I tried to upgrade version of Azure AD Connect tool using express settings and disabled sync on startup unitl i am ready to move forward. but while upgrading I received below error.

Randy Boehler 20 Reputation points
2023-02-03T14:06:01.35+00:00

Configuring

An error occurred while creating the connector for the company.com directory. The error was: Failed to retrieve schema.<error><errorxincident> <connection-result>failed-authentication</connection- result> <date>2023-02-02 15:13:08.658 </date> <server>company.com:389</server> <cd- error> < error-code >0x31 </error-code>

<error-literal> Invalid Credentials</error-literal>

</cd-error> </incident> </error> </error>

 Failed to retrieve schema.<errorxerrorxincidentxconnection-result>failed-

authentication</connection-resultxdate>2023-02-02 15:13:08.658</datexserver> company.com:389</serverxcd-error> <error-code>0x31 </error-code>

<error-literal>Invalid Credentials</error-literal>

</cd-error> </incident> </error> </error>

What to do next:

No specific information for this failure is available. Examine the log for additional details.

Otherwise, check the log for more detailed information: C:\ProgramData\AADConnect\trace-20230202-094917.log

Click retry or re-run this wizard to try the integration again.

 

 

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,149 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Rafael da Rocha 5,251 Reputation points
    2023-02-03T14:18:51.01+00:00

    Hello,

    make sure you're using valid Enterprise Admin credentials on the step "connect to AD DS".

    Here's a resource on Learn about the process:

    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-express

    1 person found this answer helpful.
    0 comments No comments

  2. Marilee Turscak-MSFT 37,141 Reputation points Microsoft Employee
    2023-02-07T00:01:56.25+00:00

    Hi Randy Boehler ,

    I understand that you are facing the "invalid credentials" error while trying to upgrade Azure AD Connect. Often even if you are using the proper Enterprise Admin credentials you will see this error if you do not have the correct credentials for the local Active Directory or if a password expired there. If you are already using the correct Enterprise Admin credentials like Rafael mentioned, you can try the following steps to resolve this issue:

    1.) Go to C:\Program Files\Microsoft Azure AD Sync\UIShell

    2.) Then go to Start miisclient.exe > Connectors .

    3.) Make sure that the credentials for your local Active Directory Forest are correct. You may need to reset the password under Properties as suggested here.

    4.) If that doesn't work, make sure that the account you are using is a member of the Domain Admins group (in addition to being an Enterprise Administrator).

    5.) In some scenarios in which someone resets the password for the account, you may see that error. To resolve this you would may need to rerun the installation wizard (if the new password is not known), or update the correct password in the connector if someone has changed it.

    6.) Lastly, this error sometimes corresponds with the TLS deprecation issues. Please verify that you have enabled TLS 1.2 in the .Net Framework settings in registry following this guide:

    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-tls-enforcement#powershell-script-to-enable-tls-12

    Additionally, make sure that the AD Connector account has the necessary permissions to read PublicFolder objects.

    Related threads:

    Azure AD Connect

    Azure Sync is failing

    Please let me know if these troubleshooting steps help and if you still face any issues after trying them.

    -

    If the information helped you, please Accept the answer. This will help us as well as others in the community who might be facing similar issues.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.