I am making an Outlook add-in in React and when trying to get the access token from OfficeRuntime, I get the following error:
This is the method I am trying to run:
var bootToken = OfficeRuntime.auth.getAccessToken({
allowSignInPrompt: true
});
This is the error in the browser console:
OSF.DDA.Error {name: 'Preauthorization missing.', message: 'Missing grant for this add-in.', code: 13005} code: 13005 message: "Missing grant for this add-in." name: "Preauthorization missing."
This is my manifest.xml file:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OfficeApp xmlns="http://schemas.microsoft.com/office/appforoffice/1.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:bt="http://schemas.microsoft.com/office/officeappbasictypes/1.0" xmlns:mailappor="http://schemas.microsoft.com/office/mailappversionoverrides/1.0" xsi:type="MailApp">
<Id>{AppId}</Id>
<Version>1.0.0.0</Version>
<ProviderName>Signator</ProviderName>
<DefaultLocale>en-US</DefaultLocale>
<DisplayName DefaultValue="Signator Demo"/>
<Description DefaultValue="Signator demo"/>
<IconUrl DefaultValue="https://localhost:3000/assets/icon-64.png"/>
<HighResolutionIconUrl DefaultValue="https://localhost:3000/assets/icon-128.png"/>
<SupportUrl DefaultValue="https://www.contoso.com/help"/>
<AppDomains>
<AppDomain>https://www.contoso.com</AppDomain>
</AppDomains>
<Hosts>
<Host Name="Mailbox"/>
</Hosts>
<Requirements>
<Sets>
<Set Name="Mailbox" MinVersion="1.1"/>
</Sets>
</Requirements>
<FormSettings>
<Form xsi:type="ItemRead">
<DesktopSettings>
<SourceLocation DefaultValue="https://localhost:3000/taskpane.html"/>
<RequestedHeight>250</RequestedHeight>
</DesktopSettings>
</Form>
</FormSettings>
<Permissions>ReadWriteItem</Permissions>
<Rule xsi:type="RuleCollection" Mode="Or">
<Rule xsi:type="ItemIs" ItemType="Message" FormType="Read"/>
</Rule>
<DisableEntityHighlighting>false</DisableEntityHighlighting>
<VersionOverrides xmlns="http://schemas.microsoft.com/office/mailappversionoverrides" xsi:type="VersionOverridesV1_0">
<Requirements>
<bt:Sets DefaultMinVersion="1.3">
<bt:Set Name="Mailbox"/>
</bt:Sets>
</Requirements>
<Hosts>
<Host xsi:type="MailHost">
<DesktopFormFactor>
<FunctionFile resid="Commands.Url"/>
<ExtensionPoint xsi:type="MessageReadCommandSurface">
<OfficeTab id="TabDefault">
<Group id="msgReadGroup">
<Label resid="GroupLabel"/>
<Control xsi:type="Button" id="msgReadOpenPaneButton">
<Label resid="TaskpaneButton.Label"/>
<Supertip>
<Title resid="TaskpaneButton.Label"/>
<Description resid="TaskpaneButton.Tooltip"/>
</Supertip>
<Icon>
<bt:Image size="16" resid="Icon.16x16"/>
<bt:Image size="32" resid="Icon.32x32"/>
<bt:Image size="80" resid="Icon.80x80"/>
</Icon>
<Action xsi:type="ShowTaskpane">
<SourceLocation resid="Taskpane.Url"/>
</Action>
</Control>
</Group>
</OfficeTab>
</ExtensionPoint>
</DesktopFormFactor>
</Host>
</Hosts>
<Resources>
<bt:Images>
<bt:Image id="Icon.16x16" DefaultValue="https://localhost:3000/assets/icon-16.png"/>
<bt:Image id="Icon.32x32" DefaultValue="https://localhost:3000/assets/icon-32.png"/>
<bt:Image id="Icon.80x80" DefaultValue="https://localhost:3000/assets/icon-80.png"/>
</bt:Images>
<bt:Urls>
<bt:Url id="Taskpane.Url" DefaultValue="https://localhost:3000/taskpane.html"/>
</bt:Urls>
<bt:ShortStrings>
<bt:String id="GroupLabel" DefaultValue="Signator Add-in"/>
<bt:String id="TaskpaneButton.Label" DefaultValue="Show Taskpane"/>
</bt:ShortStrings>
<bt:LongStrings>
<bt:String id="TaskpaneButton.Tooltip" DefaultValue="Opens a pane displaying all available properties."/>
</bt:LongStrings>
</Resources>
<VersionOverrides xmlns="http://schemas.microsoft.com/office/mailappversionoverrides/1.1" xsi:type="VersionOverridesV1_1">
<Requirements>
<bt:Sets DefaultMinVersion="1.3">
<bt:Set Name="Mailbox"/>
</bt:Sets>
</Requirements>
<Hosts>
<Host xsi:type="MailHost">
<DesktopFormFactor>
<FunctionFile resid="Commands.Url"/>
<ExtensionPoint xsi:type="MessageReadCommandSurface">
<OfficeTab id="TabDefault">
<Group id="msgReadGroup">
<Label resid="GroupLabel"/>
<Control xsi:type="Button" id="msgReadOpenPaneButton">
<Label resid="TaskpaneButton.Label"/>
<Supertip>
<Title resid="TaskpaneButton.Label"/>
<Description resid="TaskpaneButton.Tooltip"/>
</Supertip>
<Icon>
<bt:Image size="16" resid="Icon.16x16"/>
<bt:Image size="32" resid="Icon.32x32"/>
<bt:Image size="80" resid="Icon.80x80"/>
</Icon>
<Action xsi:type="ShowTaskpane">
<SourceLocation resid="Taskpane.Url"/>
</Action>
</Control>
</Group>
</OfficeTab>
</ExtensionPoint>
</DesktopFormFactor>
</Host>
</Hosts>
<Resources>
<bt:Images>
<bt:Image id="Icon.16x16" DefaultValue="https://localhost:3000/assets/icon-16.png"/>
<bt:Image id="Icon.32x32" DefaultValue="https://localhost:3000/assets/icon-32.png"/>
<bt:Image id="Icon.80x80" DefaultValue="https://localhost:3000/assets/icon-80.png"/>
</bt:Images>
<bt:Urls>
<bt:Url id="Taskpane.Url" DefaultValue="https://localhost:3000/taskpane.html"/>
</bt:Urls>
<bt:ShortStrings>
<bt:String id="GroupLabel" DefaultValue="Signator Add-in"/>
<bt:String id="TaskpaneButton.Label" DefaultValue="Show Taskpane"/>
</bt:ShortStrings>
<bt:LongStrings>
<bt:String id="TaskpaneButton.Tooltip" DefaultValue="Opens a pane displaying all available properties."/>
</bt:LongStrings>
</Resources>
<WebApplicationInfo>
<Id>{AppId}</Id>
<Resource>api://localhost:3000/{AppId}</Resource>
<Scopes>
<Scope>openid</Scope>
<Scope>profile</Scope>
<Scope>offline_access</Scope>
<Scope>Files.Read.All</Scope>
<Scope>User.Read</Scope>
<Scope>email</Scope>
<Scope>access_as_user</Scope>
</Scopes>
</WebApplicationInfo>
</VersionOverrides>
</VersionOverrides>
</OfficeApp>
This is my .env file:
CLIENT_ID=6fd14366-13ed-4a8d-8563-0f89e8428f43
GRAPH_URL_SEGMENT_=/me
NODE_ENV=development
PORT=3000
QUERY_PARAM_SEGMENT=
SCOPE=access_as_user
These are my API permissions:
I also have declared a scope 'access_as_user' and generated a client secret, added all possible client apps, enabled authorization and sso and set the app to be multi tenant.
What could be the problem why do I get the error that 'Preauthorization is missing' (code 13005)?
Under Manage, select API permissions, and select Add a permission. On the panel that opens, choose Microsoft Graph, and then choose Delegated permissions. Please check your permissions and see if Files.Read.All is selected for appliation type permission and if needs to be changed to delegated.
Files.Read.All
offline_access
openid
profile
Please make sure to grant admin consent as an administrator.So please
test tenants where you have admin role and from that you can
provide all the consents. When developing, you have to grant admin
consent as described here.
Also try use this url and check to grant permissions for your app:
https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}
see Grant tenant-wide admin consent to an application - Azure AD | Microsoft Docs.
Please refer Outlook-Add-in-SSO /Office-Add-in-samples · GitHub
which implements an outlook-add-in-sso-aspnet that uses Office's SSO
feature to give the add-in access to Microsoft Graph data.
And check in the Authorized client applications section,
identify the applications that you want to authorize to your add-in's
web application. Each of the following IDs needs to be
pre-authorized:
for example In the Authorized client applications section, enter the following ID to pre-authorize all Microsoft Office application endpoints.
ea5a67f6-b6f3-4338-b240-c655ddc3cc8e (All Microsoft Office application endpoints)
The ID, ea5a67f6-b6f3-4338-b240-c655ddc3cc8e pre-authorizes Office on all the following platforms.
Note :Alternatively, you can enter a proper subset of the following
IDs if for any reason you want to deny authorization to Office on some
platforms. Just leave out the IDs of the platforms from which you want
to withhold authorization.
d3590ed6-52b3-4102-aeff-aad2292ab01c (Microsoft Office)
ea5a67f6-b6f3-4338-b240-c655ddc3cc8e (Microsoft Office)
57fb890c-0dab-4253-a5e0-7188c88b2bb4 (Office on the web)
08e18876-6177-487e-b8b5-cf950c1e598c (Office on the web)
bc59ab01-8403-45c6-8796-ac3ef710b3e3 (Outlook on the web)
For each ID, take these steps:
a. Select Add a client application button, and in the panel that
opens, set the Client ID to the respective GUID and check the box for
api://localhost:44355/$App ID GUID$/access_as_user.
b. Select Add application.
Please check these References:
Register an Office Add-in that uses SSO with the Microsoft identity platform - Office Add-ins | Microsoft Docs & create-sso-office-add-ins-nodejs.
oauth 2.0 - Error getting SSO in Outlook 365 web addin 13005. Preauthorization missing - Stack Overflow.
Another possible cause, during development, is that your add-in using Internet Explorer, and you are using a self-signed certificate. (To determine which browser is being used by the add-in, see Browsers used by Office Add-ins ).
See Troubleshoot error messages for single sign-on (SSO) - Office Add-ins | Microsoft Docs
References:
javascript - Outlook WEB Add-in execution of getAccessToken returns status code 302 - Stack Overflow
Enable single sign-on (SSO) in an Office Add-in - Office Add-ins | Microsoft Docs
Related
I am trying to embed a web react app in office 365 Outlook as a task pane Add-in without using Yeoman generator.
I built an empty React app (https://github.com/facebook/create-react-app#readme) and I downloaded a default mail manifest file (.xml) from the Office JS site(can see below). I can successfully sideload itas a custom Add-in and it successfully displayed on the ribbon, but when I try to display it as a task pane. It threw this error:
ADD-IN ERROR: We can't open this add-in from localhost
I have tried the solution here: https://learn.microsoft.com/en-us/office/troubleshoot/office-suite-issues/cannot-open-add-in-from-localhost
to add a local loopback exemption, but it still doesn't work.
I am not sure what the problem exactly is. I tried many different manifest files and this is one of them:
The default mail manifest file (.xml) from Office JS site:
<?xml version="1.0" encoding="utf-8"?>
<OfficeApp xmlns=
"http://schemas.microsoft.com/office/appforoffice/1.1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="MailApp">
<!--IMPORTANT! Id must be unique for each add-in. If you copy this manifest ensure that you change this id to your own GUID. -->
<Id>971E76EF-D73E-567F-ADAE-5A76B39052CF</Id>
<Version>1.0</Version>
<ProviderName>Microsoft</ProviderName>
<DefaultLocale>en-us</DefaultLocale>
<DisplayName DefaultValue="YouTube"/>
<Description DefaultValue=
"Watch YouTube videos referenced in the e-mails you
receive without leaving your email client.">
<Override Locale="fr-fr" Value="Visualisez les vidéos
YouTube références dans vos courriers électronique
directement depuis Outlook."/>
</Description>
<!-- Change the following lines to specify -->
<!-- the web server that hosts the icon files. -->
<IconUrl DefaultValue="https://contoso.com/assets/icon-64.png" />
<HighResolutionIconUrl DefaultValue="https://contoso.com/assets/hi-res-icon.png" />
<SupportUrl DefaultValue="[Insert the URL of a page that provides support information for the app]" />
<Hosts>
<Host Name="Mailbox" />
</Hosts>
<Requirements>
<Sets DefaultMinVersion="1.1">
<Set Name="Mailbox" />
</Sets>
</Requirements>
<FormSettings>
<Form xsi:type="ItemRead">
<DesktopSettings>
<!-- Change the following line to specify -->
<!-- the web server that hosts the HTML file. -->
<SourceLocation DefaultValue=
"https://webserver/YouTube/YouTube_read_desktop.htm" />
<RequestedHeight>216</RequestedHeight>
</DesktopSettings>
<TabletSettings>
<!-- Change the following line to specify -->
<!-- the web server that hosts the HTML file. -->
<SourceLocation DefaultValue=
"https://webserver/YouTube/YouTube_read_tablet.htm" />
<RequestedHeight>216</RequestedHeight>
</TabletSettings>
</Form>
<Form xsi:type="ItemEdit">
<DesktopSettings>
<!-- Change the following line to specify -->
<!-- the web server that hosts the HTML file. -->
<SourceLocation DefaultValue=
"https://webserver/YouTube/YouTube_compose_desktop.htm" />
</DesktopSettings>
<TabletSettings>
<!-- Change the following line to specify -->
<!-- the web server that hosts the HTML file. -->
<SourceLocation DefaultValue=
"https://webserver/YouTube/YouTube_compose_tablet.htm" />
</TabletSettings>
</Form>
</FormSettings>
<Permissions>ReadWriteItem</Permissions>
<Rule xsi:type="RuleCollection" Mode="Or">
<Rule xsi:type="RuleCollection" Mode="And">
<Rule xsi:type="RuleCollection" Mode="Or">
<Rule xsi:type="ItemIs" ItemType="Appointment" FormType="Read" />
<Rule xsi:type="ItemIs" ItemType="Message" FormType="Read" />
</Rule>
<Rule xsi:type="ItemHasRegularExpressionMatch"
PropertyName="BodyAsPlaintext" RegExName="VideoURL"
RegExValue=
"http://(((www\.)?youtube\.com/watch\?v=)|
(youtu\.be/))[a-zA-Z0-9_-]{11}" />
</Rule>
<Rule xsi:type="RuleCollection" Mode="Or">
<Rule xsi:type="ItemIs" ItemType="Appointment" FormType="Edit" />
<Rule xsi:type="ItemIs" ItemType="Message" FormType="Edit" />
</Rule>
</Rule>
</OfficeApp>
I'm trying to create a setup file (MSI) that runs without admin privileges. for that, I've tried the bellow option.
I've set InstallAlluser property to false as bellow.
Also set InstallAllUsersVisible to false
I've also changed Default location with [AppDataFolder]
After changes above properties It still required Administrator permission to execute MSI file that created using Setup project.
Can you please help me to resolve this issue.
Thanks in Advance.
When you open your MSI with Orca (or equivalent MSI viewer), do you see the "UAC Compliant" check box checked? Sample screenshot here:
You should really use a more flexible and capable MSI tool than the Visual Studio Installer projects. They are good for a few purposes, but lack flexibility and there are numerous other problems: summary of VS Project problems (short form).
Per-User setups considered harmful: Some words of warning against per user setups. Here is one more answer on that.
A simple per-user folder installation in WiX (insert UPPERCASE GUIDs in locations shown with "PUT-GUID-HERE" (2 occurrences) - you can use this GUID generator):
<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
<Product Id="*" Name="PerUserSample" Language="1033" Version="1.0.0.0" Manufacturer="-" UpgradeCode="PUT-GUID-HERE">
<Package InstallerVersion="200" Compressed="yes" InstallScope="perUser" InstallPrivileges="limited" />
<MajorUpgrade DowngradeErrorMessage="A newer version of [ProductName] is already installed." />
<MediaTemplate EmbedCab="yes" />
<UIRef Id="WixUI_Mondo" />
<Feature Id="ProductFeature" Title="PerUserSample" Level="1" />
<Directory Id="TARGETDIR" Name="SourceDir">
<Directory Id="AppDataFolder">
<Directory Id="Something" Name="Something">
<Component Feature="ProductFeature" Guid="PUT-GUID-HERE">
<RegistryValue Root="HKCU" Key="Software\[Manufacturer]\[ProductName]\Test"
Name="installed" Type="integer" Value="1" KeyPath="yes"/>
<File Source="C:\Windows\Notepad.exe" />
<RemoveFolder Id="Something" Directory="Something" On="uninstall" />
</Component>
</Directory>
</Directory>
<Directory Id="ProgramFilesFolder">
<Directory Id="INSTALLFOLDER" Name="PerUserSample" />
</Directory>
</Directory>
</Product>
</Wix>
I have been trying to craft a UserJourney that will link a LinkedIn social account with an existing Local AAD B2C account. I have used the following as guides:
Starter Pack - LinkedIn Provider
Account Linking Policy Samples
When I configure in the Microsoft Account (which is OpenIdConnect) everything works perfectly, so I believe that I have the UserJourney parts correct.
When I attempt to use the LinkedIn OAuth2 ClaimsProvider it always fails with a generic error:
AADB2C90289: We encountered an error connecting to the identity provider. Please try again later.
Correlation ID: 90f20acf-b725-405d-a3ac-120e5b559f6f
Timestamp: 2020-01-03 15:17:54Z
Things I have tried:
Connecting Application Insights in Developer Mode - there is no tracing, logging or errors aside from the information above
Creating a second LinkedIn App and switching credentials - same result
Swapping in v1 and v2 ClaimsEndpoint urls
Disabling all OutputClaimsTransformations and anything that seemed calculated - same result
Creating a policy through the Portal (not custom) which allows me to login and creates a new account in the AAD; this is not what I need it to do, but does indicate that the credentials and setup of the LI App must be ok
Tracing through network calls - I can see the response from LinkedIn being posted to https://mydomain.b2clogin.com/mydomain.onmicrosoft.com/oauth2/authresp with a code and a state argument so I assume the issue is in processing the response
As I mentioned, connecting the MSA-OIDC provider was fine, albeit that it is not OAuth2. I presume, therefore, the issue is how I have the OAuth2 connection set up, but I can't spot the problem
Here's the material parts of my ClaimsProvider:
<ClaimsProvider>
<Domain>linkedin.com</Domain>
<DisplayName>LinkedIn</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="LinkedIn-OAUTH-Base">
<DisplayName>LinkedIn</DisplayName>
<Protocol Name="OAuth2" />
<Metadata>
<Item Key="ProviderName">linkedin</Item>
<Item Key="authorization_endpoint">https://www.linkedin.com/oauth/v2/authorization</Item>
<Item Key="AccessTokenEndpoint">https://www.linkedin.com/oauth/v2/accessToken</Item>
<Item Key="ClaimsEndpoint">https://api.linkedin.com/v2/me</Item>
<!--<Item Key="ClaimsEndpoint">https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address)</Item>-->
<Item Key="ClaimsEndpointAccessTokenName">oauth2_access_token</Item>
<Item Key="ClaimsEndpointFormatName">format</Item>
<Item Key="ClaimsEndpointFormat">json</Item>
<Item Key="scope">r_emailaddress r_liteprofile</Item>
<Item Key="HttpBinding">POST</Item>
<Item Key="external_user_identity_claim_id">id</Item>
<Item Key="BearerTokenTransmissionMethod">AuthorizationHeader</Item>
<Item Key="ResolveJsonPathsInJsonTokens">true</Item>
<Item Key="UsePolicyInRedirectUri">0</Item>
<Item Key="response_type">code</Item>
<Item Key="client_id">0</Item>
</Metadata>
<CryptographicKeys>
<Key Id="client_secret" StorageReferenceId="B2C_1A_LinkedInSecret" />
</CryptographicKeys>
</TechnicalProfile>
<TechnicalProfile Id="LinkedIn-OAUTH-Link">
<DisplayName>Link LinkedIn</DisplayName>
<Metadata>
<Item Key="ClaimTypeOnWhichToEnable">issuers</Item>
<Item Key="ClaimValueOnWhichToEnable">linkedin.com</Item>
</Metadata>
<InputClaims />
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="issuerUserIdToLink" PartnerClaimType="id" />
<OutputClaim ClaimTypeReferenceId="issuerToLink" DefaultValue="linkedin.com" AlwaysUseDefaultValue="true" />
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="CreateUserIdentityToLink" />
<OutputClaimsTransformation ReferenceId="AppendUserIdentityToLink" />
</OutputClaimsTransformations>
<IncludeTechnicalProfile ReferenceId="LinkedIn-OAUTH-Base" />
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
<EnabledForUserJourneys>OnItemAbsenceInStringCollectionClaim</EnabledForUserJourneys>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
Note: I removed the client_id value but that is set in the real version.
Note 2: Also in the real version the -Link profile is in a different file to the -Base profile, but I don't think that's material to the problem.
If someone can help me spot the problem here I'd be grateful. I'm a bit stuck at this point.
I have a website and api hosted on IIS 8.5 and lately users of the site are getting the following console error when attempting to POST data to the api when using Microsoft Edge:
HTTP401: DENIED - The requested resource requires user authentication.
(XHR)OPTIONS - http://my-local-address/api/customers/approval/post
Note: Users are authenticated by using Windows Authentication.
This occurs spontaneously and to get around the issue the users are forced to do a hard refresh (Ctrl + F5) on MS Edge and then they can continue with their process. Could there be a setting on IIS that's releasing the user authentication after a period of time?
I've listed my attempts to resolve the issue below:
I've got my organisation to add in a trusted policy for my local web address.
Changed the providers of the API. Moved NTLM above Negotiate.
Removed Negotiate based on this stackoverflow post Windows authentication failing in IIS 7.5.
Try and catch the error from the POST request but I'm returning null every time.
Configured CORS to allow for cross origin.
NB: I'm using angularjs for my front end and ASP.NET Web API 2 for the API.
The following code snippet details how the Web Api is configured:
WebApiConfig.cs
var cors = new EnableCorsAttribute("*", "*", "*") { SupportsCredentials = true };
config.EnableCors(cors);
Web.config
<system.web>
<identity impersonate="true" />
<compilation debug="true" targetFramework="4.5.1">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
<httpRuntime targetFramework="4.5.2" />
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="TRACEVerbHandler" />
<remove name="OPTIONSVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
Angular module config using $httpProvider to supply $http requests with credentials
$httpProvider.defaults.withCredentials = true;
I have two dockers sitting on two different machines, both running the vespa. When I submit an application which have two nodes - vespa1 and vespa2 (resolved in /etc/hosts). I get the following error.
Uploading application '/vespa-eval/src/main/application/' using http://localhost:19071/application/v2/tenant/default/session?name=application
Session 6 for tenant 'default' created.
Preparing session 6 using
http://localhost:19071/application/v2/tenant/default/session/6/prepared
Request failed. HTTP status code: 400
Invalid application package: default.default: Error loading model:
Could not find host in the application's host system: 'vespa-container'. Hostsystem=host 'vespa1',host 'vespa2'
I do not have a problem when using only localhost.
hosts.xml
<?xml version="1.0" encoding="utf-8" ?>
<hosts>
<host name="vespa1">
<alias>node0</alias>
</host>
<host name="vespa2">
<alias>node1</alias>
</host>
</hosts>
services.xml
<?xml version="1.0" encoding="utf-8" ?>
<services version="1.0">
<admin version="2.0">
<adminserver hostalias="node0"/>
<configservers>
<configserver hostalias="node0"/>
</configservers>
</admin>
<container id="container" version="1.0">
<document-api />
<search />
<nodes>
<node hostalias="node0" />
<node hostalias="node1" />
</nodes>
</container>
<content id="product" version="1.0">
<redundancy>1</redundancy>
<documents>
<document type="product" mode="index" />
</documents>
<nodes>
<node hostalias="node0" distribution-key="0" />
<node hostalias="node1" distribution-key="1" />
</nodes>
</content>
</services>
Looks like a host named vespa-container is already deployed but not in the new application package. To debug, try
vespa-model-inspect hosts
on the config server and see if it lists the host. Maybe a good idea to try from scratch, I don't see anything wrong with the enclosed files. To clean the config server, search for
vespa-configserver-remove-state
in the documentation
I came across the same issue, and fixed the error by replacing 'vespa-container' (below command) to the hostname of physical box. However, this caused a couple of other errors in rpc connection. Did you fix the problem yet? #aman.gupta
docker run --detach --name vespa --hostname vespa-container --privileged \
--volume $VESPA_SAMPLE_APPS:/vespa-sample-apps --publish 8080:8080 vespaengine/vespa