Hi,
I'm trying to enable Azure Seamless Sign-on. But I can't get it work using the AD Connect or through PowerShell.
If I try it through AD Connect, after I enter my domain Admin credentials I get the error: An Error occurred while locating computer account.
If I try it through Power shell I get this error, and I know it's not a bad username/password, MFA is enabled for my admin account, but MFA is not active when I'm working inside the network.
PS C:\Program Files\Microsoft Azure Active Directory Connect> Enable-AzureADSSOForestcmdlet Enable-AzureADSSOForest at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
OnPremCredentials
[16:38:08.316] [ 8] [INFORMATIONAL] GetDefaultWellKnownContainer: Attempting to look up the default well-known containe
r...
Exception Data (Raw): System.Security.Authentication.AuthenticationException: The user name or password is incorrect.
---> System.DirectoryServices.DirectoryServicesCOMException: The user name or password is incorrect.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.PropertyValueCollection.PopulateList()
at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)
at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)
at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry
directoryEntry, String propertyName)
--- End of inner exception stack trace ---
at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry
directoryEntry, String propertyName)
at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context)
at Microsoft.KerberosAuth.KerberosAuthInterface.OnPremiseOperations.LdapClientProvider.GetDomainDistinguishedName(OnP
remAuthenticationContext onPremAuthenticationContext)
Enable-AzureADSSOForest : The user name or password is incorrect.
At line:1 char:1
+ Enable-AzureADSSOForest
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Enable-AzureADSSOForest], AuthenticationException
+ FullyQualifiedErrorId : System.Security.Authentication.AuthenticationException,Microsoft.KerberosAuth.Powershell
.PowershellCommands.EnableAzureADSSOForestCommand