AAD Contains Another Object With The Same DN
KB ID 0001638 Problem I’ve seen this a few times now, I’ve had users that will not sync from Active Directory to Azure Active Directory (Office 365). When you look to see why, you will see something like; The Connector {Your-Domain}.onmicrosoft.com – AAD contains another object with the same DN which is already connected to the MV. Note: For the uninitiated, DN is Distinguished Name, and MV is MetaVerse. If you...
Azure AD Sync: ‘Insufficient access rights to perform this operation’
KB ID 0001636 Problem With Azure AD Replication, you may notice that you have the following error when you take a look at your connector status; Error: permission-issue Connected data source error code: 8344 Connected data source error: Insufficient access rights to perform this operation. Solution Firstly ensure that the user you are running AAD sync under, has the following permissions on the ‘root’ of your local AD...
Connections From Machines That Don’t Map to Sites?
KB ID 0001635 Problem I was troubleshooting some replication issues for a client, and carried out a dcdiag on one of their domain controllers, and saw this; Starting test: SystemLog A warning event occurred. EventID: 0x000016AF Time Generated: xx/xx/xxxx xx:xx:xx Event String: During the past 4.21 hours there have been {xxx} connections to this Domain Controller from client machines whose IP addresses don’t map to any of the...
ADFS: Changing the Certificate
KB ID 0001634 Problem I needed to change the certificate used by an ADFS server today. I’d used a temporary self signed wildcard cert to get me up and running now I needed to replace it with a new publicly signed one. I found a number of ways of doing this INCORRECTLY, so hopefully I will save you making the same mistakes! Solution Firstly you need to import your certificate, here from a PFX file, (if you want a PFX file import...
Gpupdate: Windows Could Not Locate the Directory Object
KB ID 0001625 Problem Saw this on a Windows client on my test network; User Policy update has completed successfully. Computer policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed. Windows could not locate the directory object OU=Top-Level,OU=computers,DC=PeteNetLive,DC=com. Group Policy settings will not be enforced until this event is resolved. View the event details...
Add The ‘Group Policy Management Console’
KB ID 0001615 Problem On a Domain Controller you will get Group Policy Management, (by default) listed under administrative tools. But if you have a ‘Management Server’ of a ‘Jump Box’, that you want to install the tool onto, (without making it a domain controller!) Then do the following; Option 1: Install GPMC with Powershell This is the quickest and simplest option! Open a PowerShell Windows and execute the...