Every time i try to run azure ad connect wizard at the last moment it throw an error "unable to create synchronization service account for azure active directory. Retrying this operation may resolve issue." what might be the possible solution for this Issue and log look like below.
Help
[17:23:29.329] [ 6] [INFO ] Examining domain Cloudguru.tk (:0% complete)
[17:23:29.329] [ 6] [INFO ] ValidateForest: using DC-01.Cloudguru.tk to validate domain Cloudguru.tk
[17:23:29.344] [ 6] [INFO ] Successfully examined domain Cloudguru.tk GUID:19d7d81b-9a8d-43b2-8e87-2d7dc6158028 DN:DC=Cloudguru,DC=tk
[17:23:29.344] [ 6] [INFO ] ValidateForest returned 1 reachable and 0 unreachable domains.
[17:23:29.350] 1 [INFO ] ConvertUpnToSam: Given username CLOUDGURU.TK\AzureAdConnect@Felipe .tk needs to be converted.
[17:23:29.350] 1 [WARN ] ConvertUpnToSam: Given username CLOUDGURU.TK\AzureAdConnect@Felipe .tk was not converted successfully. Error 1317:The specified account does not exist
[17:23:29.350] [ 6] [INFO ] validForest=True
[17:23:29.397] [ 6] [INFO ] Exit ConfigSyncDirectoriesPageViewModel:ValidateDirectoryConnection:
[17:23:34.394] 1 [INFO ] ProgressWizardPageViewModel:StartProgressOperation Start background task Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.WaitForTaskCompletion in Page:"Connect your directories"
[17:23:34.394] 1 [INFO ] ProgressWizardPageViewModel:StartProgressOperation Started Background Task Id:26027
[17:23:34.410] [ 14] [INFO ] ConvertUpnToSam: Given username Cloudguru.tk\AzureAdConnect@Felipe .tk needs to be converted.
[17:23:34.410] [ 14] [WARN ] ConvertUpnToSam: Given username Cloudguru.tk\AzureAdConnect@Felipe .tk was not converted successfully. Error 1317:The specified account does not exist
AzureADConnect.exe Information: 0 : Management Agent Created: C:\Program Files\Microsoft Azure Active Directory Connect\SetupFiles\MA-ADDSTemplate.xml.
[17:23:35.534] [ 14] [INFO ] SyncDataProvider: Calling refresh schema on connector Cloudguru.tk
[17:23:36.136] [ 14] [INFO ] SyncDataProvider: Successfully refreshed schema on connector Cloudguru.tk
AzureADConnect.exe Warning: 0 : The DomainIgnore registry key is not present
AzureADConnect.exe Information: 0 : One or more domains were added to the Cloudguru.tk Connector.
AzureADConnect.exe Information: 0 : One or more domains were removed from the Cloudguru.tk Connector.
AzureADConnect.exe Information: 0 : Configured Connector Cloudguru.tk for forest Cloudguru.tk.
AzureADConnect.exe Information: 0 : Connector Cloudguru.tk was updated successfully.
[17:23:39.301] [ 14] [ERROR] ADPowerShellQueyProvider:SearchAdSyncDirectoryObjects Failed to run the ldap search query. Parameter values passed to PowerShell:
ForestFqdn : Cloudguru.tk
AdConnectorId : e1279c85-75d9-4f93-929f-cd60681ecae6
PropertiesToRetrieve : msDS-DeviceLocation,name,displayName,distinguishedName,objectClass
NamingContextType : Configuration
BaseDnType : Relative
AdConnectorUserName : Cloudguru.tk\AzureAdConnect@Felipe .tk
BaseDn : CN=Services
LdapFilter : (objectClass=msDS-DeviceRegistrationService)
SearchScope : Subtree
AllowUnreachableDomain : False
SizeLimit : 0
Exception Details :
System.Management.Automation.CmdletInvocationException: Exception details =>
Type => System.ArgumentOutOfRangeException
StartIndex cannot be less than zero.
Parameter name: startIndex
StackTrace =>
at System.String.Substring(Int32 startIndex, Int32 length)
at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize) at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) ---> System.ServiceModel.FaultException: Exception details => Type => System.ArgumentOutOfRangeException StartIndex cannot be less than zero. Parameter name: startIndex StackTrace => at System.String.Substring(Int32 startIndex, Int32 length) at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Azure.ActiveDirectory.ADSyncManagement.Contract.IADSyncManagementService.SearchADSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, String namingContextType, String baseDnType, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, String userDomain, String userName, String password, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at Microsoft.IdentityManagement.PowerShell.Cmdlet.AdSyncDirectorySearchResult.ProcessRecord()
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at System.Management.Automation.PowerShell.Worker.ConstructPipelineAndDoWork(Runspace rs, Boolean performSyncInvoke)
at System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(Runspace rsToUse, Boolean isSync)
at System.Management.Automation.PowerShell.CoreInvokeHelper[TInput,TOutput]
at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput]
at System.Management.Automation.PowerShell.Invoke(IEnumerable input, PSInvocationSettings settings)
at Microsoft.Online.Deployment.PowerShell.LocalPowerShell.Invoke()
at Microsoft.Online.Deployment.PowerShell.PowerShellHelper.InvokeCommand(IPowerShell powerShell, Command command)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.SearchAdSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, NamingContextType namingContextType, BaseDnType baseDnType, String baseDn, String ldapFilter, SearchScope searchScope, String[] propertiesToRetrieve, PSCredential adConnectorCredential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize, Boolean rethrowException)
[17:23:39.301] [ 14] [ERROR] Unable to discover device sync configuration for forest Cloudguru.tk
Exception Data (Raw): System.Management.Automation.CmdletInvocationException: Exception details =>
Type => System.ArgumentOutOfRangeException
StartIndex cannot be less than zero.
Parameter name: startIndex
StackTrace =>
at System.String.Substring(Int32 startIndex, Int32 length)
at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize) at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) ---> System.ServiceModel.FaultException: Exception details => Type => System.ArgumentOutOfRangeException StartIndex cannot be less than zero. Parameter name: startIndex StackTrace => at System.String.Substring(Int32 startIndex, Int32 length) at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Azure.ActiveDirectory.ADSyncManagement.Contract.IADSyncManagementService.SearchADSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, String namingContextType, String baseDnType, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, String userDomain, String userName, String password, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at Microsoft.IdentityManagement.PowerShell.Cmdlet.AdSyncDirectorySearchResult.ProcessRecord()
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at System.Management.Automation.PowerShell.Worker.ConstructPipelineAndDoWork(Runspace rs, Boolean performSyncInvoke)
at System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(Runspace rsToUse, Boolean isSync)
at System.Management.Automation.PowerShell.CoreInvokeHelper[TInput,TOutput]
at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput]
at System.Management.Automation.PowerShell.Invoke(IEnumerable input, PSInvocationSettings settings)
at Microsoft.Online.Deployment.PowerShell.LocalPowerShell.Invoke()
at Microsoft.Online.Deployment.PowerShell.PowerShellHelper.InvokeCommand(IPowerShell powerShell, Command command)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.SearchAdSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, NamingContextType namingContextType, BaseDnType baseDnType, String baseDn, String ldapFilter, SearchScope searchScope, String[] propertiesToRetrieve, PSCredential adConnectorCredential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize, Boolean rethrowException)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.DiscoverDeviceSyncConfiguration(String forestName, Guid connectorIdentifier, String userName, SecureString password, DeviceSyncConfiguration& configuration)
[17:23:39.301] [ 14] [ERROR] Unable to discover device configuration.
Exception Data (Raw): System.Management.Automation.CmdletInvocationException: Exception details =>
Type => System.ArgumentOutOfRangeException
StartIndex cannot be less than zero.
Parameter name: startIndex
StackTrace =>
at System.String.Substring(Int32 startIndex, Int32 length)
at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize) at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) ---> System.ServiceModel.FaultException: Exception details => Type => System.ArgumentOutOfRangeException StartIndex cannot be less than zero. Parameter name: startIndex StackTrace => at System.String.Substring(Int32 startIndex, Int32 length) at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Azure.ActiveDirectory.ADSyncManagement.Contract.IADSyncManagementService.SearchADSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, String namingContextType, String baseDnType, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, String userDomain, String userName, String password, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at Microsoft.IdentityManagement.PowerShell.Cmdlet.AdSyncDirectorySearchResult.ProcessRecord()
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at System.Management.Automation.PowerShell.Worker.ConstructPipelineAndDoWork(Runspace rs, Boolean performSyncInvoke)
at System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(Runspace rsToUse, Boolean isSync)
at System.Management.Automation.PowerShell.CoreInvokeHelper[TInput,TOutput]
at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput]
at System.Management.Automation.PowerShell.Invoke(IEnumerable input, PSInvocationSettings settings)
at Microsoft.Online.Deployment.PowerShell.LocalPowerShell.Invoke()
at Microsoft.Online.Deployment.PowerShell.PowerShellHelper.InvokeCommand(IPowerShell powerShell, Command command)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.SearchAdSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, NamingContextType namingContextType, BaseDnType baseDnType, String baseDn, String ldapFilter, SearchScope searchScope, String[] propertiesToRetrieve, PSCredential adConnectorCredential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize, Boolean rethrowException)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.DiscoverDeviceSyncConfiguration(String forestName, Guid connectorIdentifier, String userName, SecureString password, DeviceSyncConfiguration& configuration)
at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.CreateConnectors(Object obj)
[17:23:39.317] [ 6] [INFO ] Page transition from "Connect Directories" [ConfigSyncDirectoriesPageViewModel] to "Azure AD sign-in" [UserSignInConfigPageViewModel]
[17:23:39.401] [ 6] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Start background task Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.UserSignInConfigPageViewModel.ValidateScenario in Page:"Azure AD sign-in configuration"
[17:23:39.401] [ 6] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Started Background Task Id:26433
[17:23:39.426] [ 6] [VERB ] MsolDomainExtensions.ConnectMsolService: Connecting to MSOL service.
[17:23:39.426] [ 6] [INFO ] Authenticate-MSAL [Acquiring token]: STS endpoint (HTTPS://LOGIN.MICROSOFTONLINE.COM/CLOUDGURU.TK), scope (https://graph.windows.net/user_impersonation), userName (kedar@Felipe .tk).
[17:23:39.426] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:38:39] (UnknownClient: 0.0.0.0) Deserialized 1 items to token cache.
[17:23:39.427] [ 6] [INFO ] Authenticate-MSAL: acquiring token via cache for account kedar@Felipe .tk
[17:23:39.427] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:38:39 - 3b9221b4-e636-48a4-8ef3-6486a3059b47] (UnknownClient: 0.0.0.0) MSAL MSAL.Desktop with assembly version '4.5.1.0'. CorrelationId(3b9221b4-e636-48a4-8ef3-6486a3059b47)
[17:23:39.427] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:38:39 - 3b9221b4-e636-48a4-8ef3-6486a3059b47] (UnknownClient: 0.0.0.0) === OnBehalfOfParameters ===
LoginHint provided: False
User provided: True
ForceRefresh: False
[17:23:39.427] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:38:39 - 3b9221b4-e636-48a4-8ef3-6486a3059b47] (UnknownClient: 0.0.0.0)
=== Request Data ===
Authority Provided? - True
Scopes - https://graph.windows.net/user_impersonation
Extra Query Params Keys (space separated) -
[17:23:39.427] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:38:39 - 3b9221b4-e636-48a4-8ef3-6486a3059b47] (UnknownClient: 0.0.0.0) === Token Acquisition (SilentRequest) started:
[17:23:46.332] 1 [INFO ] cloudguru.tk [Verified]
[17:23:46.332] 1 [INFO ] --------------------------------------------------------------------
[17:23:46.333] [ 6] [INFO ] UserSignInConfigPageViewModel: AD Domains: notAddedDomains 0, notVerifiedDomains 0, verifiedDomains 1
[17:23:46.333] [ 6] [INFO ] UserSignInConfigPageViewModel: Azure Domains: aadUnverifiedDomains 0, aadVerifiedDomains 1
[17:23:46.333] [ 6] [INFO ] UserSignInConfigPageViewModel: The currently selected sign-in method is PassThroughAuthentication
[17:23:46.340] 1 [INFO ] UserSignInConfigPageViewModel: All AD UPN suffixes match a corresponding Azure verified domain in tenant (Cloudguru.tk).
[17:23:48.695] 1 [INFO ] Page transition from "Azure AD sign-in" [UserSignInConfigPageViewModel] to "Connect Directories" [ConfigSyncDirectoriesPageViewModel]
[17:24:05.229] 1 [INFO ] ProgressWizardPageViewModel:StartProgressOperation Start background task Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.WaitForTaskCompletion in Page:"Connect your directories"
[17:24:05.229] 1 [INFO ] ProgressWizardPageViewModel:StartProgressOperation Started Background Task Id:31467
[17:24:05.338] [ 14] [ERROR] ADPowerShellQueyProvider:SearchAdSyncDirectoryObjects Failed to run the ldap search query. Parameter values passed to PowerShell:
ForestFqdn : Cloudguru.tk
AdConnectorId : e1279c85-75d9-4f93-929f-cd60681ecae6
PropertiesToRetrieve : msDS-DeviceLocation,name,displayName,distinguishedName,objectClass
NamingContextType : Configuration
BaseDnType : Relative
AdConnectorUserName : Cloudguru.tk\AzureAdConnect@Felipe .tk
BaseDn : CN=Services
LdapFilter : (objectClass=msDS-DeviceRegistrationService)
SearchScope : Subtree
AllowUnreachableDomain : False
SizeLimit : 0
Exception Details :
System.Management.Automation.CmdletInvocationException: Exception details =>
Type => System.ArgumentOutOfRangeException
StartIndex cannot be less than zero.
Parameter name: startIndex
StackTrace =>
at System.String.Substring(Int32 startIndex, Int32 length)
at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize) at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) ---> System.ServiceModel.FaultException: Exception details => Type => System.ArgumentOutOfRangeException StartIndex cannot be less than zero. Parameter name: startIndex StackTrace => at System.String.Substring(Int32 startIndex, Int32 length) at Microsoft.MetadirectoryServices.LDAPQueryClient.Utilities.GetDomainNameFromDistinguishedName(String dn) at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResultsUnderBaseDn(String ldapSearchFilter, SearchScope searchScope, String baseDn, String username, SecureString password, IList1 propertiesToLoad, Int32 sizeLimit, Int32 pageSize)
at Microsoft.MetadirectoryServices.LDAPQueryClient.ReturnAdSearchResults.GetSearchResults(String forestFqdn, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, PSCredential credential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at SyncInvokeSearchADSyncDirectoryObjects(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Azure.ActiveDirectory.ADSyncManagement.Contract.IADSyncManagementService.SearchADSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, String namingContextType, String baseDnType, String baseDn, String ldapFilter, String searchScope, String propertiesToLoadSerialized, String userDomain, String userName, String password, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize)
at Microsoft.IdentityManagement.PowerShell.Cmdlet.AdSyncDirectorySearchResult.ProcessRecord()
--- End of inner exception stack trace ---
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at System.Management.Automation.PowerShell.Worker.ConstructPipelineAndDoWork(Runspace rs, Boolean performSyncInvoke)
at System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(Runspace rsToUse, Boolean isSync)
at System.Management.Automation.PowerShell.CoreInvokeHelper[TInput,TOutput]
at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput]
at System.Management.Automation.PowerShell.Invoke(IEnumerable input, PSInvocationSettings settings)
at Microsoft.Online.Deployment.PowerShell.LocalPowerShell.Invoke()
at Microsoft.Online.Deployment.PowerShell.PowerShellHelper.InvokeCommand(IPowerShell powerShell, Command command)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.SearchAdSyncDirectoryObjects(String forestFqdn, Guid adConnectorId, NamingContextType namingContextType, BaseDnType baseDnType, String baseDn, String ldapFilter, SearchScope searchScope, String[] propertiesToRetrieve, PSCredential adConnectorCredential, Boolean allowUnreachableDomain, Int32 sizeLimit, Int32 pageSize, Boolean rethrowException)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.DiscoverDeviceSyncConfiguration(String forestName, Guid connectorIdentifier, String userName, SecureString password, DeviceSyncConfiguration& configuration)
at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.CreateConnectors(Object obj)
[17:24:05.339] [ 4] [INFO ] Page transition from "Connect Directories" [ConfigSyncDirectoriesPageViewModel] to "Azure AD sign-in" [UserSignInConfigPageViewModel]
[17:24:05.401] [ 4] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Start background task Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.UserSignInConfigPageViewModel.ValidateScenario in Page:"Azure AD sign-in configuration"
[17:24:05.403] [ 4] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Started Background Task Id:31615
[17:24:05.403] [ 6] [VERB ] MsolDomainExtensions.ConnectMsolService: Connecting to MSOL service.
[17:24:05.403] [ 6] [INFO ] Authenticate-MSAL [Acquiring token]: STS endpoint (HTTPS://LOGIN.MICROSOFTONLINE.COM/CLOUDGURU.TK), scope (https://graph.windows.net/user_impersonation), userName (kedar@Felipe .tk).
[17:24:05.404] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:39:05] (UnknownClient: 0.0.0.0) Deserialized 1 items to token cache.
[17:24:05.404] [ 6] [INFO ] Authenticate-MSAL: acquiring token via cache for account kedar@Felipe .tk
[17:24:05.404] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:39:05 - 50596685-c0b3-4959-a8c9-c12f69e33c19] (UnknownClient: 0.0.0.0) MSAL MSAL.Desktop with assembly version '4.5.1.0'. CorrelationId(50596685-c0b3-4959-a8c9-c12f69e33c19)
[17:24:05.404] [ 6] [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:39:05 - 50596685-c0b3-4959-a8c9-c12f69e33c19] (UnknownClient: 0.0.0.0) === OnBehalfOfParameters ===
LoginHint provided: False
User provided: True
ForceRefresh: False
[17:24:49.700] 1 [INFO ] MSAL: (False) MSAL 4.5.1.0 MSAL.Desktop Microsoft Windows NT 10.0.17763.0 [10/14/2021 11:39:49 - daf34164-738f-409f-bce0-b9eec63998be] (UnknownCl
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 14.000000000000002%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKG%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 56.00000000000001%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E1%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 51%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGL%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 87%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFB%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 84%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 80%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESF%3C/text%3E%3C/svg%3E)