Error Unable to create the synchrynozation service account for Azure Active Directory. Retrying may fix this

Alltech Services 0 Reputation points
2024-09-17T23:47:05.02+00:00

1] [WARN ] Failed to read DisplayName registry key: An error occurred while executing the 'Get-ItemProperty' command. Cannot find path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MicrosoftAzureADConnectionTool' because it does not exist.

[WARN ] MicrosoftOnlinePersistedStateProvider.Save: zero state elements provided, saving an empty persisted state file

[WARN ] DetermineAutoUpgradeState: AutoUpgrade entering ENABLED mode for express installation.

[WARN ] Monitoring Agent service is not installed, so the service cannot be restarted.

[WARN ] GrantAllActiveDirectoryPermissions: Granting read permissions for all attributes of (publicFolder) object type on all domains for Exchange Mail Public Folder failed as object type publicFolder was not found.

WARN AzureADConnect.exe Warning: 0 : The DomainIgnore registry key is not present

Failed to read ServicePrincipal registry key: An error occurred while executing the 'Get-ItemProperty' command. Property ServicePrincipal does not exist at path HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Azure AD Connect.

GetServiceAccount: service account authorization failed for Sync (ACCOUNT NAME OMITED) Waiting for account to be provisioned. Details: AADSTS50079: Due to a configuration change made by your administrator, or because you moved to a new location, you must enroll in multi-factor authentication to access '00000002-0000-0000-c000-000000000000'. Trace ID: 20b69a58-00c1-4d67-851e-43134f672b00 Correlation ID: d3847f49-24e9-4630-8e3b-c0fd949258c7 Timestamp: 2024-09-17 22:12:23Z

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,652 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Akhilesh 9,510 Reputation points Microsoft Vendor
    2024-09-23T18:59:41.9033333+00:00

    Hi @Alltech Services

    Thank you for reaching Microsoft Q&A Forum!

    I understand that you are trying to create a synchronization service account, and you have received the error message. based on the information you provide it seems there are multiple errors are shown.

    May I know how you have created the service account? in general you can only set the service account on first installation. It isn't supported to change the service account after the installation has been completed. If you need to change the service account password, this is supported, and instructions can be found here.

    For more information please read the ADSync service account.

    Hope this helps. Do let us know if you any further queries by responding in the comments section.

    Thanks,

    Akhilesh.


    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.