Other error on azure ad connect sync

Question

Hi, we are getting a sync error 114 on our Azure AD Connect that we are unable to resolve, the error does not give any details except a GUID that we cant locate, so when clicking on the error, the first page shows blanks on both Display name and Object type, and after clicking on that line the next page shows "The object failed synchronization. For more information, please see the error details. If the problem continues and cannot be fixed, please contact Microsoft Support."
The error Type is 114, User Name Principal is blank but it shows a GUID. Synchronization Status - On premises AD only
I have run a dsquery but it cant locate the GUID

Answer 1

@Norbert de Graaf Thanks for reaching out.

The error you mentioned most often occurs when an object was converted from a synced user to a cloud-only user, however, the user may not have been deleted properly from the on-prem AD.

Option1:
Identify the affected object in Azure AD. Confirm if you really want to delete the object. If that's the case, simply use PowerShell to permanently delete the object from Azure AD.

Run the cmdlet : "Connect-MsolService" and enter your global admin credentials
Next, run : "Remove-MsolUser -ObjectId "<user's object ID>" -RemoveFromRecycleBin"
Trigger a delta sync by running the cmdlet : "Start-ADSyncSyncCycle -PolicyType Delta"

Option2:
If the object has been deleted in Active Directory but you want to keep the "Cloud-Only" object in AAD, simply use PowerShell to clear the SourceAnchor / ImmutableID from the object.

Run the cmdlet: "Connect-MsolService" and enter your global admin credentials
Next, run : 'Set-MsolUser -ObjectId '<user's object ID>' -ImmutableId "$null"'
Trigger a delta sync by running the cmdlet : "Start-ADSyncSyncCycle -PolicyType Delta"

-----------------------------------------------------------------------------------------------------------------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

Answer 2

Thank you for the reply, i was engaging someone at MS and we did not manage to clear the error, it is now being escalated. As for your suggestions, under Option 1, i cannot identify the object as the error lists no details, only a GUID that i cannot locate on Azure AD, nor in AD. Option 2 is not relevant i think, as i have deleted in AD and do not want to keep it AAD

Answer 3

I'm having the same issue. It does not have a Display name or object type, just a GUID. So none of the options you listed will help. Any other fix?

Answer 4

MS got back to me, I opened the Synchronization Service Manager on the connecter PC and found the error and clicked on it – this showed the username and although that user was deleted from AD, it was still present on AAD, I hard deleted the user and the sync shows no errors, problem solved, thanks

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-service-manager-ui-connectors

Answer 5

Clearing the ImmutableId worked for me, however I don't understand why we are getting these errors all of the sudden if we have done the same over a long time. When we terminate somebody, we disable their accounts, move them to an OU that doesn't sync, then force a sync which deletes the account from the cloud and sometimes we restore it to make it cloud only (shared mailbox) when somebody else needs access to the data. I don't see anything about this in the last release in October.