Issues Installing Azure AD Connect

Prescimone, Chris 121 Reputation points

I am working on doing a migration of Azure AD Connect from SQL Express to SQL Server and running into an error.

<error>The specified extension could not be found</error> for the Connect Directories option.

Here are the steps that I have taken to attempt to get this to work:

  • Created a Service Account with the required permissions as outlined on the website
  • Granted DBO and logon access for the the SQL database for the ADSync account for the Service Account.
  • Used the option to Import synchronization settings
  • At the Connect Your Directories I tried "Create new AD Account' and entered Enterprise Admin credentials, and confirmed that the account is created in Active Directory. But I still got the error. I also tried using the above Service Account to connect and got the same error.

I have attached a copy of the log file that was generated for review.


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,483 questions
0 comments No comments
{count} votes

8 answers

Sort by: Most helpful
  1. Prescimone, Chris 121 Reputation points

    A bit more info to help with the troubleshooting:

    • I have an existing server that is running the software that is using the LocalDB
    • I am setting up a new server (will be in staging mode until the switchover) and was trying to install the new one using SQL Server which is why I am using the Import synchronization settings.
    • When I go with a LocalDB on the new server, everything installs successfully. Going to see using those instructions to move it to SQL and go from there.
    1 person found this answer helpful.
    0 comments No comments

  2. Oner Ziya Bas 81 Reputation points

    [10:55:00.143] [ 7] [ERROR] CheckUserInServerRole [SysAdmin]: current user is NOT in the required role (, sqlServerInstance=).

    0 comments No comments

  3. Prescimone, Chris 121 Reputation points

    Thanks for the info. I went ahead and granted the sysadmin role on SQL for the account and it's still having the same error.

    A few other things I tried and still having the same issue:

    • Created a separate AD DS Connector Account (with the required permissions) while keeping the Service Account
    • Granted both accounts the sysadmin role on SQL, and dbo for the ADSync database

    You did not specify which account needs the access, but based on the logs it looks like it's the AD DS Connector Account.

    Does this have anything to do with using the Import synchronization settings, and it's looking at the account from the old server? The old server is using SQLExpressDB, and I am looking to move it to full SQL.

    0 comments No comments

  4. Oner Ziya Bas 81 Reputation points

    Can you send the new log pls

    0 comments No comments

  5. Oner Ziya Bas 81 Reputation points

    Can you read this article please.


    0 comments No comments