshooter
 
-For Azure machines, select the **troubleshoot** link under the **Update Agent Readiness** column in the portal to open the Troubleshoot Update Agent page. For non-Azure machines, the link brings you to this article. To troubleshoot a non-Azure machine, see the instructions in the "Troubleshoot offline" section.
+For Azure machines, select the **troubleshoot** link under the **Update Agent Readiness** column in the portal to open the Troubleshoot Update Agent page. For non-Azure machines, the link brings you to this article. To troubleshoot a non-Azure machine, see the instructions in the **Troubleshoot offline** section.
 
-![VM list page](../media/update-agent-issues-linux/vm-list.png)
+:::image type="content" source="../media/update-agent-issues-linux/vm-list.png" alt-text="Screenshot of VM list page.":::
 
 > [!NOTE]
 > The checks require the VM to be running. If the VM isn't running, **Start the VM** appears.
 
 On the Troubleshoot Update Agent page, select **Run Checks** to start the troubleshooter. The troubleshooter uses [Run command](../../virtual-machines/linux/run-command.md) to run a script on the machine to verify the dependencies. When the troubleshooter is finished, it returns the result of the checks.
 
-![Troubleshoot page](../media/update-agent-issues-linux/troubleshoot-page.png)
+:::image type="content" source="../media/update-agent-issues-linux/troubleshoot-page.png" alt-text="Screenshot of Troubleshoot page.":::
+
 
 When the checks are finished, the results are returned in the window. The check sections provide information on what each check is looking for.
 
-![Update agent checks page](../media/update-agent-issues-linux/update-agent-checks.png)
+:::image type="content" source="../media/update-agent-issues-linux/actionable-tasks-linux-inline.png" alt-text="Screenshot of Linux Troubleshooter." border="false" lightbox="../media/update-agent-issues-linux/actionable-tasks-linux-expanded.png":::
+
 
 ## Prerequisite checks
 
 ### Operating system
 
 The operating system check verifies if the Hybrid Runbook Worker is running one of the [supported operating systems](../update-management/operating-system-requirements.md#supported-operating-systems).
 
+### Dmidecode check
+
+To verify if a VM is an Azure VM, check for Asset tag value using the below command:
+
+```
+sudo dmidecode
+```
+
+If the asset tag is different than 7783-7084-3265-9085-8269-3286-77, then reboot VM to initiate re-registration. 
+
+
 ## Monitoring agent service health checks
 
-### Log Analytics agent
+### Monitoring Agent
+
+To fix this, install Azure Log Analytics Linux agent and ensure it communicates the required endpoints. For more information, see [Install Log Analytics agent on Linux computers](../../azure-monitor/agents/agent-linux.md).
 
-This check ensures that the Log Analytics agent for Linux is installed. For instructions on how to install it, see [Install the agent for Linux](../../azure-monitor/vm/monitor-virtual-machine.md#agents).
+This task checks if the folder is present - 
 
-### Log Analytics agent status
+*/etc/opt/microsoft/omsagent/conf/omsadmin.conf*
 
-This check ensures that the Log Analytics agent for Linux is running. If the agent isn't running, you can run the following command to attempt to restart it. For more information on troubleshooting the agent, see [Linux - Troubleshoot Hybrid Runbook Worker issues](hybrid-runbook-worker.md#linux).
+### Monitoring Agent status
+ 
+To fix this issue, you must start the OMS Agent service by using the following command: 
 
-```bash
-sudo /opt/microsoft/omsagent/bin/service_control restart
+```
+ sudo /opt/microsoft/omsagent/bin/service_control restart
 ```
 
-### Multihoming
+To validate you can perform process check using the below command: 
+
+```
+process_name = "omsagent" 
+ps aux | grep %s | grep -v grep" % (process_name) 
+```
 
+For more information, see [Troubleshoot issues with the Log Analytics agent for Linux](../../azure-monitor/agents/agent-linux-troubleshoot.md)
+
+
+### Multihoming
 This check determines if the agent is reporting to multiple workspaces. Update Management doesn't support multihoming.
 
+To fix this issue, purge the OMS Agent completely and reinstall it with the [workspace linked with Update management](../../azure-monitor/agents/agent-linux-troubleshoot.md#purge-and-reinstall-the-linux-agent)
+
+
+Validate that there are no more multihoming by checking the directories under this path:
+
+ */var/opt/microsoft/omsagent*. 
+
+As they are the directories of workspaces, the number of directories equals the number of workspaces on-boarded to OMSAgent.
+
 ### Hybrid Runbook Worker
+To fix the issue, run the following command: 
 
-This check verifies if the Log Analytics agent for Linux has the Hybrid Runbook Worker package. This package is required for Update Management to work. To learn more, see [Log Analytics agent for Linux isn't running](hybrid-runbook-worker.md#oms-agent-not-running).
+```
+sudo su omsagent -c 'python /opt/microsoft/omsconfig/Scripts/ PerformRequiredConfigurationChecks.py
+```
 
-Update Management downloads Hybrid Runbook Worker packages from the operations endpoint. Therefore, if the Hybrid Runbook Worker is not running and the [operations endpoint](#operations-endpoint) check fails, the update can fail.
+This command forces the omsconfig agent to talk to Azure Monitor and retrieve the latest configuration. 
+
+Validate to check if the following two paths exists:
+
+```
+/opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/VERSION </br> /opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/DSCResources/MSFT_nxOMSAutomationWorkerResource/automationworker/worker/configuration.py
+```
 
 ### Hybrid Runbook Worker status
 
 This check makes sure the Hybrid Runbook Worker is running on the machine. The processes in the example below should be present if the Hybrid Runbook Worker is running correctly.
+```
+ps -ef | grep python
+```
 
-```bash
+```
 nxautom+   8567      1  0 14:45 ?        00:00:00 python /opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/DSCResources/MSFT_nxOMSAutomationWorkerResource/automationworker/worker/main.py /var/opt/microsoft/omsagent/state/automationworker/oms.conf rworkspace:<workspaceId> <Linux hybrid worker version>
 nxautom+   8593      1  0 14:45 ?        00:00:02 python /opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/DSCResources/MSFT_nxOMSAutomationWorkerResource/automationworker/worker/hybridworker.py /var/opt/microsoft/omsagent/state/automationworker/worker.conf managed rworkspace:<workspaceId> rversion:<Linux hybrid worker version>
 nxautom+   8595      1  0 14:45 ?        00:00:02 python /opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/DSCResources/MSFT_nxOMSAutomationWorkerResource/automationworker/worker/hybridworker.py /var/opt/microsoft/omsagent/<workspaceId>/state/automationworker/diy/worker.conf managed rworkspace:<workspaceId> rversion:<Linux hybrid worker version>
 ```
 
+Update Management downloads Hybrid Runbook Worker packages from the operations endpoint. Therefore, if the Hybrid Runbook Worker is not running and the [operations endpoint](#operations-endpoint) check fails, the update can fail.
+
+To fix this issue, run the following command:
+
+```
+sudo su omsagent -c python /opt/microsoft/omsconfig/Scripts/PerformRequiredConfigurationChecks.py
+```
+
+This command forces the omsconfig agent to talk to Azure Monitor and retrieve the latest configuration. 
+
+If the issue still persists, run the [omsagent Log Collector tool](https://github.com/Microsoft/OMS-Agent-for-Linux/blob/master/tools/LogCollector/OMS_Linux_Agent_Log_Collector.md)
+
+
+
 ## Connectivity checks
 
+### Proxy enabled check
+
+To fix the issue, either remove the proxy or make sure that the proxy address is able to access the [prerequisite URL](../automation-network-configuration.md#update-management-and-change-tracking-and-inventory).
+
+You can validate the task by running the below command:
+
+```
+HTTP_PROXY
+```
+
+### IMDS connectivity check
+
+To fix this issue, allow access to IP **169.254.169.254**. For more information, see [Access Azure Instance Metadata Service](../../virtual-machines/windows/instance-metadata-service.md#azure-instance-metadata-service-windows)
+
+After the network changes, you can either rerun the Troubleshooter or run the below commands to validate: 
+
+```
+ curl -H \"Metadata: true\" http://169.254.169.254/metadata/instance?api-version=2018-02-01
+```
+
 ### General internet connectivity
 
-This check makes sure that the machine has access to the internet.
+This check makes sure that the machine has access to the internet and can be ignored if you have blocked internet and allowed only specific URLs. 
+
+CURL on any http url.
 
 ### Registration endpoint
 
 This check determines if the Hybrid Runbook Worker can properly communicate with Azure Automation in the Log Analytics workspace.
 
-Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the registration endpoint. For a list of addresses and ports to open, see [Network planning](../automation-hybrid-runbook-worker.md#network-planning).
+Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the registration endpoint. For a list of addresses and ports to open, see [Network planning](../automation-hybrid-runbook-worker.md#network-planning)
+
+Fix this issue by allowing the prerequisite URLs. For more information, see [Update Management and Change Tracking and Inventory](../automation-network-configuration.md#update-management-and-change-tracking-and-inventory)
+
+Post the network changes you can either re-run the troubleshooter or CURL on provided jrds endpoint.
 
 ### Operations endpoint
 
@@ -102,21 +189,45 @@ Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to
 
 This check verifies that your machine has access to the endpoints needed by the Log Analytics agent.
 
+Fix this issue by allowing the [prerequisite URLs](../automation-network-configuration.md#update-management-and-change-tracking-and-inventory).
+
+Post making Network changes you can either rerun the Troubleshooter or
+Curl on provided OMS endpoint
+
 ### Log Analytics endpoint 2
 
 This check verifies that your machine has access to the endpoints needed by the Log Analytics agent.
 
-### Log Analytics endpoint 3
+Fix this issue by allowing the [prerequisite URLs](../automation-network-configuration.md#update-management-and-change-tracking-and-inventory).
 
-This check verifies that your machine has access to the endpoints needed by the Log Analytics agent.
+Post making Network changes you can either rerun the Troubleshooter or
+Curl on provided OMS endpoint
+
+
+### Software repositories
+
+Fix this issue by allowing the prerequisite Repo URL. For RHEL, see [here](https://learn.microsoft.com/azure/virtual-machines/workloads/redhat/redhat-rhui#troubleshoot-connection-problems-to-azure-rhui).
+
+Post making Network changes you can either rerun the Troubleshooter or
+
+Curl on software repositories configured in package manager. 
+
+Refreshing repos would help to confirm the communication. 
+
+```
+sudo apt-get check
+sudo yum check-update
+```
+> [!NOTE]
+> The check is available only in offline mode.
 
 ## <a name="troubleshoot-offline"></a>Troubleshoot offline
 
 You can use the troubleshooter offline on a Hybrid Runbook Worker by running the script locally. The Python script, [UM_Linux_Troubleshooter_Offline.py](https://github.com/Azure/updatemanagement/blob/main/UM_Linux_Troubleshooter_Offline.py), can be found in GitHub.
 
-> [!NOTE]
-> The current version of the troubleshooter script does not support Ubuntu 20.04.
->
+ > [!NOTE]
+ > The current version of the troubleshooter script does not support Ubuntu 20.04.
+
 
 An example of the output of this script is shown in the following example: