Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,702 questions
Azure AD connect configuration fails on Windows Server 2022
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 96%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGR%3C/text%3E%3C/svg%3E)
Gernot Rücker
0
Reputation points
I am trying to configure Azure AD connect on Windows 2022 Server.
I configured Password-Hash-Sync.
My local domain name is a subdomain name which I registered in Azure AD (like local.contoso.com).
The configuration fails with the message "failure while sending request".
I found the following error in the error log:
=== Request Data ===
Authority Provided? - True
Scopes - https://graph.windows.net/user_impersonation
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenByUsernamePassword
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 784a3b58-e970-483a-9d5a-b34a77d078d5
[11:33:26.414] [ 32] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.41 - 784a3b58-e970-483a-9d5a-b34a77d078d5] === Token Acquisition (UsernamePasswordRequest) started:
Scopes: https://graph.windows.net/user_impersonation
Authority Host: login.microsoftonline.com
[11:33:26.418] [ 32] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.41 - 784a3b58-e970-483a-9d5a-b34a77d078d5] [Region discovery] Azure region was not configured or could not be discovered. Not using a regional authority.
[11:33:26.422] [ 32] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.42 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Fetching instance discovery from the network from host login.microsoftonline.com.
[11:33:26.704] [ 36] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.70 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Authority validation enabled? True.
[11:33:26.704] [ 36] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.70 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Authority validation - is known env? True.
[11:33:26.709] [ 36] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.70 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Sending request to userrealm endpoint.
[11:33:26.800] [ 35] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:26.80 - 784a3b58-e970-483a-9d5a-b34a77d078d5]
[11:33:27.032] [ 35] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.03 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Fetched and parsed MEX
[11:33:27.033] [ 35] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.03 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Fetched and parsed MEX.
[11:33:27.291] [ 36] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.29 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Token of type 'urn:oasis:names:tc:SAML:1.0:assertion' acquired from WS-Trust endpoint.
[11:33:27.291] [ 36] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.29 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Token of type 'urn:oasis:names:tc:SAML:1.0:assertion' acquired from WS-Trust endpoint.
[11:33:27.491] [ 35] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.49 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Response status code does not indicate success: 400 (BadRequest).
[11:33:27.491] [ 35] [WARN ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.49 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Request retry failed.
[11:33:27.500] [ 35] [INFO ] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.50 - 784a3b58-e970-483a-9d5a-b34a77d078d5] HttpStatusCode: 400: BadRequest
[11:33:27.503] [ 35] [ERROR] MSAL: False MSAL 4.36.0.0 MSAL.Desktop 4.8 or later Windows Server 2022 Standard [10.04 09:33:27.50 - 784a3b58-e970-483a-9d5a-b34a77d078d5] Exception type: Microsoft.Identity.Client.MsalUiRequiredException
, ErrorCode: invalid_grant
HTTP StatusCode 400
Any help is appreciated.
Sign in to answer