Azure AD Connect - after uninstall cannot configure and install again

Pavel Obr 1 Reputation point
2020-04-14T09:55:30.09+00:00

Halo,

I had "successfully" running AD Connect (password hash sync) with my on-premise AD (1500 accounts). Last week my passwords stopped to sync. I used recommended solution (from forum) to uninstall AD Connect and make full install again (all directories, databases, sync user, etc. was deleted too).

But I cannot configure and install AD Connect again. After adding forest and before selecting synced OU I am getting error "ArgumentOutOfRangeException". I have founded some recommendations, but I am still in troubles...

Thank you for hints and recommendation. Screenshot and log are below. 

[10:50:05.604] [ 25] [INFO ] Page transition from "Connect Directories" [ConfigSyncDirectoriesPageViewModel] to "Azure AD sign-in" [UserSignInConfigPageViewModel]  
[10:50:05.604] [ 25] [ERROR] RootWizardPageViewModel: An unhandled exception occurred during a page load.  
Exception Data (Raw): System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection.  
Parameter name: index  
   at System.ThrowHelper.ThrowArgumentOutOfRangeException(ExceptionArgument argument, ExceptionResource resource)  
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.UserSignInConfigPageViewModel.OnLoad(NavigateDirection direction)  
   at Microsoft.Online.Deployment.Framework.UI.WizardPages.RootWizardPageViewModel.ActivatePage(IWizardPage page, NavigateDirection direction)  
[10:50:05.651] [ 25] [ERROR] A terminating unhandled exception occurred.  
Exception Data (Raw): System.AggregateException: One or more errors occurred. ---> System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection.  
Parameter name: index  
   at System.ThrowHelper.ThrowArgumentOutOfRangeException(ExceptionArgument argument, ExceptionResource resource)  
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.UserSignInConfigPageViewModel.OnLoad(NavigateDirection direction)  
   at Microsoft.Online.Deployment.Framework.UI.WizardPages.RootWizardPageViewModel.ActivatePage(IWizardPage page, NavigateDirection direction)  
   at Microsoft.Online.Deployment.Framework.UI.WizardPages.RootWizardPageViewModel.MoveNext()  
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.WaitForTaskCompletion(Task task)  
   at System.Threading.Tasks.Task.Execute()  
   --- End of inner exception stack trace ---  
---> (Inner Exception #0) System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection.  
Parameter name: index  
   at System.ThrowHelper.ThrowArgumentOutOfRangeException(ExceptionArgument argument, ExceptionResource resource)  
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.UserSignInConfigPageViewModel.OnLoad(NavigateDirection direction)  
   at Microsoft.Online.Deployment.Framework.UI.WizardPages.RootWizardPageViewModel.ActivatePage(IWizardPage page, NavigateDirection direction)  
   at Microsoft.Online.Deployment.Framework.UI.WizardPages.RootWizardPageViewModel.MoveNext()  
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.WaitForTaskCompletion(Task task)  
   at System.Threading.Tasks.Task.Execute()<---  
  
[10:50:05.697] [  1] [INFO ] Page transition from "Azure AD sign-in" [UserSignInConfigPageViewModel] to "Error" [ErrorPageViewModel]  
[10:50:05.713] [  1] [INFO ] UserSignInConfigPageViewModel : UPN attribute:   
[11:11:52.847] [  1] [INFO ] Opened log file at path C:\ProgramData\AADConnect\trace-20200414-104617.log

7376-remmina-srv-tools-192168735-2020414-82957620114.png

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,339 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 33,696 Reputation points Microsoft Employee
    2020-04-22T01:34:32.193+00:00

    There are a few things that can cause this error. In many cases it's related to an invalid character in an attribute on-premises. If you have any users that exist on-premises with one name (perhaps with an added space), and in the cloud with another name, this can occur. Check to see that none of the UPNs have extra spacing. Would you please go to the on premises directory, and check for any extra spaces or invalid characters in the UPNs of your users? Once you finish you can start the sync cycle by using the Powershell cmdlet Start-ADSyncSyncCycle Delta

    If you can provide a screenshot of the error in your logs, it may help us narrow this down more.

    I have also seen this happen for users that have had empty subscriptions set up. You can run "Get-AzureSubscription -default" to see what your default subscription is. You can then "remove" any empty subscriptions using the "Remove-AzureSubscription" command.

    As you mentioned, sometimes a full uninstall, cleanup, and reinstall is required to get past this error. If you do this you need to delete all references and folders. This might be a last option as I understand that it's a pain, so we should probably rule out the other options first before doing this.

    In this case you would need to uninstall all instances of Microsoft SQL LocalDB, Microsoft SQL Native Client and Azure AD Connect.

    You'll probably need to use the Microsoft program uninstall fixer tool to accomplish this.

    After doing the above, delete the program files located at:

    %ProgramFiles%\Microsoft Azure AD Connection Tool
    %ProgramFiles%\Microsoft Azure AD Sync
    %ProgramFiles%\Microsoft Azure Active Directory Connect

    You will need to stop the "AD Sync" service. Otherwise, it wont let you delete some of these.

    Remove the following registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AD Sync
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Azure AD Connect
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSOLCoExistence
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server Local DB
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ADSync
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ADSync
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\AzureActiveDir
    ectorySyncEngine
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ADSync
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EventLog\Application\ADSync
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EventLog\Application\AzureActiveDir
    ectorySyncEngine
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADSync
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\ADSync
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\AzureActiv
    eDirectorySyncEngine
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EventLog\Application\ADSync
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\

    Finally, reboot the machine running Azure AD Connect that we've just removed, and you should be able to install it as normal.

    If you think it might be easier, you can also send me an email at AzCommunity@microsoft.com and I can open a one-time free support case to help you troubleshoot this.