Share via

Installing Azure AD Connect Error 77 creating synchronization service account

Anonymous
2016-03-15T19:07:52+00:00

I'm am trying to reinstall AAD Connect because we are having sync issues.  I uninstalled AAD Connect and on reinstall I am getting:

GetServiceAccount: Unable to create synchronization service account. An error occurred. Error Code: 77

For the AAD user I created a cloud-only global admin which I have tested login via the web portal.  The on-prem AD account is an enterprise admin.  We have a Hybird Exchange deployment.  We have a standard SQL instance we are using on the same server (I deleted the ADSync DB before reinstall). This is our test environment so we can do anything we want.

AAD Version: 1.1.119.0

Microsoft 365 and Office | Subscription, account, billing | For home | Windows

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2016-03-17T15:25:25+00:00

    you may also want to check that which ever account you are using to run the svc on prem, is a member of the builtin\administrators groups on all domains\child domains.

    I had a similar issue when deploying ADConnect in Staging mode, since someone had removed the account from 1 of our child domains Administrator group

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  2. Anonymous
    2016-03-18T15:11:06+00:00

    Was this answer helpful?

    0 comments
  3. Anonymous
    2016-03-17T15:59:03+00:00

    Hi Ran,

    I have verified that the SQL account has the sysadmin role in SQL.  I posted my question on the Azure forum as you suggested and I also have an open case that looks like it is about to be escalated.  I will post any results back here.

    Was this answer helpful?

    0 comments
  4. Anonymous
    2016-03-17T15:57:18+00:00

    Hey Steve, thanks for the suggestion.  The account is an Enterprise Admin and the Ent Admin group is part of each domain and child domains Builtin\Administrators.  Just in case I went through and added this account to each domain's Builtin\Administrators group and I still get the same results :(

    Was this answer helpful?

    0 comments
  5. Anonymous
    2016-03-16T04:03:00+00:00

    Hi Joseph,

    Generally, if you use SQL as the database, the user must be SA (System Administrator) in SQL, you can check with it. Meanwhile, to ensure you get dedicated support about this re-installation issue, we have a specialized Azure AD forum via the following link where our engineers are more professional to provide assistance to you.

    https://social.msdn.microsoft.com/forums/azure/en-US/home?forum=WindowsAzureAD

    Thanks for your time.

    Best regards,

    Ran

    Was this answer helpful?

    0 comments