Usually this error will not have any effect to Office 365 Dirsync, but it is indeed annoying to see error in our Azure AD Connect Sync Client Interface. Is best to resolve this error.
There are only 4 possible causes;
- AADC is OUTDATED ()
- Check for AADC version
- If it is outdated than update it, run the sync again
- Reference: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-upgrade-previous-version
- AADC’s schema crashes
- Run the AADC application and restart the schema
- Reference: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-installation-wizard
- Azure AD account Sync password is not set to “Password Never Expired”
- *Note: By default, when you setup AADC this is already turn on
- If you had turn this feature off,you have to update the password and enable the feature back on.
- Run Azure PowerShell Module command
- #Set new password
Set-MsolUserPassword -UserPrincipalName “XXXXXXX” -NewPassword “pa$$word“
Set-MsolUser -UserPrincipalName "XXXXXXXXX" -PasswordNeverExpires $true
- Restart the AADC service
#After restart runs finish, type this command Start-ADSyncSyncCycle -PolicyType Initial
- Server itself is having problem
- Restart the server
- Permission missing
- If you enable single sign-on, remember its minimum requirement of the permission rights for service account is domain admin
- DNS routing issue
- If you notice that you are having trouble resolving “login.windows.net” this is due to your DNS settings in your DNS server/AADC server network settings
- Most likely is DNS server settings, is configure wrongly
- Try to run nslookup to identify the return result
- If there is a forwarder in place, remove it.
The above causes are also the steps-by-steps investigation, and to resolve this error it is best to follow the above category and resolving them.
*Note: This error may occurs after few hours and it is best to monitor for 24 hours or 48 hours.