Since re-installing Windows 8 and 8.1 on my laptop the one drive for business will not sync.  Tried all troubleshooting methods but no success.  Help on this please.  Cheers, James

Hi,

Since this night we are receiving notifications in dirsync: Stopped-server-down

when i check in eventviewer following message appears:

 Microsoft.Online.Coexistence.ProvisionRetryException: Unable to communicate with the Windows Azure Active Directory service. Tracking ID: e1a4c6cd-ea6b-4348-8f29-8108b568dc0c See the event log for more details. ---> System.ServiceModel.ServerTooBusyException: The HTTP service located at https://adminwebservice.microsoftonline.com/provisioningservice.svc is unavailable.  This could be because the service is too busy or because no endpoint was found listening at the specified address. Please ensure that the address is correct and try accessing the service again later. ---> System.Net.WebException: The remote server returned an error: (503) Server Unavailable.

I have a micro-tenant for myself and my wife and our small business. E4 licenses for both of us. 

At one time last fall, I had dirsync working to my on-prem domain, but the server fell over and I never resurrected it. 

So dirsync has been down since 1/22/2015. 

Now the last piece: 

On Friday evening, I attempted to change my password through the portal. I went to Users>Jeff>Reset this User's Password. A small window popped-up, giving me the new temporary password that looked like this: Abc-1234 

I highlighted that text, copied it, and -tragically- closed out, then went to sign into MSOL again through the browser. I inputted my UPN, then pasted in the password and was met with "Reset password" screen. It asked me for my old password, then asked me to type my new password twice. 

Nothing I do here -whether I paste in the temp password or type my old password- works. I cannot get past this screen and I'm effectively locked out of Office 365. My mail has stopped flowing, Lync is offline, and OneDrive for Busienss is prompting me constantly. 

Using powershell from a non-Global Admin account, I see that my user account is in "PendingInput" in Overall Provisioning Status. My alternate email address is present, but I can't seem to generate a reset message for myself. 

Worst of all, when I try to build a new dirsync server, I learn that I need a Global Admin account in office 365, which of course I have, but it's Pending Input. 

Any help would be appreciated .

hi,

I'm getting the following error message when I try to set a reply address for Sharefile.eu in PS. My goal is to use Azure AD for SSO with Citrix Sharefile.

PS C:\Windows\system32> $replyUrl = New-MsolServicePrincipalAddresses -Address h
ttps://xxx.sharefile.eu/saml/acs
PS C:\Windows\system32> Set-MsolServicePrincipal -AppPrincipalId "c10f22a5-0a5b-
45d2-8fb1-xxxxxxxx" -Addresses $replyUrl
Set-MsolServicePrincipal : Unable to complete this action. Try again later.
In Zeile:1 Zeichen:1
+ Set-MsolServicePrincipal -AppPrincipalId
"c10f22a5-0a5b-45d2-8fb1-xxxxx"  ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
    + CategoryInfo          : OperationStopped: (:) [Set-MsolServicePrincipal]
   , MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.Inter
   nalServiceException,Microsoft.Online.Administration.Automation.SetServiceP
  rincipal

Does anyone know how I can get around this error message? Second question, is Sharefile.eu (not sharefile.com) supported by Azure and SSO? From the command below, the serviceprincipalname looks lilke it's pointing to sharefile.com and not sharefile.eu

PS C:\Windows\system32> Get-msolserviceprincipal -AppPrincipalID c10f22a5-0a5b-4 5d2-8fb1-xxxxxxx

ExtensionData: System.Runtime.Serialization.ExtensionDataObject AccountEnabled        :

True Addresses: {Microsoft.Online.Administration.RedirectUri}

AppPrincipalId: c10f22a5-0a5b-45d2-8fb1-7xxxxxxxx

DisplayName : Citrix ShareFile

ObjectId: dfa86c8a-8c20-4dd3-82d4-xxxxxxxxx

ServicePrincipalNames : {http://adapplicationregistry.onmicrosoft.com/sharefile/primary, https://*.sharefile1.com/saml/info, c10f22a5-0a5b-45d2-8fb1-xxxxxxx} TrustedForDelegation  : False

Thanks

Noel

Hi, i try to implement test network with Office 365 and AD Domain on-premise.
Have created federated trust, it seems works:

PS C:\ Get-MsolFederationProperty -DomainName testdomain.maildomain.org
Source : ADFS Server
ActiveClientSignInUrl : https://adfs01.testdomain.maildomain.org/adfs/services/trust/2005/usernamemixed
FederationServiceDisplayName : SSO
FederationServiceIdentifier : http://adfs01.testdomain.maildomain.org/adfs/services/trust
FederationMetadataUrl : https://adfs01.testdomain.maildomain.org/adfs/services/trust/mex
PassiveClientSignInUrl : https://adfs01.testdomain.maildomain.org/adfs/ls/
PassiveClientSignOutUrl : https://adfs01.testdomain.maildomain.org/adfs/ls/
TokenSigningCertificate : [Subject]
CN=ADFS Signing - ADFS01.testdomain.maildomain.org
[Issuer]
CN=ADFS Signing - ADFS01.testdomain.maildomain.org
[Serial Number]
4D6F495E9620158E43BEBCD1B97DA6C5
[Not Before]
22.04.2015 17:57:51
[Not After]
21.04.2016 17:57:51
[Thumbprint]
38E2AE2EAA010B217B2A81C6098EF3AB85B02523
NextTokenSigningCertificate :
PreferredAuthenticationProtocol :
Source : Microsoft Office 365
ActiveClientSignInUrl : https://adfs01.testdomain.maildomain.org/adfs/services/trust/2005/usernamemixed
FederationServiceDisplayName : testdomain
FederationServiceIdentifier : http://adfs01.testdomain.maildomain.org/adfs/services/trust
FederationMetadataUrl : https://adfs01.testdomain.maildomain.org/adfs/services/trust/mex
PassiveClientSignInUrl : https://adfs01.testdomain.maildomain.org/adfs/ls/
PassiveClientSignOutUrl : https://adfs01.testdomain.maildomain.org/adfs/ls/
TokenSigningCertificate : [Subject]
CN=ADFS Signing - ADFS01.testdomain.maildomain.org
[Issuer]
CN=ADFS Signing - ADFS01.testdomain.maildomain.org
[Serial Number]
4D6F495E9620158E43BEBCD1B97DA6C5
[Not Before]
22.04.2015 17:57:51
[Not After]
21.04.2016 17:57:51
[Thumbprint]
38E2AE2EAA010B217B2A81C6098EF3AB85B02523
NextTokenSigningCertificate :
PreferredAuthenticationProtocol : WsFed

when i try to configure DirSync and run it, it said me that it finished successfully, but nothing changes:

PS C:\> Get-MsolCompanyInformation | fl "*Dir*"
DirectorySynchronizationEnabled : True
DirectorySynchronizationStatus  : Enabled
LastDirSyncTime   

what wrong?

Hi,

We have changed server (hardware) and install new AD. But my older DC have AADSync with Office 365 (run very well).

Now, AADSync doesn´t sync users (InvalidSoftmatch).

How can I syncs users without lost any user on Office 365/Azure?

Thanks.

Marcos

Hello, we have a exchange hybrid deployment and a number of users synced via DIRSync, i enable password write-back within the DIRSync application and in azure ad i have enabled "Users Enabled For Password Reset" and set multifactor authentication, however users are still getting the following error.

we currently have a Azure ad Basic account with out O365 domain added to it

any suggestions

Gordon

Hi,

One of my customer is using Office 365 E3 plan for 150 users and another 400 users has been hosted on a service provider which provides exchange services and using exchange 2010.

Now my customer employees wants to share calendar within both the organization.

Please help us with the steps required and process to set it up.

thanx 

Folks, I am trying to uninstall Dirsync on test lab.
Did uninstall the software and later reinstalled.
However, while running the config wizard, it gives an error of cannot connect to Azure Active Directory.

I have removed the FIM groups from AD, still the same and again uninstall Dirsync.
Still no good.

I am looking at reinstall Dirsync as its not working properly.
However, not either getting completely removed, as it doesn't connects to Azure AD.

Already followed:

http://community.office365.com/en-us/f/613/t/261834.aspx

http://community.office365.com/en-us/f/613/t/290006.aspx

Any pointer will be of great help.

We have Office 365,and exchange hybrid deployment with ADFS. We need to move our DirSync to new dedicated server. Can I just uninstall the dirsync from old server and reinstall dirsync to new server or is there something else?

I've read many different blogs, articles, forums and announcements, both from Microsoft and from independent sites, and I can't seem to find a straight answer on this, especially since Microsoft have recently changed their position.

Can I install the Windows Azure Active Directory Sync tool on a Domain Controller (Windows Server 2008 R2 64bit), in order to perform Directory Sync with my Office 365 tenant?

Thanks.

I have my on-premises active directory having 100 of users, like user@domain.net. Also i have an office 365 account of same users, like user@officeonline.com. In O365 we are using Intune and sharepoint.

what is the best way to sync both AD together and what are the benefits ?

some on-premise users have been getting constant authentication prompts since moving a mailbox to 365,

these accounts have the calendar of this mailbox in their profile...

the usernames and passwords for on-premise and 365 are the same.

is this expected behaviour?

Hi Guys,

My requirements is to write the .Net web-service through which i need to creating the below in office 365 programmatically. Can anyone suggest which way to go. I know there are Rest Web service for it but i need to know whether we can do it through Office 365 API's.

1) Distribution List

2) Member

We are using SSO with directory sync.  I would like to know what the best practice procedure is for users changing their password in this configuration.  The problem that we have run into is that a user changes their password while on premise, and it takes a while for the change to sync.  Then their user account locks because the mobile devices try to access exchange using the old password.  So when a user has multiple devices connected to their account (phone, tablet, computer) do they have to change the password on each device separately?  And how does this work when the computer connects on premise to AD, but the mobile devices connect over the internet to Online?  Seems that the sync lag would cause their account to lock no matter what.  

Hi all;

I need help, we are using Dirsync to synchronize our AD to Office 365, from few days synchronization is not working anymore.

There are some errors in event log regarding synchronization but i don't know what to do to find a solution.
We have restarts all services, restart the server, but nothing changes.


Thank pou for your help

Erros messsages:

Log Name:      Application
Source:        FIMSynchronizationService
Date:          23-04-15 17:40:46
Event ID:      6313
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SERVER
Description:
The server encountered an unexpected error creating performance counters for management agent "Windows Azure Active Directory Connector".
 Performance counters will not be available for this management agent.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="32768">6313</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-04-23T15:40:46.000000000Z" />
    <EventRecordID>415902</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SERVER</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Windows Azure Active Directory Connector</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        Directory Synchronization
Date:          28-04-15 12:19:05
Event ID:      0
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SERVER
Description:
An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support. InitializeEx() failed on  environment. HResult:-2147023174. Contact Technical Support.  (0x800706BA)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Directory Synchronization" />
    <EventID Qualifiers="0">0</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-04-28T10:19:05.000000000Z" />
    <EventRecordID>425788</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SERVER</Computer>
    <Security />
  </System>
  <EventData>
    <Data>An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support. InitializeEx() failed on  environment. HResult:-2147023174. Contact Technical Support.  (0x800706BA)</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        Directory Synchronization
Date:          28-04-15 12:19:05
Event ID:      652
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SERVER
Description:
Failed credential provisioning batch. Error: Microsoft.Online.Coexistence.ProvisionException: An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support. ---> Microsoft.Online.Coexistence.Security.WindowsLiveException: InitializeEx() failed on  environment. HResult:-2147023174. Contact Technical Support.
   at Microsoft.Online.Coexistence.Security.LiveIdentityManager.Initialize(String environment)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)
   --- End of inner exception stack trace ---
   at Microsoft.Online.Coexistence.ProvisionHelper.WindowsLiveExceptionHandler(WindowsLiveException ex)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.Initialize()
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ProvisionCredentials(SyncCredentialsRequest request)
   at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.SetPasswords(IList`1 passwords)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Directory Synchronization" />
    <EventID Qualifiers="0">652</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-04-28T10:19:05.000000000Z" />
    <EventRecordID>425789</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SERVER</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Failed credential provisioning batch. Error: Microsoft.Online.Coexistence.ProvisionException: An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support. ---&gt; Microsoft.Online.Coexistence.Security.WindowsLiveException: InitializeEx() failed on  environment. HResult:-2147023174. Contact Technical Support.
   at Microsoft.Online.Coexistence.Security.LiveIdentityManager.Initialize(String environment)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)
   --- End of inner exception stack trace ---
   at Microsoft.Online.Coexistence.ProvisionHelper.WindowsLiveExceptionHandler(WindowsLiveException ex)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.Initialize()
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ProvisionCredentials(SyncCredentialsRequest request)
   at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.SetPasswords(IList`1 passwords)</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        FIMSynchronizationService
Date:          28-04-15 12:19:05
Event ID:      6900
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:     SERVER
Description:
The server encountered an unexpected error while processing a password change notification:
 
 "An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support.

   at Microsoft.Online.Coexistence.ProvisionHelper.WindowsLiveExceptionHandler(WindowsLiveException ex)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.Initialize()
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ProvisionCredentials(SyncCredentialsRequest request)
   at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.SetPasswords(IList`1 passwords)
   at PasswordHashSynchronization.TargetExtensionManager.ExportPasswords(TargetExtensionManager* , ECMAInformation* ecmaInformation, DynamicArray<PasswordHashSynchronization::TargetSynchronizationRecord \*>* targetPasswordChanges)


InnerException=>
InitializeEx() failed on  environment. HResult:-2147023174. Contact Technical Support.

   at Microsoft.Online.Coexistence.Security.LiveIdentityManager.Initialize(String environment)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)


InnerException=>
none
"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="49152">6900</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-04-28T10:19:05.000000000Z" />
    <EventRecordID>425790</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SERVER</Computer>
    <Security />
  </System>
  <EventData>
    <Data>An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support.

   at Microsoft.Online.Coexistence.ProvisionHelper.WindowsLiveExceptionHandler(WindowsLiveException ex)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.Initialize()
   at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ProvisionCredentials(SyncCredentialsRequest request)
   at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.SetPasswords(IList`1 passwords)
   at PasswordHashSynchronization.TargetExtensionManager.ExportPasswords(TargetExtensionManager* , ECMAInformation* ecmaInformation, DynamicArray&lt;PasswordHashSynchronization::TargetSynchronizationRecord \*&gt;* targetPasswordChanges)


InnerException=&gt;
InitializeEx() failed on  environment. HResult:-2147023174. Contact Technical Support.

   at Microsoft.Online.Coexistence.Security.LiveIdentityManager.Initialize(String environment)
   at Microsoft.Online.Coexistence.ProvisionHelper.GetLiveCompactToken(String userName, String userPassword)


InnerException=&gt;
none
</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        FIMSynchronizationService
Date:          28-04-15 12:19:05
Event ID:      6329
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SERVER
Description:
An unexpected error has occurred during a password set operation.
 "BAIL: MMS(1980): SynchronizationEngineManagedHandle.cpp(101): 0x80004005 (Unspecified error)
BAIL: MMS(1980): ..\server.cpp(11145): 0x80004005 (Unspecified error)
BAIL: MMS(1980): ..\server.cpp(11215): 0x80004005 (Unspecified error)
Forefront Identity Manager 4.3.647.0"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="49152">6329</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-04-28T10:19:05.000000000Z" />
    <EventRecordID>425791</EventRecordID>
    <Channel>Application</Channel>
    <Computer>NSERVER</Computer>
    <Security />
  </System>
  <EventData>
    <Data>BAIL: MMS(1980): SynchronizationEngineManagedHandle.cpp(101): 0x80004005 (Unspecified error)
BAIL: MMS(1980): ..\server.cpp(11145): 0x80004005 (Unspecified error)
BAIL: MMS(1980): ..\server.cpp(11215): 0x80004005 (Unspecified error)
Forefront Identity Manager 4.3.647.0</Data>
  </EventData>
</Event>

I have a hybrid deployment running and after rebooting the dirsync server I am having issues with syncing I see the below:-

I ran the troubleshooter and it advises that dirsync is not activated as below:-

As you can see from the first screenshot dirsync is activated and was running perfectly fine for about 2 weeks before this. 

Hi

I am new to Office 365 AD Sync, we have recently purchased a few licences for Lync 2013, and I registered with my email address before we synced AD to Office 365.

Now in Office 365 my details states “In Cloud” and I am receiving emails telling me the below, I have a feeling that my in house AD account is not syncing to Office 365. Can anyone help me resolve this?

We also do not have Exchange online.

Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [UserPrincipalName xxxxx@xxxxxx.com;]. Correct or remove the duplicate values in your local directory. Please refer to http://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values.

Also not sure if it is related but my up and coming Lync meetings are not showing in Lync?

6 months ago we converted our exchange 2010 server and have moved all of our users to Office 365 for exchange and sharepoint.   We have kept our AD to facilitate logging into to our local hosted network where we run apps totally separate from Office and Exchange.    We have 65 CAL licenses for our Active Directory and are maxed out but we are adding more users.  When I add a user through Azure AD do I need to purchase any more CAL licenses in order to give them local access to our network?

Our company has had Office365 for awhile.  We've also had two separate domains within Active Directory for the different sites.  I've managed to migrate both domains to a single unified one and simply manage AD sites and now we're ready to merge with Office 365.

Thing is, many of the articles I'm reading seem to suggest that using the AD Sync with Office 365 won't merge existing AD users with existing Office365 accounts.  Is this true? Is there a way to get around this, or a different process to take?

The end goal is to have people inside the network sign into their computer and automatically be signed into Office 365 services (SSO).  People outside the network can still access Office365 using their logins, and mobile users can still provision their devices with Office365 resources as well.