Update FQDNs for resource providers

In addition to updating the fully qualified domain names (FQDNs) for the core services, you must update the endpoints for your resource providers if you enabled them for high availability.

First, you must have a list of the resource providers in your deployment. Run the following Windows PowerShell cmdlet on any virtual machine in the deployment to get such a list, as shown in the following code.

Get-MgmtSvcResourceProvider -IncludeSystemResourceProviders -AdminUri $adminApiUri -Token $token -DisableCertificateValidation | Format-List -Property "Name"

For each one of the resource providers that was set up for high availability, you must run the following scripts. For each resource provider, you have to update the environment variables.

# Windows PowerShell Script to update Windows Azure Pack resource provider settings.

Import-Module MgmtSvcAdmin

# Use UriBuilder to update host name in Uri to preserve other parts of the Uri.
function Update-UriHost([string]$message, [System.Uri]$uri, [string]$find, [string]$replace)
    Write-Verbose -Message "  Checking $($message): $uri" -Verbose
    $uriBuilder = New-Object System.UriBuilder($uri)
    if ($uriBuilder.Host -ieq $find -and $replace)
        $uriBuilder.Host = $replace
        Write-Warning -Message "  Updated $($message):`r`n    before: $uri`r`n    after:  $($uriBuilder.Uri)"
    return $uriBuilder.Uri

# Get local machine host name and fully qualified domain name.
$ipgp = [System.Net.NetworkInformation.IPGlobalProperties]::GetIPGlobalProperties()
$hostname = $ipgp.HostName
$fqdn = "$($ipgp.HostName).$($ipgp.DomainName)".Trim(".")

# Get credentials for performing actions.
$windowsAuthSite = "https://$($hostname):30072/"
if (!$credential -or !($credential.Password))
    $credential = Get-Credential -Message "WAP Administrator" -UserName "$($env:USERDOMAIN)\$($env:USERNAME)"
$token = Get-MgmtSvcToken -Type Windows -AuthenticationSite $windowsAuthSite -ClientRealm 'http://azureservices/AdminSite' -User $credential -DisableCertificateValidation

# IMPORTANT: Specify -DecryptPassword switch to read plain-text password
# so passwords are not mangled when the resource provider settings are written back to the database.
$adminUri = "https://$($hostname):30004/"
$rps = Get-MgmtSvcResourceProvider -IncludeSystemResourceProviders -AdminUri $adminUri -Token $token -DisableCertificateValidation
foreach ($rp in $rps)
    Write-Verbose -Message "Updating WAP resource provider '$($rp.Name)'." -Verbose
    $find = $hostname
    $replace = $fqdn

    if ($rp.AdminEndpoint.ForwardingAddress)
        $rp.AdminEndpoint.ForwardingAddress = Update-UriHost -message 'AdminForwardingAddress' -uri $rp.AdminEndpoint.ForwardingAddress -find $find -replace $replace

    if ($rp.TenantEndpoint.ForwardingAddress)
        $rp.TenantEndpoint.ForwardingAddress = Update-UriHost -message 'TenantForwardingAddress' -uri $rp.TenantEndpoint.ForwardingAddress -find $find -replace $replace

    if ($rp.UsageEndpoint.ForwardingAddress)
        $rp.UsageEndpoint.ForwardingAddress = Update-UriHost -message 'UsageForwardingAddress' -uri $rp.UsageEndpoint.ForwardingAddress -find $find -replace $replace

    if ($rp.HealthCheckEndpoint.ForwardingAddress)
        $rp.HealthCheckEndpoint.ForwardingAddress = Update-UriHost -message 'HealthCheckForwardingAddress' -uri $rp.HealthCheckEndpoint.ForwardingAddress -find $find -replace $replace

    if ($rp.NotificationEndpoint.ForwardingAddress)
        $rp.NotificationEndpoint.ForwardingAddress = Update-UriHost -message 'NotificationForwardingAddress' -uri $rp.NotificationEndpoint.ForwardingAddress -find $find -replace $replace

    # Add -Confirm:$false to silently update.
    $rpUpdated = Set-MgmtSvcResourceProvider -ResourceProvider $rp -AdminUri $adminUri -Token $token -DisableCertificateValidation -Force