Hello,
We have a odd situation, where only a few users (3 from 10 test users so far) are not able to enrol their devices or log onto portal.microsoftonline.com (username or password not recognised).
I checked Dirsync server and I see the account information is correct and matches with Azure AD. I have run a password sync via PS (we are using Dirsync 1.0.7020.0):
Powershell admin:
- set-executionpolicy bypass
- import-module msonline
- connect-msolservice
- Import-Module Dirsync
- Set-FullPasswordSync
- Start-OnlineCoexistenceSync
- Restart Forefront Identity Service.
The AD team previously tried to implement O365/Intune SSO via ADFS, but we reverted back to dirsync and managed users only (not federated) with password sync.
I have admin access to the ADFS server, where dirsync is installed see errors on the event log:
Log Name: Application
Source: FIMSynchronizationService
Date: 11/19/2014 5:06:14 AM
Event ID: 6329
Task Category: Server
Level: Error
Keywords: Classic
User: N/A
Computer: adfsserver.blah.com
Description:
An unexpected error has occurred during a password set operation.
"BAIL: MMS(2004): SynchronizationEngineManagedHandle.cpp(101): 0x80004005 (Unspecified error)
WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {452806F3-F509-4695-9969-16F4F35B84F8}, CS Object Id = {B6F0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {1AAF4DFB-573D-42D4-BE51-6ED6EDCC0949}, CS Object Id = {4D91B1A8-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {68A3E211-9B54-4A65-8EBD-60DBB485804E}, CS Object Id = {FF92B1A8-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {F539F05F-93AA-4234-A6D7-8D6C01966A9A}, CS Object Id = {44F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {0E7BD583-27EF-4203-AE52-E8C0F742BC7E}, CS Object Id = {2FF3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {98CA1AE0-74AC-40D2-86F7-61830CC89411}, CS Object Id = {0EF2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {D629429E-D52F-4C41-985C-C0E7908781D7}, CS Object Id = {8DF0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {5F95010E-4C75-4ABD-8BAF-ACFACEF83AD0}, CS Object Id = {43F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {EEB47B6D-A498-43B8-9571-7F49A56CC42C}, CS Object Id = {85F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {C643610F-105C-4FF8-A7F0-E28A18FDBA94}, CS Object Id = {B7F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {EDE83607-F5F9-4AFE-948D-294DEC622B45}, CS Object Id = {C3F0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {8B6A1FD8-BB79-456A-A648-8DBECC9C96BE}, CS Object Id = {6EF0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {4C8D05B0-67C4-4EBA-B6F6-83B889C89B46}, CS Object Id = {BEF2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {D0D5B8C5-3E68-4AD6-BF7F-4F47A36B21EF}, CS Object Id = {81F0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {8D7BE263-4C9D-4B28-BAA7-C3D2D38AAE37}, CS Object Id = {8BEFA1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {B643D893-B594-4969-97AD-BB7D6CF28441}, CS Object Id = {BAF1A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {02D7E9B3-38CF-4CFB-A9D8-E6E1D6434F3C}, CS Object Id = {4FF1A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {69D46C9F-5CB9-475A-BFE9-6A9DC7BFB6CA}, CS Object Id = {DDF0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {1C670F81-1FD9-42C7-AF5B-31261087348C}, CS Object Id = {71F0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {98D4C7C5-3BD2-483C-B0A0-DFCA8EACBB5F}, CS Object Id = {39F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {CE52A9D4-7D70-40D6-9440-A2B5FBE6C97B}, CS Object Id = {B1F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {EF567CFA-E900-4187-91A3-E49EA7CAF29B}, CS Object Id = {85F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {A3D12DC3-7F14-42E4-8803-154324FA250F}, CS Object Id = {C4F0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {3B85AF2A-FE14-4C54-9155-44E81D394269}, CS Object Id = {10F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {377C1A14-3BBF-4FC1-963A-6C7B02C07C81}, CS Object Id = {29F1A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {4F220753-AE54-43D2-AF9A-9A6556860C63}, CS Object Id = {6CF3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {3F58E331-9821-4E5D-8219-AEAB23E55329}, CS Object Id = {6CF0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {5562E9CF-2F07-47CD-BD17-1E8943624777}, CS Object Id = {46F0A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {77580389-25DD-4CC3-9C89-B3854D18234E}, CS Object Id = {BBF2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {A9921CB9-2E1E-4402-8A75-F7A7CD1D433C}, CS Object Id = {5FBFA9AE-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {547FBF47-9B39-436D-9226-77E3693E5370}, CS Object Id = {28F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {D3350FB7-CD1F-4616-8774-E01DA1DA3026}, CS Object Id = {FB92B1A8-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {4AF86AA5-3578-4D67-BF43-8097A704501C}, CS Object Id = {9FF3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {920C1E18-C135-4669-A0A7-91D6AD11BA4C}, CS Object Id = {B6F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {2B0D551E-A190-403F-B8C2-A21AFCE25241}, CS Object Id = {12F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {63052B5F-D635-419D-89D5-7F833DDF8A22}, CS Object Id = {57F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {0B33D378-AFAB-4625-958F-691B839BD817}, CS Object Id = {22F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {03E422BA-4A1A-4CDC-A0EA-3E5D76497465}, CS Object Id = {69F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {2B73C03C-36F3-4035-9161-0CD44FBE7D88}, CS Object Id = {6CF1A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {4EBF4387-AE37-4499-9833-61E97E391F9B}, CS Object Id = {2CF3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {FF4EBD3C-BA2B-4726-9852-BC31AD716F46}, CS Object Id = {D6F1A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {D9736315-3271-4046-BE31-991CAD50DBDA}, CS Object Id = {F69CB4A2-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {B721ED39-9869-4F33-914E-E39A676B1289}, CS Object Id = {AAF3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {DB7A0038-637F-4694-B66F-D66A14F45747}, CS Object Id = {48F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {7DAF7A24-99E2-4277-945C-1908CC5F7BC4}, CS Object Id = {92F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {6ABD1B81-27D4-4F67-828E-39E4769504DD}, CS Object Id = {03F3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {DE8933E6-B200-4DE2-B573-B38B3AC5000C}, CS Object Id = {F4F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {7672E1AB-7C39-4717-A88C-7878F25C5C7F}, CS Object Id = {BDF3A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {75143EC5-1659-415A-94EF-4A1CF2E7E0AC}, CS Object Id = {54F2A1B4-3165-E411-8D92-005056AD5EA8}WARNING: MMS(2004): ..\SynchronizationRecordManager.cpp(128): MV Object Not Found for Object. Anchor = {FA9B3755-26EB-4F7E-B5BD-7CF4008B621A}, CS Object Id = {B3F3A1B4-3165-E411-8D92-005056AD5EA8}BAIL: MMS(2004): ..\server.cpp(11145): 0x80004005 (Unspecified error)
BAIL: MMS(2004): ..\server.cpp(11215): 0x80004005 (Unspecified error)
Forefront Identity Manager 4.3.702.0"
And
Log Name: Application
Source: FIMSynchronizationService
Date: 11/19/2014 5:06:14 AM
Event ID: 6900
Task Category: Server
Level: Error
Keywords: Classic
User: N/A
Computer: adfserver.blah.com
Description:
The server encountered an unexpected error while processing a password change notification:
"Unexpected exception thrown. Action: ProvisionCredentials, Exception: An error occurred. Error Code: 90. Error Description: Password Synchronization has not been activated for this company. Tracking ID: b89cf275-3c2b-48fc-8d4e-3775c7064238 Server Name: .
at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ExecuteWithRetry(String actionName, Action action)
at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ProvisionCredentials(SyncCredentialsRequest request)
at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.SetPasswords(IList`1 passwords)
at PasswordHashSynchronization.TargetExtensionManager.ExportPasswords(TargetExtensionManager* , ECMAInformation* ecmaInformation, DynamicArray<PasswordHashSynchronization::TargetSynchronizationRecord \*>* targetPasswordChanges)
InnerException=>
An error occurred. Error Code: 90. Error Description: Password Synchronization has not been activated for this company. Tracking ID: b89cf275-3c2b-48fc-8d4e-3775c7064238 Server Name: .
at Microsoft.Online.Coexistence.ProvisionHelper.AdminWebServiceFaultHandler(FaultException`1 adminwebFault)
at Microsoft.Online.Coexistence.ProvisionHelper.InvokeAwsAPI[T](Func`1 awsOperation, String opsLabel)
at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.<>c__DisplayClassb.<ProvisionCredentials>b__a()
at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ExecuteWithRetry(String actionName, Action action)
InnerException=>
Password Synchronization has not been activated for this company.
Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Online.Coexistence.Schema.IProvisioningWebService.ProvisionCredentials(SyncCredentialsRequest request)
at Microsoft.Online.Coexistence.ProvisionHelper.InvokeAwsAPI[T](Func`1 awsOperation, String opsLabel)
InnerException=>
none
"
The AD team have assured me that password sync is enabled from the dirsync configuration wizard (I don't have elevated credentials to run this myself) - and it seems it is working for some users, implying it is working.
I checked that the users passwords conformed to the azure policy as well: http://msdn.microsoft.com/en-us/library/azure/jj943764.aspx
Any help on what to check or do next would be appreciated!
Ben