question

RakeshBorhara-1772 avatar image
0 Votes"
RakeshBorhara-1772 asked sikumars commented

MS Azure Active Directory Application Proxy Connector - Server 2016 - Setup failed

I have windows Server 2016 i just cannot get the "AADApplicationProxyConnectorInstaller" to install - rebuilt the VM twice too

I use a Outbound (squid proxy) so i can confirm that internet access is working and also set the system proxy to the same proxy
TLS 1.2 and dot net reg settings have been updated and i have rebooted

Error is Setup Failed - The connector was not installed
make sure you have all the required Prerequisites which i do

Articles saying amending "C:\Program Files\Microsoft AAD App Proxy Connector\ApplicationProxyConnectorService.exe."
but without a successful install those files dont exist.

Event log shows the below
Connector registration failed: Make sure you enabled Application Proxy in the Azure Management Portal and that you entered your Active Directory user name and password correctly. Error: 'One or more errors occurred.' - Check Azure Portal its enabled

Product: Microsoft Azure Active Directory Application Proxy Connector -- Installation failed.
Windows Installer installed the product. Product Name: Microsoft Azure Active Directory Application Proxy Connector. Product Version: 1.5.1975.0. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success or error status: 1603.
Ending a Windows Installer transaction: C:\ProgramData\Package Cache{3E7A3F9B-87C5-41A8-B27A-C2C0EBD28FEE}v1.5.1975.0\AADAppProxyConnectorInstaller.msi. Client Process Id: 4940.


any futher help would be appreciated

azure-ad-application-proxy
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

sikumars avatar image
0 Votes"
sikumars answered sikumars edited

Hello @RakeshBorhara-177,

Thanks for reaching out.

This error message indicate, registration process interrupted without performing login to Azure AD.

There could be chances that User was blocked by MFA during silent install because silent installation doesn’t have the interactive UI for user to perform MFA.

Try to Run the Connector wizard again and register the Connector with account which doesn't have MFA enabled.

Also, make sure you enable Application Proxy in the Azure AD portal before trying to register the Connector. For more information on enabling Application Proxy, see Enable Application Proxy services..

For more information, refer:
https://github.com/Huachao/azure-content/blob/master/articles/active-directory/active-directory-application-proxy-troubleshoot.md#connector-troubleshooting

Hope this helps.

Regards,
Siva


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RakeshBorhara-1772 avatar image
0 Votes"
RakeshBorhara-1772 answered sikumars commented

Yes I agree its failing before asking me to login with a global admin account.

In fact i have another VM that has Azure ad app proxy service installed and shows as active in azure portal so I coped the proxy settings within the ApplicationProxyConnectorService.exe.config and tApplicationPorxyConnectorUpdaterService.exe.config files. As well as proxy settings in "ConfigueOutBoundProxy.PS1"


However whenever I use a new clean VM and install AzureAD App proxy connecor it fails (proxy settings have been applied to the files in the directory's that are left after it fails the installation.

The global admin account doesnt have MFA enabled confirmed by logging into portal.azure.com .
I have also tried the powershell silent install. but it fails on the below although the $cred file is correct


registerConnector.ps1 -modulePath "C:\Program Files\Microsoft AAD App Proxy Connector\Modules\" -moduleName "AppProxyPSModule" -Authenticationmode Credentials -Usercredentials $cred

incidently my dirty Vm above where the app proxy shows connected i can only get the msappproxy addressable externally now n then . using the same internal name externally and making the cname change with my dns provider doesnt redirect it.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I would request you to check following steps. Hope this helps.

Steps:

The Connector installation logs can be found in the %TEMP% folder and can help provide additional information on what is causing an installation failure.

Open a browser (separate tab) and go to the following web page: https://login.microsoftonline.com, make sure that you can login to that page.

Contact your network admin and ask to verify that the backend proxy and firewall do not block SHA512 for outgoing traffic.

More information, refer

0 Votes 0 ·

@RakeshBorhara-177,

If none of this works, Please send an email with the subject line “Attn: SivaKumarS” to AzCommunity[at]Microsoft[dot]com referencing this thread along with your subscription ID, and I will gladly open a free support case for you.

0 Votes 0 ·