Share via

Azure AD Connect Error - ArgumentOutOfRangeException: Index was out of range

Granville Gayle 1 Reputation point
2021-03-15T13:01:17.62+00:00

I am trying to install Azure Ad Connect version 1.5.45.0 on a Windows 2016 Active Directory Server (upgraded windows 2000 domain). The domain is 'local' and am getting the following error: ![77822-image.png][1] [1]: /api/attachments/77822-image.png?platform=QnA The error log shows the following: [07:51:38.084] [ 19] [INFO ] SyncDataProvider: Calling refresh schema on connector local [07:51:47.685] [ 19] [ERROR] ConfigSyncDirectoriesPage: Caught exception while creating the connector for directory: local. Exception Data (Raw): System.Management.Automation.CmdletInvocationException: Failed to retrieve schema.<error><error><incident><connection-result>failed-authentication</connection-result><date>2021-03-15 12:51:47.338</date><server>local</server><cd-error><error-code>1355</error-code> <error-literal>The specified domain either does not exist or could not be contacted.</error-literal> </cd-error></incident></error></error> ---> Microsoft.IdentityManagement.PowerShell.ObjectModel.SynchronizationConfigurationValidationException: Failed to retrieve schema.<error><error><incident><connection-result>failed-authentication</connection-result><date>2021-03-15 12:51:47.338</date><server>local</server><cd-error><error-code>1355</error-code> <error-literal>The specified domain either does not exist or could not be contacted.</error-literal> </cd-error></incident></error></error> at Microsoft.DirectoryServices.MetadirectoryServices.UI.WebServices.MMSWebService.GetSchemaFromDirectory(Connector connector, Boolean commit) and [07:51:47.697] [ 20] [INFO ] Page transition from "Connect Directories" [ConfigSyncDirectoriesPageViewModel] to "Azure AD sign-in" [UserSignInConfigPageViewModel] [07:51:47.699] [ 20] [ERROR] RootWizardPageViewModel: An unhandled exception occurred during a page load. Exception Data (Raw): System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,184 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gilberto Ferreira Braga 6 Reputation points
    2022-05-10T17:32:29.517+00:00

    Hi, I faced the same problem for days. And in my case it only worked as follows: Microsoft requests the use of 3 accounts (1 Global Admin from office365, 1 Enterprise Admin or Domain Admin from AD and another Common AD account). In the attempts all gave the same error, so I decided to add the common account in the Schema Admins group and it worked correctly. Sorry for my english, I'm using translator.

    1 person found this answer helpful.
    0 comments
  2. James Hamil 22,891 Reputation points Microsoft Employee
    2021-03-16T22:25:36.343+00:00

    Hi @Granville Gayle , This means that the AD connect server is not able to reach the Active directory domain controllers. This could be because of incorrect routing or because you have ports blocked on the network. Make sure traffic is allowed on ports documented at https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports#table-1---azure-ad-connect-and-on-premises-ad. You can also use port query to check or look for retransmits in a network trace.

    If this answer helped you, please mark it as "Verified" so other users may reference it.

    Thank you,
    James

  3. Jeremy Truman 1 Reputation point
    2022-02-01T21:02:13.213+00:00

    I had to use another account. I was using an account with Enterprise Admin, Domain Admin and Schema Admin permissions and I received the error. Then I tried to use the local Admin account and it worked perfectly. https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions

    0 comments