Just recently I installed the Microsoft Azure Active Directory Sync, and faced a strange issue: Password Sync was not working. When a password was updated on premises, those changes were not being replicated to Office 365. I was installing AADSync on a Windows 2008 R2 Operating system.
The Microsoft Azure Active Directory Sync tool event ID’s, that you can see on your server event viewer, are actually very good and make the job of troubleshooting the tool much easier. There is a Microsoft support article on how to troubleshoot AADSync that has all the event ID’s and if you’re having problems with the tool you should definitely have a look into it.
On my scenario, I went to the event viewer and immediately detected the event ID 611, that was stating that the Password Sync was failing for my internal domain, as shown below:
I started trying to understand why, and here’s what I looked at:
- I had no firewalls between the AADSync Server and the AD Domain controllers
- Both servers were on the same subnet and with the local firewall disabled
- AADSync was communicating with the Domain Controllers and all other tasks were working, except the Password Sync feature
So there was no way that this was about networking. So I circled back to the prerequisites of AADSync and found out what the problem was:
I had installed Microsoft .Net Framework 4.5, and it actually was good enough to allow me to install AADSync, and you can actually find a lot of guides out there that state that the 4.5 version is good enough, but when you’re installing on a Windows 2008 R2 it’s not, and I needed to install Microsoft .Net Framework 4.5.1.
Once I upgraded the .Net Framework to 4.5.1 everything started to work.