This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 16%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZL%3C/text%3E%3C/svg%3E)
Upon decommissioning a server from Azure AD Connect and moving to all non-synced accounts, we ran into 7 sync errors listed under "Other" within our Azure AD Connect Health blade.
Support chat suggested that I use an Azure Active Directory P1 license to allow for access to Sync services, AD FS services, and AD DS services to remove the decommissioned server from the list to stop the errors. Even after applying the license to my admin account, I do not have access to these sections to do the server removal.
I get the following error message:
The caller is not authorized.
Session ID: (not including for potential identity risk)
Extension: Microsoft_Azure_ADHybridHealth
Resource ID: Not available
Content: CommonServiceListBlade
Error code: 401
My account is listed as a Global administrator in Azure AD and for Role based access control, is listed as an Owner in Azure AD Connect Health.
We have confirm that the Microsoft.ADHybridHealthService resource is registered in our subscription.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 24%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
While I'm not trying to remove a server, I'm unable to view anything under sync services, AD FS Services, or AD DS Services. I am a global admin and have a p1 license but it just shows "The caller is not authorized" error. I just setup AD Connect Health so this is the first time I'm trying to access these pages.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 69%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Hi,
If you want to remove a server from AD Sync then you can follow below instructions:
Hope this helps!
Hello!
Thanks for your input. Unfortunately, those areas are currently where I was being blocked from. Luckily it was just a provisioning issue and we were able to get it fixed.
I was able to remove the server and the errors are now gone. Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 89%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJW%3C/text%3E%3C/svg%3E)
Hello, I'm having the same issue. Can you elaborate on what the provisioning issue was?
Our tenant did not have any Azure AD Premium licenses. We purchases one P1 version, and I have assigned it to the administrator user I'm logged in with. But still getting "caller is not authorized"
My account is listed as a Global administrator in Azure AD and for Role based access control, is listed as an Owner in Azure AD Connect Health.
Thanks