Since doing the November Windows Updates, the Microsoft Azure AD Sync service will not start anymore.
Server 2012 R2, with Microsoft Azure AD Connect version 1.1.343.
It was working fine until the latest batch of Windows Updates. Now the service cannot start any more.
Event viewer error 6300: ADSync:
The server encountered an unexpected error:
"BAIL: MMS(2560): ..\mmscrypt.cpp(2983): 0x8009000b (Key not valid for use in specified state.)
BAIL: MMS(2560): ..\mmscrypt.cpp(2555): 0x8009000b (Key not valid for use in specified state.)
BAIL: MMS(2560): ..\mmscrypt.cpp(390): 0x8009000b (Key not valid for use in specified state.)
BAIL: MMS(2560): ..\storeimp.cpp(640): 0x8009000b (Key not valid for use in specified state.)
Azure AD Sync 1.1.343.0"
Error: 6208: ADSync
The server encryption keys could not be accessed.User Action
Verify that the service account has permissions to the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AD Sync
If the problem persists, run setup and restore the encryption keys from backup.