![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 46%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER4%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,629 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
@rr-4098 Thank you for posting your question in Microsoft Q&A platform.
Permission issue can be seen for any writeback attributes in AD connect. If AD connect service account doesn't have writeback permission for any particular attribute, then it will throw permission error on AD connect export for on-premises AD connector. In the error you can click on permission error and you will be able to see different attributes and there changed value if there is any. You will have to find which is the attribute value which is trying to written back to on-premises AD. Depending on the writeback attribute you will have to set the writeback permissions to that particular attribute. You can follow below article to fix the issue that you are facing.
Do let me know if you have any further questions.Please "Accept the answer" if the information helped you. This will help us and others in the community as well.