Microsoft Entra Connect Health sync error with blank account.

Charlie Mendoza 20 Reputation points
2024-11-13T19:30:12.25+00:00

I have a Microsoft Entra Connect Health Sync error with an account that is blank, and I am unable to find it in local AD or Microsoft Entra ID to delete it and resolve the sync error. How can delete this blank user object?

The object failed synchronization
Display Name: (Blank)

Object Type: user

User Principal Name: (Blank)

Distinguished Name: CN={2F66514D6834486F6930654B3059354D506F686348513D3D}

Mail: (Blank)

Object GUID: 5a0af104-2851-4c42-bc01-6a0ffd4374ef

Synchronization Status: Synchronized to Microsoft Entra ID

Source Anchor: /fQMh4Hoi0eK0Y5MPohcHQ==

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,454 questions
{count} votes

Accepted answer
  1. akinbade abiola 20,385 Reputation points
    2024-11-15T07:01:19.0066667+00:00

    This usually occurs due to an orphaned object.

    You can do a metaverse search to find the object and search for the object using its Object GUID (5a0af104-2851-4c42-bc01-6a0ffd4374ef) or Distinguished Name https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sync-service-manager-ui-mvsearch

    From there if you find it, you can further then proceed to go to the connector space then you can be able to remove the object. You can find it by the Guid.

    After doing this you'd need to run an initial sync to fully sync the changes

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
  1. Charlie Mendoza 20 Reputation points
    2024-11-15T18:25:45.96+00:00

    I was not able to find the account using the Synchronization Service Manager on my local domain controller. I should have included the error type message of:
    Error Type DeletingCloudOnlyObjectNotAllowed
    User's image

    0 comments No comments

  2. Charlie Mendoza 20 Reputation points
    2024-11-15T20:43:30.8566667+00:00

    I was able the resolve this by opening up the Export error message in Synchronization Service Manager on my local domain controller and it gave me ExtraErrorDetails: [{"Key":"ObjectId","Value":["7b61e40a-67d7-48d1-95e6-97fa506c70c7"]}]. When I checked the account, I found that it was a user account that was deleted 8 months ago (it had some issue when deleted, that was not noticed). I used following PowerShell commands to remove the account:
    Connect to your Microsoft Entra tenant: Connect-MgGraph -Scopes User.ReadWrite.All
    Check the account: Get-MgUser -UserId 7b61e40a-67d7-48d1-95e6-97fa506c70c7
    Remove-MgUser -UserId 7b61e40a-67d7-48d1-95e6-97fa506c70c7 -Confirm:$false

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.