Loading

DirSync failing to synchronise users to Azure AD

ISSUE

=====

DirSync failing to synchronise users to Azure AD, the issue could be intermittent.

The following error is shown in the Event Logs on the DirSync Server

Event ID: 102\0

Unable to establish a connection to the authentication service. Contact Technical Support. GetAuthState() failed with -2147186688 state. HResult:0. Contact Technical Support. (0x80048862)

At the same time as the above error the following error in the DNS logs are raised on the domain controller

Event ID: 4015

Description: The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The event data contains the error.

WORKAROUND

==========

Review the DNS settings in particular the defined forwarders.

If forwarders have been defined confirm that they are accessible or remove to allow DNS to use root hints.

Once resolved reboot the DirSync Server and start a full sync (from MIISCLient or C:\Program Files\Microsoft Azure AD Sync\Bin\DirectorySyncClientCmd.exe).

Other Options to try:

  • Ipconfig /flushdns
  • Dcdiag /fix
  • Confirm Net logon and DNS is running on the domain controller
  • Restart the FIM Service

Relates to: Office 365, O365, Azure, EMS