Share via

Can't connect a server to Azure-Arc, error

Randy Goldsmith 0 Reputation points
2025-10-21T21:02:33.12+00:00

After my students sign up for the "Azure for Students" account, some of them are not able to connect a server to Azure Arc while most of them can. Here is a copy of the error from 1 of my students:

0mtime="2025-10-21T13:42:21-05:00" level=info msg="Creating resource in Azure..." Correlation ID=2d537991-f9d8-47e9-93fe-740c14b89ce5 Resource ID=/subscriptions/6e07e398-e1e8-4611-b2d7-37f9aea62e10/r
esourceGroups/test_again/providers/Microsoft.HybridCompute/machines/Server26-MS2
time="2025-10-21T13:42:22-05:00" level=error msg="Please verify that the login credentials or token used has access to create resources in resource group 'test_again' under subscription '6e07e398-e1e8-46
11-b2d7-37f9aea62e10'. For required permissions and resource provider registrations, see https://free.blessedness.top/azure/azure-arc/servers/prerequisites"
time="2025-10-21T13:42:23-05:00" level=info msg="AZCM0042: Failed to Create Resource"
time="2025-10-21T13:42:23-05:00" level=info msg="Please review the error message for suggestions on how to fix the specific issues."
time="2025-10-21T13:42:23-05:00" level=info msg="For more troubleshooting tips, please refer to https://aka.ms/arc/azcmerror"
time="2025-10-21T13:42:23-05:00" level=fatal msg="RequestCorrelationId:2d537991-f9d8-47e9-93fe-740c14b89ce5 Message: Resource 'Server26-MS2' was disallowed by Azure: This policy maintains a set of best a
vailable regions where your subscription can deploy resources. The objective of this policy is to ensure that your subscription has full access to Azure services with optimal performance. Should you need
 additional or different regions, contact support.. Code: RequestDisallowedByAzure httpStatusCode:403 "
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Suchitra Suregaunkar 1,885 Reputation points Microsoft External Staff Moderator
    2025-10-21T23:06:14.84+00:00

    Hello Randy Goldsmith

    To resolve the error message "AZCM0042: Failed to Create Resource" you'll need the following Azure built-in roles for different aspects of managing connected machines:

    • To onboard machines, you must have the Azure Connected Machine Onboarding or Contributor role for the resource group where you're managing the servers.
    • To read, modify, and delete a machine, you must have the Azure Connected Machine Resource Administrator role for the resource group.
    • To select a resource group from the drop-down list when using the Generate script method, you'll also need the Reader role for that resource group (or another role that includes Reader access).
    • When associating a Private Link Scope with an Arc Server, you must have Microsoft.HybridCompute/privateLinkScopes/read permission on the Private Link Scope Resource.

    Azure resource providers:

    The following Azure resource providers must be registered in your subscription to use Azure Arc-enabled servers:

    • Microsoft.HybridCompute
    • Microsoft.GuestConfiguration
    • Microsoft.HybridConnectivity
    • Microsoft.AzureArcData (if you plan to Arc-enable SQL Servers)
    • Microsoft.Compute (for Azure Update Manager and automatic extension upgrades)

    You can register the resource providers using the following commands:

    Azure PowerShell:

    Connect-AzAccount
Set-AzContext -SubscriptionId [subscription you want to onboard]
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridCompute
Register-AzResourceProvider -ProviderNamespace Microsoft.GuestConfiguration
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridConnectivity
Register-AzResourceProvider -ProviderNamespace Microsoft.AzureArcData

    Azure CLI:

    az account set --subscription "{Your Subscription Name}"
az provider register --namespace 'Microsoft.HybridCompute'
az provider register --namespace 'Microsoft.GuestConfiguration'
az provider register --namespace 'Microsoft.HybridConnectivity'
az provider register --namespace 'Microsoft.AzureArcData'

    You can also register the resource providers in the Azure portal.

    Find your allowed regions: Azure Portal → PolicyAssignments → open Allowed locations / Allowed resource deployment regions → note the Allowed locations list.

    Reconnect using an allowed region.

    Thanks,

    Suchitra.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.