Quantcast
Channel: Azure Active Directory forum
Viewing all articles
Browse latest Browse all 16000

Azure AD Password Protection Policy Proxy fails to fetch Password Policies

$
0
0

I have a proxy-server connected to the internet, as well as several DC's with the DCAgent running.
When I run Get-AzureADPasswordProtectionDCAgent, all my DC's report PasswordPolicyDateUTC : 01.01.0001 00.00.00.

Looking at logs, I've narrowed it down to Event ID 20001 in the Microsoft-AzureADPasswordProtection-ProxyService/Operational log.
<event>
The Azure AD Password Protection Proxy service attempted to forward a message to Azure on behalf of the calling domain controller but received an http failure.
Http failure code: 400
Elapsed time(msec): 1563
Endpoint: https://enterpriseregistration.windows.net/aadpasswordpolicy<snip>/sendreceive?api-version=1.0&traceid=<snip>

This error may be expected if network connectivity to Azure is unreliable. Please ensure that this machine has network connectivity to Azure.

Additional information may be available at https://aka.ms/AzureADPasswordProtection
</event>

The proxy server has internet access.

Running Invoke-WebRequest on the offending URL, I get the following

Invoke-WebRequest : {"Message":"The request failed with status 
BadRequest (400). No API matching request was found, verify URL and 
parameters are correct"<snip>}

The only thing I can think may be the reason, is the fact that I accidentally ran Register-AzureADPasswordProtectionForest before Register-AzureADPasswordProtectionProxy, though I doubt that's the case.

Please advice. Next step for me is running the cleanup-procedure and attempt a reinstall.



Viewing all articles
Browse latest Browse all 16000

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>