I have problem in which I cannot sync passwords to O365, it looks like there is an issue with LDAP connection for my domain but not sure where to go from here. (screenshot attached)<\/p>\n

Advertisement

Close

Troubleshooting steps taken:​<\/p>\n

\n
• Asked Admin to rest the password, sync and try to sign in as that User but this was unsuccessful.​<\/li>\n
• Ensured that the reset password check box was unticked.?​<\/li>\n
• Used the command on the following case: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-trou<\/a>… ​
  \n$adConnector = “” ​
  \n$aadConnector = “” ​
  \nImport-Module adsync ​
  \n$c = Get-ADSyncConnector -Name $adConnector ​
  \n$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null $p.Value = 1 ​
  \n$c.GlobalParameters.Remove($p.Name) ​
  \n$c.GlobalParameters.Add($p) ​
  \n$c = Add-ADSyncConnector -Connector $c ​
  \nSet-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false ​
  \nSet-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true​
  \n**- Still no success.**​<\/li>\n
• Tried refreshing the Schemer, still didn’t work. ​<\/li>\n
• Did force Sync with Initial,<\/strong> showed updates but still could not get into the User account.​<\/li>\n
• Got the Admin to update to most recent version<\/strong> https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aa<\/a> but the issue was still present.​
  \n**- Ensured that the Admin had all the correct permissions for password Sync.**​<\/li>\n
• Checked all settings that are contained within this link, which were fine: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-trou<\/a>… ​<\/li>\n
• Allowed replicate changes and replicate directory changes for all.​<\/li>\n
• Created a new User and did a force sync. Attempted to sign in but still did not work.​<\/li>\n
• When checking the event viewer, it came up with an error code, 611 (Image 1).​<\/li>\n
• Started a fresh install of AD Connect on the server ensuring all settings were correct but it asked for a Service Controller​<\/strong><\/li>\n
• We still ran into the
  

  5340c977-0b9a-4eb3-afd4-037f3939cc77-Screenshot_2021-08-20_083849.jpg<\/span>800×421 56.1 KB<\/span>

  

  d18416ca-0dcd-43d0-9ab0-b98fdc8172a3-Screenshot_2021-08-20_083907.jpg<\/span>800×510 47.2 KB<\/span>

  

  Advertisement

  Close

  Hi @itbestuur<\/a><\/p>\n

  We just had this same issue, I think. Does the Event Viewer on the AD Connect server showing anything like:
  \n\" Password hash synchronization failed for domain: *****.org, domain controller hostname: , domain controller IP address: . Details:
  \nMicrosoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: *****.org.\"<\/p>\n

  IF it is, the new AD Connect Microsoft Entra Connect: Version release history - Microsoft Entra ID | Microsoft Learn<\/a> 2.0.10.0 will fix that issue. I apologize if this is not the issue. I have a post up about this, too.<\/p>\n

  I hope this helps!<\/p>","upvoteCount":0,"datePublished":"2021-08-20T17:20:23.000Z","url":"https://community.spiceworks.com/t/ad-connect-password-sync-stopped-working-to-o365/808961/6","author":{"@type":"Person","name":"danuin","url":"https://community.spiceworks.com/u/danuin"}},"suggestedAnswer":[{"@type":"Answer","text":"

  I have problem in which I cannot sync passwords to O365, it looks like there is an issue with LDAP connection for my domain but not sure where to go from here. (screenshot attached)<\/p>\n

  Troubleshooting steps taken:​<\/p>\n

  \n
  • Asked Admin to rest the password, sync and try to sign in as that User but this was unsuccessful.​<\/li>\n
  • Ensured that the reset password check box was unticked.?​<\/li>\n
  • Used the command on the following case: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-trou<\/a>… ​
    \n$adConnector = “” ​
    \n$aadConnector = “” ​
    \nImport-Module adsync ​
    \n$c = Get-ADSyncConnector -Name $adConnector ​
    \n$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null $p.Value = 1 ​
    \n$c.GlobalParameters.Remove($p.Name) ​
    \n$c.GlobalParameters.Add($p) ​
    \n$c = Add-ADSyncConnector -Connector $c ​
    \nSet-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false ​
    \nSet-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true​
    \n**- Still no success.**​<\/li>\n
  • Tried refreshing the Schemer, still didn’t work. ​<\/li>\n
  • Did force Sync with Initial,<\/strong> showed updates but still could not get into the User account.​<\/li>\n
  • Got the Admin to update to most recent version<\/strong> https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aa<\/a> but the issue was still present.​
    \n**- Ensured that the Admin had all the correct permissions for password Sync.**​<\/li>\n
  • Checked all settings that are contained within this link, which were fine: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-trou<\/a>… ​<\/li>\n
  • Allowed replicate changes and replicate directory changes for all.​<\/li>\n
  • Created a new User and did a force sync. Attempted to sign in but still did not work.​<\/li>\n
  • When checking the event viewer, it came up with an error code, 611 (Image 1).​<\/li>\n
  • Started a fresh install of AD Connect on the server ensuring all settings were correct but it asked for a Service Controller​<\/strong><\/li>\n
  • We still ran into the
    

    5340c977-0b9a-4eb3-afd4-037f3939cc77-Screenshot_2021-08-20_083849.jpg<\/span>800×421 56.1 KB<\/span>

    

    d18416ca-0dcd-43d0-9ab0-b98fdc8172a3-Screenshot_2021-08-20_083907.jpg<\/span>800×510 47.2 KB<\/span>

    these steps will fix<\/p>\n

    https://www.matthiashuebner.com/index.php/2020/10/12/aad-connect-password-hash-synchronisation-failed/<\/a><\/p>","upvoteCount":0,"datePublished":"2021-08-20T06:17:21.000Z","url":"https://community.spiceworks.com/t/ad-connect-password-sync-stopped-working-to-o365/808961/2","author":{"@type":"Person","name":"jitensh","url":"https://community.spiceworks.com/u/jitensh"}},{"@type":"Answer","text":"

    As I mentioned in my post, those steps do NOT fix. But thank you for trying. Any other help would be kindly accepted. <\/p>","upvoteCount":0,"datePublished":"2021-08-20T07:08:29.000Z","url":"https://community.spiceworks.com/t/ad-connect-password-sync-stopped-working-to-o365/808961/3","author":{"@type":"Person","name":"itbestuur","url":"https://community.spiceworks.com/u/itbestuur"}},{"@type":"Answer","text":"