Quantcast
Channel: Azure Active Directory forum
Viewing all 16000 articles
Browse latest View live

delete mail from azure account

0
0

hello in my job we have domain accounts (active directory) and azure for external access and office 365.

i access to azure with username_domain@companyname.com and i can use this email with the email aplication in windows 10 but if i delete a email in one computer, it keeps in the other computer

how i can delete de email from the server ?



thanks

Azure AD - Authentication Issue (AADSTS90009)

0
0

Hello All,

Does somebody know what the AdalException AADSTS90009 means?

I get this exception when I'm trying to get authentication code to my multitenant Azure WebApp. Few weeks ago everything was worked correctly and I was able to authenticate.

Error details:

AADSTS90009: Application 'https://mydomain.onmicrosoft.com/96e16ee3-dcd6-4684-af76-a38d53135195' is requesting a token for itself. This scenario is supported only if resource is specified using the GUID based App Identifier.
Trace ID: dea9b2b4-ee01-45e2-9db5-0dcd2f269e42
Correlation ID: 1e941dc1-6f08-4a3f-905b-214efcceec73
Timestamp: 2017-01-18 12:40:33Z 

The request Url is as follow:
https://login.windows.net/common/oauth2/authorize?response_type=code&client_id={my_webApp_AppId}&resource=https://mydomain.onmicrosoft.com/96e16ee3-dcd6-4684-af76-a38d53135195&redirect_uri=http://localhost/AzureLogonHandler&prompt=admin_consent

Please, help...

Azure AD Portal Bitlocker Key

0
0

We had an issue with TPM on a machine that was azure ad joined, which was resolved by upgrading TPM.

The keys were written to Azure, however when we tried to re-encrypt it just gives an error when trying to send the keys to azure, we are presuming its becasue the old keys are still bound to the device in azure (they are still showing in the portal).

Does anyone know how to remove / manually change the keys that are stored in azure for a certain machine? I dont really want to remove it from azure and rejoin it.

Thanks,

Tom

ADAL Tokens for Office 2016 Apps

0
0
I know about the access/refresh tokens and how they are issued to active apps (s4B 2016, etc.). However, I am often left in the situation where a user questions why they did not get propted for MFA or why they did get prompted for MFA. Is there any way to see the tokens and the current state? Are they stored on the file system? Thanks.

Verified custom domain in Azure - "Not Added" in AAD Connect

0
0

I'm trying to setup a test environment and not getting too far.  I have a custom domain created in azure eg. test.domain.com that was successfully verified and set to Primary.  However when I attempt to setup AAD Connect, at the "Azure AD sign-in" it lists my Active Directory UPN Suffix of test.domain.com but the custom domain under Azure AD Domain is says "Not Added".  At the bottom it says "There are no custom domains added in the Azure Active Directory.  A custom domain is required to configure Federation with Azure AD".

I'm authenticating to Azure AD as the Global Administrator and to my on premise domain as the enterprise admin.

Can someone point me in the right direction, please?

Trouble getting AAD B2C functioning with Angular2 client and ASP.NET Core Web API

0
0

I have a project that consists of an client written in Angular2 and a Web API written in ASP.NET Core. Each is hosted in a separate location and I've configured CORS. The application is functioning as expected without an authentication layer, i.e. the client can perform all relevant HTTP actions using the Web API. I'd now like to add authentication in the form of AAD B2C.

I've set up B2C as explained in many locations including getting started. I've registered my app, set up policies, etc.

For the Angular2 client I started with the project angular-oauth2-oidc and modified the primary service slightly to tune it for AAD B2C. I think the client is working as expected now. When I start the log-in process I get redirected to the default AAD B2C log-in page, I can log-in with an account and I get redirected back to the URL I specified in the initial request for log-in. The request that gets sent looks like this:

https://login.microsoftonline.com/trackitdirectory.onmicrosoft.com/oauth2/v2.0/authorize?response_type=code+id_token&p={B2C policy_id}&client_id={B2C app client_id}&redirect_uri={my redirect uri}&scope=openid&nonce={generated}

After being redirected and logging in the response back to the client looks like this:

{my redirect uri}#state={value}&code={token1}&id_token={token2}

At this point token1 and token2 have values as requested in the initial request of response_type=code+id_token. When I send an HTTP request to my Web API I attach an Authorization header with the value "Bearer {token1}" (though I've tried token2 as well). I've verified this header is indeed being included in these requests using Fiddler.

In setting up the Web API project for B2C I started with a sample application from Microsoft. I don't actually use the controller for log-in/out however. I'd like to control that flow through the client and just secure the API with B2C. My problem occurs when I make a call to a secured API method (i.e. one decorated with an Authorize attribute). In that scenario it appears the authorize header is either not being read or not accepted. The error in the browser console says "XMLHttpRequest {source URI} cannot load {Web API method URI}. Redirect from '{Web API method URI}' to 'https://login.microsoftonline.com/{some GUID}/oauth2/v2.0/authorize?client_id={b2c app client_id}&redirect_uri={Web API base URI}/{policy_name}&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce={value}' has been blocked by CORS policy: Request requires preflight, which is disallowed to follow cross-origin redirect."

This looks to me like the authentication can't be resolved so the Web API is trying to initiate a log-in on it's own which is getting denied by CORS. The root appears to be the failure of the authentication.

Any input or suggestions will be appreciated.

Thanks

Azure AD and Salesforce Integration: 5 out of 270 Users Wont map to Existing Salesforce User

0
0

We are just about to go live in our Salesforce environment in about two weeks and we wrapped up our Azure AD SSO configuration.  Almost all of our users mapped to existing users in Salesforce by mapping the UPN which is the default setting.  I have 7 accounts that will not map to the existing account.  The users UPN when i first mapped salesforce was different than it is now.  It created a new account in our portal with that username.  I then changed the UPN in AD, synced it to Azure AD and it wont take the new UPN / account.  

Anyone have any idea why?  

Example:  

jsmith@domain.com exists in Salesforce.  At that time of sync Jsmith's UPN was john@domain.com.  It created a new user in salesforce with the username of john@domain.com.  I changed the UPN in AD to jsmith@domain.com.  It syncs to Azure, but wont associate with the account of jsmith@thebrandbank.com.  I get an error stating the username already exists.  


NNatic

Who will be crowned the First Azure Guru of 2017!!

0
0

Time for a fresh start!

[The Guru is the means of realisation. "There is no knowledge without a teacher."]

We're looking for the first Gurus of 2017!!

All you have to do is add an article to TechNet Wiki from the field of your interest. Something that fits into one of the categories listed on the submissions page. Copy in your own blog post, a forum solution, a white paper, or just something you had to solve for your own day’s work today.

A snippet you share can make you a January 2017 TechNet Wiki Guru in your favorite category and this is official Microsoft TechNet recognition!

HOW TO WIN 

Please copy over your Microsoft technical solutions and revelations to TechNet Wiki.

Add a link to it on THIS WIKI COMPETITION PAGE (so we know you’ve contributed).

Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.

If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!

Winning this award in your favorite technology will help us learn the active members in each community. 

Feel free to ask any questions below.

More about TechNet Guru Awards.

Thanks!


Ed Price, Azure Development Customer Program Manager (Blog,Small Basic, Wiki Ninjas, Wiki)

Answer an interesting question? Create a wiki article about it!


Azure AD B2C - error when creating sign-up policy

0
0

Hi

I'm trying to create my sign-up policy but I get the following error message:

There was an error while creating the policy 'An object was not found while retrieving extension properties in tenant "73a55309-...". Error returned was 404/Request_ResourceNotFound: Resource '7c7ab660-...' does not exist or one of its queried reference-property objects are not present.'

Despite this error my policy has been created. Is that OK?

Edit: I've noticed that this problem occurs for each policy that I try to create.

AD and AAD creation/sync

0
0

I've taken over at a company that didn't have AD at all.  They are using Office 365 for email so I'd like to just use those accounts to auth to AD.  Is there a way to do that? If not, what my options?

Retrieve CN of specific user in Azure Active Directory

0
0

Dear,

We have the following setup configured "Azure Active Directory" and "Azure Active Directory Domain Services".  We installed HP Application Lifecycle Management Quality Center for our customer in a VM. (IaaS)

We perform AD-authentication (LDAP) on the HP product.  This AD-authentication works correctly :)
However, when creating a HP-user, we need to supply the "CN" variable.

How can we resolve the user using the CN ? What are the possibilities here?

Best regards,
Jens

OAuth Authentication fails with error AADSTS65005 in ios Xamarin

0
0

The AD authentication used to work earlier and has suddenly stopped.

We are using authentication for an IOS app built in Xamarin. We created a client native application in Azure AD and provided the ClientID and Redirect URI as specified. But it throws an error when"authContext.AcquireToken" is being called

Exception: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: AADSTS65005: The client application has requested access to resource 'example.com/'. This request has failed because the client has not specified this resource in its requiredResourceAccess list.Trace ID: ea22c27c-9913-4423-92dc-6fff1cf9904dCorrelation ID: 4c19258b-2391-4585-911e-853157dde073Timestamp: 2017-01-24 09:28:49Z

Code we are using to acquire token:

var authContext = new AuthenticationContext(authority);
        if (authContext.TokenCache.ReadItems().Any())
            authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority);
        var authResult = await authContext.AcquireTokenAsync(resource, clientId, new Uri(returnUri),
            new PlatformParameters(UIApplication.SharedApplication.KeyWindow.RootViewController));

It gives the above "AADSTS65005" error if we run the app but if we change the redirect URI, it opens the page in my app, instead of redirecting. The same used to work earlier for us. We also tried creating a new client native app, but it returned us the same error "AADSTS65005".

Also, we noticed that now it opens the Microsoft login page, then redirects to office 365 login page and then open the page in our app, but does not give back the token. Has there been any microsoft updates lately which could have stopped this code from running?


Is this to be handled in a different way now?

Azure AD Login/logout implementation for Spring cloud microservices

0
0

Hi,

I want to implement login and logout functionality and display user details like username and user role using Azure Active Directory.

We are using Docker to deploy Spring cloud microservices project on Azure cloud. Could you please suggest me steps  to get user details?

Do we need to secure all microservices edge points using Spring cloud OAuth2 security using JWT or just we can secure one web microservice ? Do I need any permission ,specific  user roles to implement this? 

Thanks,

Sunil Soni


Password writeback doesnt work

0
0

Hi!

I'm trying to enable password writeback from Azure AD to my local AD but it doesn't work:

The option for password writeback is enabled in Azure AD Connect

But when i check the "pwdLastSet" from a User where i changed the PWD i can only see an old Date.

In the event viewer there's the evend id "31019" but i can't find the id "31005" which should be there when the pwd is changed and written back.

I've tried to set the permissions for change pwd, reset pwd, lockoutTime write and pwdLastSet write for the MSOL...... Account in local AD - but changes dont take effect.

Does anyone know what i'm doing wrong?!

THANKS!

Tom


Updating cache system password when changing password with password write back

0
0
I have recently setup password write back on our Azure AD and local AD.  It's working fine, however when testing i noticed the system password would not change until logging into local AD.  I have users who are currently connected to local AD but don't come into the office very often (new users like this don't join local AD just have an account).  Is there a way for my old users to update cache system password without being in the office.  We have a client VPN that they use however i have seen mixed results with this.

Current Azure AD functionality vs OpenAM

0
0

Hi

I am looking some advice and hope I have come to the right place for this.  I have a inherited a solution which currently implements OpenAM - which uses SSO to manage the authentication process for access to various SharePoint 2010 websites. 

As part of a environment refresh we are upgrading the current inherited solution onto a new platform (latest versions of windows, sharepoint 2016 etc) and I am trying to review the SSO solution to determine if the OpenAM functionality can be replaced with Azure AD.  I appreciate SSO is used more for SaaS based SSO but for SSO to on-premise systems can this be utilised.  Note: SharePoint online is not in scope for upgrade.

Is there any advice on this and does anyone know if the offerings/functionality of OpenAM and AzureAD are the same/similar.  Or if OpenAM provides a stack of things which Azure AD does not do because they are not similar at all. Any tips or experience anyone has would be greatly appreciated whilst I undertake my own research and analysis. 

Thanks in advance

Missing "roles" claim in issued JWT tokens

0
0

Hi,

we have an Azure AD, configured with application roles:

"appRoles": [
    {"allowedMemberTypes": ["User"
      ],"displayName": "Admin","id": "c400a00b-f67c-42b7-ba9a-f73d8c67e432","isEnabled": true,"description": "Can do some stuff","value": "ADMIN"
    },
    {"allowedMemberTypes": ["User"
      ],"displayName": "Superadmin","id": "c400a00b-f67c-42b7-ba9a-f73d8c67e433","isEnabled": true,"description": "Can do quite some stuff","value": "SUPERADMIN"
    }
  ]

and an application that has these users assigned to these roles

However, when we ask a user to login, the JWT token issued by AAD never contains the "roles" element, as suggested here https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-token-and-claims or http://www.dushyantgill.com/blog/2014/12/10/roles-based-access-control-in-cloud-applications-using-azure-ad/ but only other data, e.g.:

{"aud": "2b7c7266-e713-4d17-8992-367562b2d90f","iss": "https://sts.windows.net/e1b6e1a5-f6b9-4f40-91ed-19712c17bb9b/","iat": 1485767809,"nbf": 1485767809,"exp": 1485771709,"acr": "1","amr": ["pwd"
  ],"appid": "2b7c7266-e713-4d17-8992-367562b2d90f","appidacr": "1","family_name": "Freier","given_name": "Fritz","ipaddr": "195.13.41.220","name": "fritzff","oid": "e6d667d4-be25-4b7e-a831-9b8a239a9a99","platf": "14","scp": "User.Read","sub": "oiv0QNrw9xEFT1t3HlqovDMaNRwIRy2ruxltCI48Ln4","tid": "e1b6e1a5-f6b9-4f40-91ed-19712c17bb9b","unique_name": "fritzfreier@wis2dev.onmicrosoft.com","upn": "fritzfreier@wis2dev.onmicrosoft.com","ver": "1.0"
}
We have no idea why this is missing and it's crucial to our application.

Azure AD via Office 365 Admin Centre Issues

0
0

I've been referred to make a log through this portal regarding an issue I have discovered with Azure AD.

Using 365 as our storage solution for Hinkley Nuclear New Build, admins have access to exchange admin centres and others. Among that is that use of Azure AD. 

We have two types of admins; Global Admins and Limited admins. Not hard to tell the difference between the two. 

Our limited admins use the new Azure AD portal (with the beautiful dashboard) to create users and reset passwords and manage the profile of a user. The rest is restricted. 

We also have a multi-factor authetification method when logging into 365 in the form of a Mobile Text/Call or Auth App. These devices are managed by global admins, changing an authentication number where required or deleting one entirely. In the NEW AD portal, Limited admins are not able to do this (perfect as that is something we don't want them to manage at this time). 

However as they have access to the old blue and white AD portal through 365, it allows them to edit and save auth details for every user in that directory par a user request ("No signal, or lost phone"). 

The issue for this only lies in the Older portal where they can edit auth methods without the permissions. I have tested this myself using a limited account and can confirm that auth methods can only be changed on a limited account through the old portal via the "Work Info" section of a user profile. 

Hope this makes sense! :) 

This tenant does not allow email verified users to be added due to an admin-defined policy

0
0

Hi,

I've added some external users to my Azure AD - users from another organisation.

When they click on the invitation link, they all receive an error message - 

"This tenant does not allow email verified users to be added due to an admin-defined policy."

Any idea how I can fix this?

Thanks

Uanbe to install the Synchronization Service. Please see the event log for additional details

0
0
Hello - ware trying to integrate on prem AD with Azure to use O365 Email.  Been having a hard time getting it to work and it keeps failing right after the SQLCMD screen.  Appears the SQL service is not installing and the SQLCMD error is related to Login timeout expired.  We've even tried to install SQL separately and still same issue.  All updates have been installed.  This is on Server 2008 R2 SP1.  

Any help is much appreciated.  Holding up our email migration.



Here's the log file:

[10:27:42.322] [  1] [INFO ] 
[10:27:42.338] [  1] [INFO ] ================================================================================
[10:27:42.338] [  1] [INFO ] Application starting
[10:27:42.338] [  1] [INFO ] ================================================================================
[10:27:42.338] [  1] [INFO ] Start Time (Local): Mon, 23 Jan 2017 10:27:42 GMT
[10:27:42.338] [  1] [INFO ] Start Time (UTC): Mon, 23 Jan 2017 18:27:42 GMT
[10:27:42.338] [  1] [INFO ] Application Version: 1.1.371.0
[10:27:42.338] [  1] [INFO ] Application Build Date: 2016-12-07 20:47:57Z
[10:27:42.338] [  1] [INFO ] Application Build Identifier: AD-IAM-HybridSync master (fcefcb7)
[10:27:45.473] [  1] [INFO ] App Properties/Metrics:
[10:27:45.473] [  1] [INFO ]    Runtime.Start=2017-01-23T10:27:42-08:00
[10:27:45.473] [  1] [INFO ]    Application.Version=1.1.0.0-1481143677
[10:27:45.473] [  1] [INFO ]    Application.IsDebugBuild=False
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.VersionString=Microsoft Windows NT 6.1.7601 Service Pack 1
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.Platform=Win32NT
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.ServicePack=Service Pack 1
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.ProductType=DomainController
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.Sku=7
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.Language=0409
[10:27:45.473] [  1] [INFO ]    Runtime.PerformConfiguration.Result=NotStarted
[10:27:45.473] [  1] [INFO ]    Environment.Computer.Make=hp
[10:27:45.473] [  1] [INFO ]    Environment.Computer.Model=proliant ml350 g6
[10:27:45.473] [  1] [INFO ]    Environment.OperatingSystem.IsDomainJoined=True
[10:27:45.473] [  1] [INFO ]    Runtime.EncodedPageNavigationBytes=
[10:27:45.473] [  1] [INFO ]    Runtime.EncodedHelpLinkUsageBytes=
[10:27:45.473] [ 11] [INFO ] Starting Telemetry Send
[10:27:45.660] [  1] [INFO ] machine.config path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config.
[10:27:45.660] [  1] [INFO ] Default Proxy [ProxyAddress]: <Unspecified>
[10:27:45.660] [  1] [INFO ] Default Proxy [UseSystemDefault]: Unspecified
[10:27:45.660] [  1] [INFO ] Default Proxy [BypassOnLocal]: Unspecified
[10:27:45.660] [  1] [INFO ] Default Proxy [Enabled]: True
[10:27:45.660] [  1] [INFO ] Default Proxy [AutoDetect]: Unspecified
[10:27:45.894] [  1] [INFO ] AADConnect changes ALLOWED: Successfully acquired the configuration change mutex.
[10:27:45.988] [  1] [INFO ] RootPageViewModel.GetInitialPages: Beginning detection for creating initial pages.
[10:27:46.019] [  1] [INFO ] Found existing persisted state context.
[10:27:46.082] [  1] [INFO ] Checking if machine version is 6.1.7601 or higher
[10:27:46.113] [  1] [INFO ] The current operating system version is 6.1.7601, the requirement is 6.1.7601.
[10:27:46.113] [  1] [INFO ] Password Sync supported: 'True'
[10:27:46.144] [  1] [INFO ] DetectInstalledComponents stage: The installed OS SKU is 7
[10:27:46.690] [  1] [INFO ] ServiceControllerProvider: GetServiceStartMode(seclogon) is 'Manual'.
[10:27:46.706] [  1] [INFO ] DetectInstalledComponents stage: Checking install context.
[10:27:46.768] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Online Services Sign-In Assistant for IT Professionals
[10:27:46.862] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:46.893] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {03c97135-0e31-4334-9215-63827d4f07d4}: verified product code {d8ab93b0-6fbf-44a0-971f-c0669b5ae6dd}.
[10:27:46.908] [  1] [VERB ] Package=Microsoft Online Services Sign-in Assistant, Version=7.250.4556.0, ProductCode=d8ab93b0-6fbf-44a0-971f-c0669b5ae6dd, UpgradeCode=03c97135-0e31-4334-9215-63827d4f07d4
[10:27:46.924] [  1] [INFO ] Determining installation action for Microsoft Online Services Sign-In Assistant for IT Professionals (03c97135-0e31-4334-9215-63827d4f07d4)
[10:27:46.924] [  1] [INFO ] Product Microsoft Online Services Sign-In Assistant for IT Professionals (version 7.250.4556.0) is installed.
[10:27:46.924] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Azure Active Directory Module for Windows PowerShell
[10:27:46.924] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:46.924] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {bbf5d0bf-d8ae-4e66-91ab-b7023c1f288c}: no registered products found.
[10:27:46.924] [  1] [INFO ] Determining installation action for Microsoft Azure Active Directory Module for Windows PowerShell
[10:27:47.096] [  1] [INFO ] CheckInstallationState: Packaged version (1.1.371.0), Installed version (1.1.371.0).
[10:27:47.267] [  1] [INFO ] CheckInstallationState: AAD PowerShell is up to date (1.1.371.0 <= 1.1.371.0).
[10:27:47.267] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Visual C++ 2013 Redistributable Package
[10:27:47.267] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.267] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {20400cf0-de7c-327e-9ae4-f0f38d9085f8}: verified product code {a749d8e6-b613-3be3-8f5f-045c84eba29b}.
[10:27:47.267] [  1] [VERB ] Package=Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005, Version=12.0.21005, ProductCode=a749d8e6-b613-3be3-8f5f-045c84eba29b, UpgradeCode=20400cf0-de7c-327e-9ae4-f0f38d9085f8
[10:27:47.267] [  1] [INFO ] Determining installation action for Microsoft Visual C++ 2013 Redistributable Package (20400cf0-de7c-327e-9ae4-f0f38d9085f8)
[10:27:47.267] [  1] [INFO ] Product Microsoft Visual C++ 2013 Redistributable Package (version 12.0.21005) is installed.
[10:27:47.267] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Directory Sync Tool
[10:27:47.267] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.267] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {bef7e7d9-2ac2-44b9-abfc-3335222b92a7}: no registered products found.
[10:27:47.267] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {dc9e604e-37b0-4efc-b429-21721cf49d0d}: no registered products found.
[10:27:47.267] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {545334d7-13cd-4bab-8da1-2775fa8cf7c2}: no registered products found.
[10:27:47.283] [  1] [INFO ] Determining installation action for Microsoft Directory Sync Tool UpgradeCodes {bef7e7d9-2ac2-44b9-abfc-3335222b92a7}, {dc9e604e-37b0-4efc-b429-21721cf49d0d}
[10:27:47.283] [  1] [INFO ] DirectorySyncComponent: Product Microsoft Directory Sync Tool is not installed.
[10:27:47.283] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Sync Engine
[10:27:47.283] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.283] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {545334d7-13cd-4bab-8da1-2775fa8cf7c2}: no registered products found.
[10:27:47.283] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {dc9e604e-37b0-4efc-b429-21721cf49d0d}: no registered products found.
[10:27:47.283] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {bef7e7d9-2ac2-44b9-abfc-3335222b92a7}: no registered products found.
[10:27:47.283] [  1] [INFO ] Determining installation action for Azure AD Sync Engine (545334d7-13cd-4bab-8da1-2775fa8cf7c2)
[10:27:47.595] [  1] [INFO ] Product Azure AD Sync Engine is not installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Connect Synchronization Agent
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {3cd653e3-5195-4ff2-9d6c-db3dacc82c25}: no registered products found.
[10:27:47.595] [  1] [INFO ] Determining installation action for Azure AD Connect Synchronization Agent (3cd653e3-5195-4ff2-9d6c-db3dacc82c25)
[10:27:47.595] [  1] [INFO ] Product Azure AD Connect Synchronization Agent is not installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Connect Health agent for sync
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {114fb294-8aa6-43db-9e5c-4ede5e32886f}: no registered products found.
[10:27:47.595] [  1] [INFO ] Determining installation action for Azure AD Connect Health agent for sync (114fb294-8aa6-43db-9e5c-4ede5e32886f)
[10:27:47.595] [  1] [INFO ] Product Azure AD Connect Health agent for sync is not installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Connect agent
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {a8b03820-e701-44d7-b65e-6ffbb866a861}: no registered products found.
[10:27:47.595] [  1] [INFO ] Determining installation action for Azure AD Connect agent (a8b03820-e701-44d7-b65e-6ffbb866a861)
[10:27:47.595] [  1] [INFO ] Product Azure AD Connect agent is not installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft SQL Server 2012 Command Line Utilities
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {52446750-c08e-49ef-8c2e-1e0662791e7b}: verified product code {9d573e71-1077-4c7e-b4db-4e22a5d2b48b}.
[10:27:47.595] [  1] [VERB ] Package=Microsoft SQL Server 2012 Command Line Utilities , Version=11.0.2100.60, ProductCode=9d573e71-1077-4c7e-b4db-4e22a5d2b48b, UpgradeCode=52446750-c08e-49ef-8c2e-1e0662791e7b
[10:27:47.595] [  1] [INFO ] Determining installation action for Microsoft SQL Server 2012 Command Line Utilities (52446750-c08e-49ef-8c2e-1e0662791e7b)
[10:27:47.595] [  1] [INFO ] Product Microsoft SQL Server 2012 Command Line Utilities (version 11.0.2100.60) is installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft SQL Server 2012 Express LocalDB
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {c3593f78-0f11-4d8d-8d82-55460308e261}: verified product code {6c026a91-640f-4a23-8b68-05d589cc6f18}.
[10:27:47.595] [  1] [VERB ] Package=Microsoft SQL Server 2012 Express LocalDB , Version=11.1.3000.0, ProductCode=6c026a91-640f-4a23-8b68-05d589cc6f18, UpgradeCode=c3593f78-0f11-4d8d-8d82-55460308e261
[10:27:47.595] [  1] [INFO ] Determining installation action for Microsoft SQL Server 2012 Express LocalDB (c3593f78-0f11-4d8d-8d82-55460308e261)
[10:27:47.595] [  1] [INFO ] Product Microsoft SQL Server 2012 Express LocalDB (version 11.1.3000.0) is installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft SQL Server 2012 Native Client
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {1d2d1fa0-e158-4798-98c6-a296f55414f9}: verified product code {49d665a2-4c2a-476e-9ab8-fcc425f526fc}.
[10:27:47.595] [  1] [VERB ] Package=Microsoft SQL Server 2012 Native Client , Version=11.0.2100.60, ProductCode=49d665a2-4c2a-476e-9ab8-fcc425f526fc, UpgradeCode=1d2d1fa0-e158-4798-98c6-a296f55414f9
[10:27:47.595] [  1] [INFO ] Determining installation action for Microsoft SQL Server 2012 Native Client (1d2d1fa0-e158-4798-98c6-a296f55414f9)
[10:27:47.595] [  1] [INFO ] Product Microsoft SQL Server 2012 Native Client (version 11.0.2100.60) is installed.
[10:27:47.595] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Azure AD Connect Azure AD Connector
[10:27:47.595] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.595] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {fb3feca7-5190-43e7-8d4b-5eec88ed9455}: no registered products found.
[10:27:47.595] [  1] [INFO ] Determining installation action for Microsoft Azure AD Connect Azure AD Connector (fb3feca7-5190-43e7-8d4b-5eec88ed9455)
[10:27:47.595] [  1] [INFO ] Product Microsoft Azure AD Connect Azure AD Connector is not installed.
[10:27:47.595] [  1] [INFO ] Determining installation action for Microsoft Azure AD Connection Tool.
[10:27:47.798] [  1] [WARN ] Failed to read DisplayName registry key: An error occurred while executing the 'Get-ItemProperty' command. Cannot find path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MicrosoftAzureADConnectionTool' because it does not exist.
[10:27:47.798] [  1] [INFO ] Product Microsoft Azure AD Connection Tool is not installed.
[10:27:47.798] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure Active Directory Connect
[10:27:47.798] [  1] [VERB ] Getting list of installed packages by upgrade code
[10:27:47.798] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {d61eb959-f2d1-4170-be64-4dc367f451ea}: verified product code {04ba9df9-38c4-425e-8aaa-2a5bb01a289a}.
[10:27:47.798] [  1] [VERB ] Package=Microsoft Azure AD Connect, Version=1.1.371.0, ProductCode=04ba9df9-38c4-425e-8aaa-2a5bb01a289a, UpgradeCode=d61eb959-f2d1-4170-be64-4dc367f451ea
[10:27:47.798] [  1] [INFO ] Determining installation action for Azure Active Directory Connect (d61eb959-f2d1-4170-be64-4dc367f451ea)
[10:27:47.798] [  1] [INFO ] Product Azure Active Directory Connect (version 1.1.371.0) is installed.
[10:27:47.798] [  1] [INFO ] Checking for DirSync conditions.
[10:27:47.798] [  1] [INFO ] DirSync not detected. Checking for AADSync/AADConnect upgrade conditions.
[10:27:47.798] [  1] [INFO ] Sync engine is not present. Performing clean install.
[10:27:48.047] [  1] [INFO ] Starting a background thread in Express Settings. Background Task Id: 1.
[10:27:48.047] [ 10] [INFO ] Checking if machine version is 6.1.7601 or higher
[10:27:48.047] [ 10] [INFO ] The current operating system version is 6.1.7601, the requirement is 6.1.7601.
[10:27:48.047] [ 10] [INFO ] Password Sync supported: 'True'
[10:27:48.094] [  1] [INFO ] Express Settings install is supported: domain-joined + OS version allowed.
[10:27:58.208] [  1] [INFO ] Express Settings:  Updating page flow for EXPRESS mode install.
[10:27:58.210] [  1] [INFO ] Called SetWizardMode(ExpressInstall, True)
[10:27:58.310] [  1] [INFO ] Starting a background thread in Express Settings. Background Task Id: 2.
[10:27:58.400] [ 10] [INFO ] Starting a background thread in Install required components. Background Task Id: 3.
[10:27:58.427] [ 11] [INFO ] SyncEngineSetupViewModel: Validating sync engine settings.
[10:27:58.440] [ 11] [INFO ] Starting Sync Engine installation
[10:27:58.444] [ 11] [INFO ] Starting Prerequisite installation
[10:27:58.447] [ 11] [VERB ] WorkflowEngine created
[10:27:58.453] [ 11] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Online Services Sign-In Assistant for IT Professionals
[10:27:58.453] [ 11] [VERB ] Getting list of installed packages by upgrade code
[10:27:58.453] [ 11] [INFO ] GetInstalledPackagesByUpgradeCode {03c97135-0e31-4334-9215-63827d4f07d4}: verified product code {d8ab93b0-6fbf-44a0-971f-c0669b5ae6dd}.
[10:27:58.454] [ 11] [VERB ] Package=Microsoft Online Services Sign-in Assistant, Version=7.250.4556.0, ProductCode=d8ab93b0-6fbf-44a0-971f-c0669b5ae6dd, UpgradeCode=03c97135-0e31-4334-9215-63827d4f07d4
[10:27:58.454] [ 11] [INFO ] Determining installation action for Microsoft Online Services Sign-In Assistant for IT Professionals (03c97135-0e31-4334-9215-63827d4f07d4)
[10:27:58.454] [ 11] [INFO ] Product Microsoft Online Services Sign-In Assistant for IT Professionals (version 7.250.4556.0) is installed.
[10:27:58.454] [ 11] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Azure Active Directory Module for Windows PowerShell
[10:27:58.454] [ 11] [VERB ] Getting list of installed packages by upgrade code
[10:27:58.454] [ 11] [INFO ] GetInstalledPackagesByUpgradeCode {bbf5d0bf-d8ae-4e66-91ab-b7023c1f288c}: no registered products found.
[10:27:58.454] [ 11] [INFO ] Determining installation action for Microsoft Azure Active Directory Module for Windows PowerShell
[10:27:58.640] [ 11] [INFO ] CheckInstallationState: Packaged version (1.1.371.0), Installed version (1.1.371.0).
[10:27:58.796] [ 11] [INFO ] CheckInstallationState: AAD PowerShell is up to date (1.1.371.0 <= 1.1.371.0).
[10:27:58.796] [ 11] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Visual C++ 2013 Redistributable Package
[10:27:58.796] [ 11] [VERB ] Getting list of installed packages by upgrade code
[10:27:58.796] [ 11] [INFO ] GetInstalledPackagesByUpgradeCode {20400cf0-de7c-327e-9ae4-f0f38d9085f8}: verified product code {a749d8e6-b613-3be3-8f5f-045c84eba29b}.
[10:27:58.796] [ 11] [VERB ] Package=Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005, Version=12.0.21005, ProductCode=a749d8e6-b613-3be3-8f5f-045c84eba29b, UpgradeCode=20400cf0-de7c-327e-9ae4-f0f38d9085f8
[10:27:58.796] [ 11] [INFO ] Determining installation action for Microsoft Visual C++ 2013 Redistributable Package (20400cf0-de7c-327e-9ae4-f0f38d9085f8)
[10:27:58.796] [ 11] [INFO ] Product Microsoft Visual C++ 2013 Redistributable Package (version 12.0.21005) is installed.
[10:27:58.811] [  1] [INFO ] Page transition from "Express Settings" [ExpressSettingsPageViewModel] to "Connect to Azure AD" [AzureTenantPageViewModel]
[10:27:59.014] [  1] [WARN ] Failed to read IAzureActiveDirectoryContext.AzureADUsername registry key: An error occurred while executing the 'Get-ItemProperty' command. Property IAzureActiveDirectoryContext.AzureADUsername does not exist at path HKEY_CURRENT_USER\SOFTWARE\Microsoft\Azure AD Connect.
[10:27:59.014] [  1] [INFO ] Property Username failed validation with error The Microsoft Azure account name cannot be empty.
[10:28:30.018] [  1] [INFO ] Property Password failed validation with error A Microsoft Azure password is required.
[10:28:34.158] [ 15] [INFO ] AzureTenantPage: Beginning Windows Azure tenant credentials validation.
[10:28:34.314] [ 15] [INFO ] DiscoverAzureInstance [Worldwide]: authority=https://login.windows.net/DOMAINintl.onmicrosoft.com, awsServiceResource=https://graph.windows.net.
[10:28:34.470] [ 15] [INFO ] Authenticate: ADAL authentication is enabled.
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34:  - ProvisioningWebServiceProvider: ADAL .NET with assembly version '2.26.0.0', file version '2.26.30510.2204' and informational version 'a7d6e508b4f87979eed7a45414e6149daeccce4f' is running...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34:  - ProvisioningWebServiceProvider: Clearing Cache :- 0 items to be removed
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34:  - ProvisioningWebServiceProvider: Successfully Cleared Cache
[10:28:34.532] [ 15] [INFO ] Authenticate-ADAL: acquiring token using explicit tenant credentials.
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34: 9da597ec-405f-48a5-8f6b-57a56653aeea - AcquireTokenNonInteractiveHandler: === Token Acquisition started:
Authority: https://login.windows.net/XXXXXXX (blanked Out)
Resource: https://graph.windows.net
ClientId: cb1056e2-e479-49de-ae31-7812af012ed8
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (0 items)
Authentication Target: User

AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34: 9da597ec-405f-48a5-8f6b-57a56653aeea - <RunAsync>d__0: Looking up cache for a token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34: 9da597ec-405f-48a5-8f6b-57a56653aeea - <RunAsync>d__0: No matching token was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:34: 9da597ec-405f-48a5-8f6b-57a56653aeea - AsyncMethodBuilderCore: Sending user realm discovery request to 'https://login.windows.net/common/UserRealm/loginname?api-version=1.0'
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 9da597ec-405f-48a5-8f6b-57a56653aeea - AsyncMethodBuilderCore: User with hash 'vzXDzAzhoT/8ggCmsgs3U9i60Nyo6AivNMX1L8lYit8=' detected as 'Managed'
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 9da597ec-405f-48a5-8f6b-57a56653aeea - <RunAsync>d__0: Storing token in the cache...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 9da597ec-405f-48a5-8f6b-57a56653aeea - <RunAsync>d__0: An item was stored in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 9da597ec-405f-48a5-8f6b-57a56653aeea - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash: Tokenhash (blanked out)
Refresh Token Hash: Refresh tokenhash (blanked out)
Expiration Time: 01/23/2017 19:28:34 +00:00
User Hash: User hash (blanked out)

[10:28:35.640] [ 15] [INFO ] Authenticate-ADAL: retrieving company configuration for tenant=19b46852-cfc7-4621-8c5e-c4e7abcd9783.
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 6f8c4f5e-ba8f-48d7-9049-8aba5542469e - AcquireTokenNonInteractiveHandler: === Token Acquisition started:
Authority: https://login.windows.net/tenanturl
Resource: https://graph.windows.net
ClientId: cb1056e2-e479-49de-ae31-7812af012ed8
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (1 items)
Authentication Target: User

AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 6f8c4f5e-ba8f-48d7-9049-8aba5542469e - <RunAsync>d__0: Looking up cache for a token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 6f8c4f5e-ba8f-48d7-9049-8aba5542469e - TokenCache: An item matching the requested resource was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 6f8c4f5e-ba8f-48d7-9049-8aba5542469e - <RunAsync>d__0: 59.9820333316667 minutes left until token in cache expires
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 6f8c4f5e-ba8f-48d7-9049-8aba5542469e - <RunAsync>d__0: A matching item (access token or refresh token or both) was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:35: 6f8c4f5e-ba8f-48d7-9049-8aba5542469e - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash:

Refresh Token Hash: 
Expiration Time: 01/23/2017 19:28:34 +00:00
User Hash:

[10:28:36.997] [ 15] [INFO ] Authenticate: tenantId=(19b46852-cfc7-4621-8c5e-c4e7abcd9783), IsDirSyncing=False, IsPasswordSyncing=False, DomainName=, DirSyncFeatures=0, AllowedFeatures=None.
[10:28:37.231] [ 15] [INFO ] DiscoverAzureEndpoints [AzurePowerShell]: ServiceEndpoint=https://provisioningapi.microsoftonline.com/provisioningwebservice.svc, AdalAuthority=https://login.windows.net/tenanturl, AdalResource=https://graph.windows.net.
[10:28:37.231] [ 15] [INFO ] AcquireServiceToken [AzurePowerShell]: acquiring additional service token.
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:37: ba9d6b97-d63f-40f7-9750-5555cc746db9 - AcquireTokenNonInteractiveHandler: === Token Acquisition started:
Authority: https://login.windows.net/tenanturl
Resource: https://graph.windows.net
ClientId: cb1056e2-e479-49de-ae31-7812af012ed8
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (1 items)
Authentication Target: User

AzureADConnect.exe Information: 0 : 01/23/2017 18:28:37: ba9d6b97-d63f-40f7-9750-5555cc746db9 - <RunAsync>d__0: Looking up cache for a token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:37: ba9d6b97-d63f-40f7-9750-5555cc746db9 - TokenCache: An item matching the requested resource was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:37: ba9d6b97-d63f-40f7-9750-5555cc746db9 - <RunAsync>d__0: 59.9560332866667 minutes left until token in cache expires
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:37: ba9d6b97-d63f-40f7-9750-5555cc746db9 - <RunAsync>d__0: A matching item (access token or refresh token or both) was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:37: ba9d6b97-d63f-40f7-9750-5555cc746db9 - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash: 
Refresh Token Hash: 
Expiration Time: 01/23/2017 19:28:34 +00:00
User Hash: 

[10:28:37.231] [ 15] [INFO ] AzureTenantPage: attempting to connect to Azure via AAD PowerShell.
[10:28:37.247] [ 15] [INFO ] ConnectMsolService: connecting using an AccessToken.
[10:28:37.730] [ 15] [WARN ] Failed to import module MSOnline for PowerShell Command Connect-MsolService
AzureADConnect.exe Information: 0 : 1/23/2017 6:28:38 PM:  - ConnectMsolService: ADAL .NET with assembly version '2.23.0.0', file version '2.23.30226.1847' and informational version '0b5f258db72d0632d3693d262acbf77b634e9136' is running...
[10:28:39.556] [ 15] [INFO ] AzureTenantPage: successfully connected to Azure via AAD PowerShell.
[10:28:40.367] [ 15] [WARN ] Failed to import module MSOnline for PowerShell Command Get-MsolCompanyInformation
[10:28:40.804] [ 15] [INFO ] AzureTenantPage: Successfully retrieved company information for tenant 19b46852-cfc7-4621-8c5e-c4e7abcd9783.
[10:28:40.819] [ 15] [INFO ] AzureTenantPage: DirectorySynchronizationEnabled=False
[10:28:40.819] [ 15] [INFO ] AzureTenantPage: DirectorySynchronizationStatus=Disabled
[10:28:40.819] [ 15] [INFO ] PowershellHelper: lastDirectorySyncTime=null
[10:28:40.835] [ 15] [WARN ] Failed to import module MSOnline for PowerShell Command Get-MsolDomain
[10:28:41.116] [ 15] [INFO ] AzureTenantPage: Successfully retrieved 2 domains from the tenant.
[10:28:41.116] [ 15] [INFO ] Calling to get the last dir sync time for the current user
[10:28:41.381] [ 15] [INFO ] AzureTenantPage: Windows Azure tenant credentials validation succeeded.
[10:28:41.693] [ 15] [INFO ] DiscoverAzureEndpoints [PassthruAuthentication]: ServiceEndpoint=https://{0}.register.msappproxy.net:9090/register, AdalAuthority=https://login.windows.net/tenanturl, AdalResource=https://proxy.cloudwebappproxy.net/registerapp.
[10:28:41.693] [ 15] [INFO ] AcquireServiceToken [PassthruAuthentication]: acquiring additional service token.
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - AcquireTokenNonInteractiveHandler: === Token Acquisition started:
Authority: https://login.windows.net/tenanturl
Resource: https://proxy.cloudwebappproxy.net/registerapp
ClientId: ID
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (1 items)
Authentication Target: User

AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - <RunAsync>d__0: Looking up cache for a token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - TokenCache: A Multi Resource Refresh Token for a different resource was found which can be used
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - <RunAsync>d__0: Multi resource refresh token for resource 'https://graph.windows.net' will be used to acquire token for 'https://proxy.cloudwebappproxy.net/registerapp'
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - <RunAsync>d__0: A matching item (access token or refresh token or both) was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - AsyncMethodBuilderCore: Refreshing access token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - <RunAsync>d__0: Storing token in the cache...
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - <RunAsync>d__0: An item was stored in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:28:41: 89da2897-564a-4680-ac4c-1a7d33f8f0b4 - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash:
Refresh Token Hash: 
Expiration Time: 01/23/2017 19:28:41 +00:00
User Hash: 

[10:28:43.612] [ 15] [INFO ] AzureTenantPage: desktopsso status is False.
[10:28:43.612] [  1] [INFO ] Page transition from "Connect to Azure AD" [AzureTenantPageViewModel] to "Connect to AD DS" [ConfigOnPremiseCredentialsPageViewModel]
[10:28:43.658] [  1] [INFO ] Property Username failed validation with error The username format is incorrect. Specify the username in the format of DOMAIN\username.
[10:29:03.655] [  1] [INFO ] Property Password failed validation with error A password is required.
[10:31:01.143] [  7] [INFO ] ConfigOnPremiseCredentialsPage: Validating credentials.
[10:31:01.209] [  7] [INFO ] ConfigOnPremiseCredentialsPage: LogonUser succeeded for user DOMAIN\o365
[10:31:01.673] [  7] [INFO ] Start GetEnterpiseAdminSid using rootdomain DOMAIN.local
[10:31:01.686] [  7] [INFO ] EnterpiseAdminSid=S-1-5-21-375331118-2012472695-109833583-519
[10:31:01.799] [  7] [INFO ] ValidateCredentials UseExpressSettings: The domain name 'DOMAIN.local' was successfully matched.
[10:31:01.808] [  7] [INFO ] ConfigOnPremiseCredentialsPage: Validating forest
[10:31:01.813] [  7] [INFO ] Validating forest with FQDN DOMAIN.local
[10:31:01.896] [  7] [INFO ] Examining domain DOMAIN.local (:0% complete)
[10:31:01.900] [  7] [INFO ] ValidateForest: using SERVER.DOMAIN.local to validate domain DOMAIN.local
[10:31:01.903] [  7] [INFO ] Successfully examined domain DOMAIN.local GUID:c89ea0f1-b330-4406-b9c2-b657fd2edf3b  DN:DC=DOMAIN,DC=local
[10:31:01.943] [  7] [INFO ] ConfigOnPremiseCredentialsPageViewModel: Credentials will be used to administer the AD MA account (New Install).
[10:31:02.241] [  7] [INFO ] DiscoverAzureEndpoints [AzurePowerShell]: ServiceEndpoint=https://provisioningapi.microsoftonline.com/provisioningwebservice.svc, AdalAuthority=https://login.windows.net/DOMAINintl.onmicrosoft.com, AdalResource=https://graph.windows.net.
[10:31:02.241] [  7] [INFO ] AcquireServiceToken [AzurePowerShell]: acquiring additional service token.
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:02: d1aaff1c-5d7c-4cdb-bda2-a936e6091419 - AcquireTokenNonInteractiveHandler: === Token Acquisition started:
Authority: https://login.windows.net/DOMAINintl.onmicrosoft.com/
Resource: https://graph.windows.net
ClientId: cb1056e2-e479-49de-ae31-7812af012ed8
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (2 items)
Authentication Target: User

AzureADConnect.exe Information: 0 : 01/23/2017 18:31:02: d1aaff1c-5d7c-4cdb-bda2-a936e6091419 - <RunAsync>d__0: Looking up cache for a token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:02: d1aaff1c-5d7c-4cdb-bda2-a936e6091419 - TokenCache: An item matching the requested resource was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:02: d1aaff1c-5d7c-4cdb-bda2-a936e6091419 - <RunAsync>d__0: 57.5391911116667 minutes left until token in cache expires
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:02: d1aaff1c-5d7c-4cdb-bda2-a936e6091419 - <RunAsync>d__0: A matching item (access token or refresh token or both) was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:02: d1aaff1c-5d7c-4cdb-bda2-a936e6091419 - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash: PrRTBVaeV7ALZWBy1OshvUaqpoSoEBDYzHEpX9Yxp4k=
Refresh Token Hash: SJ7sx746JaeD0M4U9ZMUY9gxYAbJ9vqiS5Vhmow9V34=
Expiration Time: 01/23/2017 19:28:34 +00:00
User Hash: 3ZXy4qd6nkrYrpGMRx5+4eC7bzTIBzuF6ZGl5jlzqyU=

[10:31:02.243] [  7] [VERB ] MsolDomainExtensions.GetAllConfiguredDomains: Connecting to MSOL service.
[10:31:02.243] [  7] [INFO ] ConnectMsolService: connecting using an AccessToken.
[10:31:02.625] [  7] [WARN ] Failed to import module MSOnline for PowerShell Command Connect-MsolService
[10:31:03.189] [  7] [WARN ] Failed to import module MSOnline for PowerShell Command Get-MsolDomain
[10:31:03.481] [  7] [INFO ] Page transition from "Connect to AD DS" [ConfigOnPremiseCredentialsPageViewModel] to "Azure AD sign-in" [UserSignInConfigPageViewModel]
[10:31:03.508] [  7] [INFO ] Starting a background thread in Azure AD sign-in configuration. Background Task Id: 4.
[10:31:03.758] [ 27] [INFO ] DiscoverAzureEndpoints [AzurePowerShell]: ServiceEndpoint=https://provisioningapi.microsoftonline.com/provisioningwebservice.svc, AdalAuthority=https://login.windows.net/DOMAINintl.onmicrosoft.com, AdalResource=https://graph.windows.net.
[10:31:03.758] [ 27] [INFO ] AcquireServiceToken [AzurePowerShell]: acquiring additional service token.
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:03: 93d97adb-2415-43ea-8764-6c1d8eda064e - AcquireTokenNonInteractiveHandler: === Token Acquisition started:
Authority: https://login.windows.net/DOMAINintl.onmicrosoft.com/
Resource: https://graph.windows.net
ClientId: cb1056e2-e479-49de-ae31-7812af012ed8
CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (2 items)
Authentication Target: User

AzureADConnect.exe Information: 0 : 01/23/2017 18:31:03: 93d97adb-2415-43ea-8764-6c1d8eda064e - <RunAsync>d__0: Looking up cache for a token...
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:03: 93d97adb-2415-43ea-8764-6c1d8eda064e - TokenCache: An item matching the requested resource was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:03: 93d97adb-2415-43ea-8764-6c1d8eda064e - <RunAsync>d__0: 57.513923 minutes left until token in cache expires
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:03: 93d97adb-2415-43ea-8764-6c1d8eda064e - <RunAsync>d__0: A matching item (access token or refresh token or both) was found in the cache
AzureADConnect.exe Information: 0 : 01/23/2017 18:31:03: 93d97adb-2415-43ea-8764-6c1d8eda064e - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned:
Access Token Hash: 
Refresh Token Hash: 
Expiration Time: 01/23/2017 19:28:34 +00:00
User Hash: 

[10:31:03.759] [ 27] [VERB ] MsolDomainExtensions.GetAllConfiguredDomains: Connecting to MSOL service.
[10:31:03.759] [ 27] [INFO ] ConnectMsolService: connecting using an AccessToken.
[10:31:04.092] [ 27] [WARN ] Failed to import module MSOnline for PowerShell Command Connect-MsolService
[10:31:04.378] [ 27] [WARN ] Failed to import module MSOnline for PowerShell Command Get-MsolDomain
[10:31:04.749] [  1] [INFO ] UPN Suffix List
[10:31:04.749] [  1] [INFO ] --------------------------------------------------------------------
[10:31:04.749] [  1] [INFO ] UPN Suffix [Azure Status]
[10:31:04.749] [  1] [INFO ] --------------------------------------------------------------------
[10:31:04.752] [  1] [INFO ] DOMAIN.local [Not Added]
[10:31:04.752] [  1] [INFO ] DOMAINintl.com [Verified]
[10:31:04.753] [  1] [INFO ] --------------------------------------------------------------------
[10:31:04.754] [  1] [WARN ] Users will not be able to sign-in Azure AD using their on-premises credentials.
[Partial matching domains]
[10:31:29.161] [  1] [INFO ] Page transition from "Azure AD sign-in" [UserSignInConfigPageViewModel] to "Configure" [PerformConfigurationPageViewModel]
[10:31:29.171] [  1] [INFO ] Starting a background thread in Ready to configure. Background Task Id: 5.
[10:31:30.183] [  7] [INFO ] DiscoverAzureEndpoints [AADHealth]: ServiceEndpoint=https://s1.adhybridhealth.azure.com, AdalAuthority=https://login.windows.net/DOMAINintl.onmicrosoft.com, AdalResource=https://management.core.windows.net/.
[10:31:45.018] [  1] [INFO ] Starting a background thread in Configuring. Background Task Id: 6.
[10:31:45.019] [ 28] [INFO ] PerformConfigurationPageViewModel.ExecuteADSyncConfiguration: Preparing to configure sync engine (WizardMode=ExpressInstall).
[10:31:45.022] [ 28] [INFO ] PerformConfigurationPageViewModel.ExecuteSyncEngineInstallCore: Preparing to install sync engine (WizardMode=ExpressInstall).
[10:31:45.026] [ 28] [INFO ] Starting Sync Engine installation
[10:32:23.635] [ 27] [INFO ] Starting Telemetry Send
[10:32:23.636] [ 28] [ERROR] PerformConfigurationPageViewModel: Caught exception while installing synchronization service.
Exception Data (Raw): System.Exception: Unable to install the Synchronization Service.  Please see the event log for additional details. ---> Microsoft.Azure.ActiveDirectory.Synchronization.Framework.ProcessExecutionFailedException: Exception: Execution failed with errorCode: 1.

Details: Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : SQL Server Network Interfaces: Unexpected error occurred inside a LocalDB instance API method call. See the Windows Application event log for error details.
 [x89C50108]. .
Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : Login timeout expired.
Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online..

   at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.ProcessAdapter.StartProcessCore(String fileName, String& processOutput, String arguments, String workingDirectory, NetworkCredential credential, Boolean loadUserProfile, Boolean hideWindow, Boolean waitForExit, Boolean traceArguments)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.ProcessAdapterCallerBase.TypeDependencies.StartBackgroundProcessAndWaitForExit(String fileName, String arguments, String workingDirectory, NetworkCredential credential, Boolean loadUserProfile)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.SqlCmdAdapter.ExecuteCommand(String arguments, NetworkCredential credential)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SynchronizationServiceSetupTask.<>c__DisplayClass13.<InitializeSqlSharedInstance>b__11()
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SynchronizationServiceSetupTask.<>c__DisplayClass13.<InitializeSqlSharedInstance>b__12()
   at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.ActionExecutor.Execute(Action action, String description)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SynchronizationServiceSetupTask.InitializeSqlSharedInstance(String sqlLocalDbInstanceOwnerSid, NetworkCredential sqlLocalDbInstanceOwnerCredential, SetupConfig config)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SynchronizationServiceSetupTask.InstallCore(String logFilePath, String logFileSuffix)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.ActionExecutor.ExecuteWithSetupResultsStatus(SetupAction action, String description, String logFileName, String logFileSuffix)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SetupBase.Install()
   --- End of inner exception stack trace ---
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SetupBase.ThrowSetupTaskFailureException(String exceptionFormatString, String taskName, Exception innerException)
   at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SetupBase.Install()
   at Microsoft.Online.Deployment.OneADWizard.Providers.EngineSetupProvider.SetupSyncEngine(String setupFilesPath, String installationPath, String sqlServerName, String sqlInstanceName, String serviceAccountName, String serviceAccountDomain, String serviceAccountPassword, String groupAdmins, String groupBrowse, String groupOperators, String groupPasswordSet, Int32 numberOfServiceInstances, ProgressChangedEventHandler progressChanged, NetworkCredential& serviceAccountCredential, SecurityIdentifier& serviceAccountSid)
   at Microsoft.Online.Deployment.OneADWizard.Runtime.Stages.InstallSyncEngineStage.ExecuteInstallCore(ISyncEngineInstallContext syncEngineInstallContext, ProgressChangedEventHandler progressChangesEventHandler)
   at Microsoft.Online.Deployment.OneADWizard.Runtime.Stages.InstallSyncEngineStage.ExecuteInstall(ISyncEngineInstallContext syncEngineInstallContext, ProgressChangedEventHandler progressChangesEventHandler)
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.ExecuteSyncEngineInstallCore(AADConnectResult& result)
[10:36:02.498] [  1] [INFO ] Opened log file at path C:\Users\USER\AppData\Local\AADConnect\trace-20170123-102742.log


Viewing all 16000 articles
Browse latest View live




Latest Images