Azure password write back with multi-forest AD.

Question

Greetings,

Here is my current issue and what I understand should be supported.

Scenario:
-We have single O365 Tenant that his host to multiple Windows AD Forest/Domains (Acquisitions).
-We have Mo365 which includes P1, and allows password write back.
-We have enabled password writeback on each of the individual Azure AD connect programs.

Issue:
-Every time we sync a new domain, it breaks password write back for all the other domains.
-We have been able to fix the issue for only "the last domain" were we run the Azure AD connect wizard (disable password write back and re-enabled it).
-Current even logs is Event ID: 31034 and 32014. We get about 20 of those about every hour (10 of each more or less).
-Even logs attached.

My understanding is that multiple forest Azure AD sync is supported, however, I am not sure if I have followed proper documentation, and or if the feature is indeed supported. Here is the article I have referenced. https://learn.microsoft.com/en-us/previous-versions/azure/azure-services/dn757602(v=azure.100)?redirectedfrom=MSDN

Thanks for all the help.

Answer 1

EVEN ID: 31034 (could not attach)

TrackingId: ca75e4a8-b2f5-4e82-a267-aaf1ef4dd9b8, Listener for Namespace: ssprdedicatedsbprodncu, Endpoint: ddeafa4c-7094-454e-a4de-eeae97237eb8_23a6e33d-9804-4caa-b92f-4ba333638fe7 offline Event. Last error encountered Microsoft.ServiceBus.RelayNotFoundException: Relay must be created at this address before using the binding with IsDynamic set to false. TrackingId:12097010-2cc2-4407-8449-0e72a8dfc2fb_G7, SystemTracker:ssprdedicatedsbprodncu.servicebus.windows.net:ddeafa4c-7094-454e-a4de-eeae97237eb8_23a6e33d-9804-4caa-b92f-4ba333638fe7, Timestamp:2022-02-07T22:12:50 ---> Microsoft.ServiceBus.Messaging.Amqp.AmqpException: Relay must be created at this address before using the binding with IsDynamic set to false. TrackingId:12097010-2cc2-4407-8449-0e72a8dfc2fb_G7, SystemTracker:ssprdedicatedsbprodncu.servicebus.windows.net:ddeafa4c-7094-454e-a4de-eeae97237eb8_23a6e33d-9804-4caa-b92f-4ba333638fe7, Timestamp:2022-02-07T22:12:50
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.ServiceBus.Common.AsyncResult.EndTAsyncResult
at Microsoft.ServiceBus.Messaging.Amqp.AmqpObject.OpenAsyncResult.End(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Amqp.AmqpObject.EndOpen(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Amqp.DuplexAmqpLink.OnOperationComplete(AmqpObject link, IAsyncResult result, Boolean isOpen)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.ServiceBus.Common.AsyncResult.EndTAsyncResult
at Microsoft.ServiceBus.Messaging.Amqp.AmqpObject.OpenAsyncResult.End(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Amqp.AmqpObject.EndOpen(IAsyncResult result)
at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.ServiceBus.AmqpRelay.ConnectTask.<Start>d__5.MoveNext()
--- End of inner exception stack trace ---
at Microsoft.ServiceBus.RelayedOnewayListener.RelayedOnewayAmqpListenerClient.AmqpRelayedConnection.Open(TimeSpan timeout)
at Microsoft.ServiceBus.RelayedOnewayListener.RelayedOnewayAmqpListenerClient.GetOrCreateConnection(Uri via, TimeSpan timeout)
at Microsoft.ServiceBus.RelayedOnewayListener.RelayedOnewayAmqpListenerClient.Connect(TimeSpan timeout)
at Microsoft.ServiceBus.RelayedOnewayTcpClient.EnsureConnected(TimeSpan timeout, Boolean isRetry), Details: Version: 5.0.922.0