Other error on azure ad connect sync

Question

question

NorbertdeGraaf-2314 asked Oct 19, '21 KenRose-1690 published Apr 1, '22

Other error on azure ad connect sync

Hi, we are getting a sync error 114 on our Azure AD Connect that we are unable to resolve, the error does not give any details except a GUID that we cant locate, so when clicking on the error, the first page shows blanks on both Display name and Object type, and after clicking on that line the next page shows "The object failed synchronization. For more information, please see the error details. If the problem continues and cannot be fixed, please contact Microsoft Support."
The error Type is 114, User Name Principal is blank but it shows a GUID. Synchronization Status - On premises AD only
I have run a dsquery but it cant locate the GUID

azure-ad-connect-health

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2021-10-19T09:58:59.843Z

vipulsparsh-MSFT answered Oct 19, '21 KenRose-1690 published Apr 1, '22

@NorbertdeGraaf-2314 Thanks for reaching out.

The error you mentioned most often occurs when an object was converted from a synced user to a cloud-only user, however, the user may not have been deleted properly from the on-prem AD.

Option1:
Identify the affected object in Azure AD. Confirm if you really want to delete the object. If that's the case, simply use PowerShell to permanently delete the object from Azure AD.

Run the cmdlet : "Connect-MsolService" and enter your global admin credentials
Next, run : "Remove-MsolUser -ObjectId "<user's object ID>" -RemoveFromRecycleBin"
Trigger a delta sync by running the cmdlet : "Start-ADSyncSyncCycle -PolicyType Delta"

Option2:
If the object has been deleted in Active Directory but you want to keep the "Cloud-Only" object in AAD, simply use PowerShell to clear the SourceAnchor / ImmutableID from the object.

Run the cmdlet: "Connect-MsolService" and enter your global admin credentials
Next, run : 'Set-MsolUser -ObjectId '<user's object ID>' -ImmutableId "$null"'
Trigger a delta sync by running the cmdlet : "Start-ADSyncSyncCycle -PolicyType Delta"

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

· 3

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VladMenshchAdmin-6329 · Nov 12, 2021 at 10:48 PM

Option 2 fixed my issue.

0 ·

ChristianPantle-9303 · Feb 25 at 12:36 AM

Option 2 here solved my issue. I think what caused my issue was we had an on prem user who was terminated. I disabled them and moved them out the of the sync OU on prem. Waited online to see they were "deleted" and then restored them as a cloud user, then converted the account to a shared mailbox. I either did it all too fast, or I should have ran some delta syncs along the way. Either way Option 2 fixed my issue. Thank you so much!

0 ·

KenRose-1690 · Apr 01 at 01:48 PM

We deleted approximately 150 on-prem users who only needed cloud-only access. Now we have 150 sync errors. Is there a way to run the command in Option 2 for multiple users at once?

0 ·

Answer 2 · 2021-10-25T07:12:02.963Z

NorbertdeGraaf-2314 answered Oct 25, '21 NorbertdeGraaf-2314 commented Oct 26, '21

Thank you for the reply, i was engaging someone at MS and we did not manage to clear the error, it is now being escalated. As for your suggestions, under Option 1, i cannot identify the object as the error lists no details, only a GUID that i cannot locate on Azure AD, nor in AD. Option 2 is not relevant i think, as i have deleted in AD and do not want to keep it AAD

· 2

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT · Oct 25, 2021 at 06:19 PM

Did you hear back from the escalation yet? I'm seeing a number of customers reporting this.

0 ·

NorbertdeGraaf-2314 MarileeTurscak-MSFT · Oct 26, 2021 at 05:33 AM

Hi Marilee, no feedback from MS yet, i will update once i get a fix....

0 ·

Answer 3 · 2021-10-25T15:36:19.403Z

JimParadis-9937 answered Oct 25, '21

I'm having the same issue. It does not have a Display name or object type, just a GUID. So none of the options you listed will help. Any other fix?

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 4 · 2021-10-26T12:38:24.007Z

NorbertdeGraaf-2314 answered Oct 26, '21

MS got back to me, I opened the Synchronization Service Manager on the connecter PC and found the error and clicked on it – this showed the username and although that user was deleted from AD, it was still present on AAD, I hard deleted the user and the sync shows no errors, problem solved, thanks

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-service-manager-ui-connectors

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 5 · 2021-11-17T20:23:10.043Z

EduardoGarciaC-4268 answered Nov 17, '21

Clearing the ImmutableId worked for me, however I don't understand why we are getting these errors all of the sudden if we have done the same over a long time. When we terminate somebody, we disable their accounts, move them to an OU that doesn't sync, then force a sync which deletes the account from the cloud and sometimes we restore it to make it cloud only (shared mailbox) when somebody else needs access to the data. I don't see anything about this in the last release in October.

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question