This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 26%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESO%3C/text%3E%3C/svg%3E)
Hi,
I am getting this error all the sudden. I am using the latest version of Azure AD Connect .
MFA is disabled for my global admin account since that what I seen people do online which did not resolve the issue. Any other ideas?
sync works with no errors. I just cant add additional OU to sync, get stuck on the "single sign-on" tab and get the error.
Hello @S. ONeal
Did yo had a chance to see my answer ?
If it helped kindly mark it as accepted !
Regards !
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 14.000000000000002%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
The answer seems not to have gone well.
I have the same problem, and the security defaults are enabled.
Azure AD connect is also the newest and was downloaded last week.
Please help me in this regard.
Hello,
It hasent helped.
We have deactivated Security defaults and also SSO for the user.
The results are the same.
Hello,
It hasent helped.
We have deactivated Security defaults and also SSO for the user.
The results are the same.
We have checked the firewall. Port 9090 is open. (It doesent need to be)
Online in Azur AD there are no servers registerd.
On Premise, we have reinstall Azure AD Connect with the latest version, VM is 2019 Server with updates.
"AZUREADSSOACC" Computer Object is also not been created in AD.
Please help in this regard.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 83%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
@S. ONeal - did you resolve this issue? I have the same
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
I have the same problem not sure what I'm missing.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 63%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
I resolved this for my environment. Azure Active Directory Connect was reaching out to IP addresses in Ireland (even though we're West Cost US). Our firewall has a geo-IP block that was prohibiting that traffic. After I allowed Ireland in our Geo-IP filter everything started working.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 15%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Facing the same issue, Azure AD connect is on 2022 member server with DC schema at 2012
Hello @S. ONeal !
Welcome to Microsoft QnA!
Please verify that the AAD Sync Account is also free from MFA .
To do that you may need to go to Azure AD and in Security verify Security Defaults are not enabled
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards
I have the same issue and security defaults are not enabled
Hello @S. ONeal
Can you please verify that the Computer running Ad Connect has TLS 1.2
Please take some time to to this and come back with any feedback!
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards
Also
Please verify you have Premium P1 License !
And you can try this also :
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/tshoot-connect-sso
Disable and re enable to see what happens!
Regards
TLS 1.2 is enabled. (Windows 2019 newly installed server with alle updates)
And if it is not working then generally AD Sync would also have not worked.
Those are the basic answers.
please try something better.
I'm having the same issue running server 2022 with the latest ver of ad connect in hypervisor. I've enable TLS per MS learn directions and still an issue.
Did anyone get to the bottom of this? I'm having the same issue.
I resolved this for my environment. Azure Active Directory Connect was reaching out to IP addresses in Ireland (even though we're West Cost US). Our firewall has a geo-IP block that was prohibiting that traffic. After I allowed Ireland in our Geo-IP filter everything started working.
For anyone looking for a solution to this problem, in my case the Identity Source of my Global Azure Administrator account was Microsoft, I created a new Global Admin using mydomain.onmicrosoft.com as identity source and removed the other global admin from Microsoft identity.
I was able to enable SSO using the new Global Admin with is MFA enabled and Security defaults are Enabled
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
