How do I resolve Azure AD Connect upgrade error 'E_MMS_SCHEMA_NO_CLASSES'?

Nathan Gracie-Raitt 1 Reputation point

Environment is a small AD environment with a working-until-3-weeks-ago installation of Azure AD Connect.

In my troubleshooting to restore password synch functionality, I noticed that there was a version upgrade, so I thought I'd try that, rule out that as a source of my problems.

Except that, after running the MSI setup, and launching the wizard to complete the upgrade, it throws the error I mention in the subject line.

Environment: Database is well under 8GB with < 100 users in this domain. Server 2019 on both the app server running AADConnect and the AD DS servers. Current patches installed on both. No recent firewall changes that would get in the way of comms from the AAD server and the internet (and therefore: MIcrosoft infrastructure where AADConnect will need to communicate in order to do it's job).

A copy of the logfiles for my environment are here.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,709 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 24,231 Reputation points Microsoft Employee

    Since you have the "not installed" error in your error logs, I suggest checking for duplicate product HKEYs.

    If these keys exist, remove them.

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7EC08CB7BBBDF1045B31147D9AC698FB HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E2D094C21044C254D9583B64140ED511

    Then, step through all the Keys in HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ and look for one with Product Name Microsoft Azure AD Connect.

    Delete this and restart the installer.

    If you have MFA enabled, you may want to make sure that MFA is disabled in and > active users. That might be able to fix the sync for the error that you mentioned in the main post.

    If that doesn't work or if you already do not have MFA enforced, you may need to run IdFix to check for duplicates, missing attributes, and rule violations.

    0 comments No comments