Microsoft Azure active Directory Sync Issues

IT 96 Reputation points
2020-02-12T20:57:09.067+00:00

Azure AD sync has been running for over a year now but recently it failed. We are now getting an error message when we run Azure AD connect. the error message is "Unable to install the Synchronization Service."

I've tried making the admin account a local account and running the application again but still, I get the same error. I've also renamed the "Microsoft Azure folder" in program files but still, I get the error message. I've also tried running AD connect in a different DC. I've uninstalled and reinstalled the application.

Anyone with any suggestion on how to solve this issue?

Thanks,
Kanyambo

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,559 questions
0 comments
Accepted answer
  1. IT 96 Reputation points
    2020-02-27T14:56:05.733+00:00

    To solve this issue please follow the below steps:

    Please note It seems that the version of SQL 2012 that comes within the installation and configuration of AADConnect does not support TLS.
    This is incredibly important, for, as you may know, AADConnect needs and uses TLS 1.2.

    a. Manually uninstall AADConnect and remove all components in relation to AADConnect.
    b. Re-install AADConnect with the same original download link: https://www.microsoft.com/en-us/download/details.aspx?id=47594
    c. Once the configuration wizard can be found on the machine, do run it, however, do not click on Configure. Simply close it.
    This will allow AADConnect to automatically confirm the License Agreements.
    d. Once those steps are done, please install the latest version of Microsoft SQL Server 2012 Native Client, the download link can be found here:
    https://www.microsoft.com/en-us/download/details.aspx?id=50402
    c. Then, once you have successfully installed Microsoft SQL Server 2012 Native Client, you may go ahead and run Azure AD Connect and go through the Custom Installation option.

    From the research I did, I found out that, Azure AD Connect comes with a version of the Microsoft SQL Server 2012 Native Client that does not support TLS. This issue does not always affect everyone, however, when it does, this is resolved by installing the SQL Server independently as a stand-alone download.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 34,036 Reputation points Microsoft Employee
    2020-02-12T23:18:11.74+00:00

    You need an account with local administrator privileges on your computer to install Azure AD Sync. Then, during the Azure AD Connect installation you will be asked for two credentials - an enterprise admin account for the on-premises DC and a Global Admin account for the Azure AD cloud tenant that you are syncing to.

    If you already have the right credentials, step through all the keys in 

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\

    Look for the one with Product Name Microsoft Azure AD Connect . Delete this and restart the installer.

    Also, if the keys below exist, remove them: 

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7EC08CB7BBBDF1045B31147D9AC698FB 

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E2D094C21044C254D9583B64140ED511
  2. IT 96 Reputation points
    2020-02-18T15:03:22.203+00:00

    Anyone with a solution to this issue?

    0 comments