question

DmitritGaranin-9681 avatar image
0 Votes"
DmitritGaranin-9681 asked ·

Error in Password Hash Synchronization General Diagnostics

When I run the password synchronization diagnostics with the Invoke-ADSyncDiagnostics -PasswordSync command, I get this error:

 Password Hash Synchronization cloud configuration is enabled.
 Password Hash Synchronization agent had an error while pushing password changes to AAD tenant at: 05/12/2019 06:08:19 UTC
 Please make sure AAD connector account is added to AAD Tenant, and username and password for this account are valid.
 Please check 652 error events in the application event logs for details

I changed the passwords and am 100% sure that they are correct. If I start password synchronization for a specific user, then it passes successfully. So it's not about the account on the connector.

There is an event with code 652 in the Application log. Here it is:

 Failed credential provisioning batch. Clearing affinity to the current service endpoint:. Error: Microsoft.MetadirectoryServices.UnexpectedDataException: The DN given to RDNToSourceAnchor is not valid.
     at Microsoft.Online.DirSync.Extension.Utilities.DNEncoding.RdnToBinary (String rdn)
     at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.CreateRequest (IList`1 passwords, String forestInfo)
     at Microsoft.Azure.ActiveDirectory.Connector.PasswordChangeNotificationExtension.SetPasswords (IList`1 allPasswords, String forestInfo).

How to fix it?

azure-active-directory
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

neray-MSFT avatar image
0 Votes"
neray-MSFT answered ·

@DmitritGaranin-9681

It looks like Password synchronization failed when trying to retrieve updated passwords from the on-premises AD DS after you changed the passwords.

Try the Resolution 2 mentioned in this document and then try again and let us know if it works.


Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.