Tuesday, October 6, 2015

AADConnect – Password Writeback - Unable to Configure Password Writeback

This error message is little misleading “Ensure you have a required license”.  The issue is AADConnect cannot verify the licensing or any other information from Azure at this point. It could be a license or some other issues. You can get some additional information by verifying the Application Event log on the AADConnect server. 

Unable to configure password writeback.  Ensure you have a required license and consult the event log for additional information.

clip_image002

Event Log message:
Log Name:      Application
Source:        PasswordResetService
Date:          11/11/2015 11:01:20 AM
Event ID:      32011
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      AADConnect Server
Description:
TrackingId: f771fb12-ccca-49bc-80aa-7235c97369be, Error connecting to OnPremisesPasswordResetOnboarding Service, Details: System.TimeoutException: The request channel timed out while waiting for a reply after 00:00:59.9589823. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. ---> System.TimeoutException: The HTTP request to 'https://passwordreset.microsoftonline.com/OnboardingService/OnPremisesPasswordResetOnboardingService.svc/OnboardTenantForOnPremisesPasswordResetWithSymmetricKey' has exceeded the allotted timeout of 00:01:00. The time allotted to this operation may have been a portion of a longer timeout. ---> System.Net.WebException: The operation has timed out
   at System.Net.HttpWebRequest.GetResponse()
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   --- End of inner exception stack trace ---
Server stack trace:
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at IOnPremisesPasswordResetOnboarding.OnboardTenantForOnPremisesPasswordResetWithSymmetricKey(OnPremisesPasswordResetOnboardingRequest request)
   at Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.Invoke[TResult](Func`2 operation)
   at Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.InvokeWithRetry[TResult](Func`2 operation, String onboardingServiceUrl, String authenticationToken)
Event Xml:
http://schemas.microsoft.com/win/2004/08/events/event
"> 
   
    32011
    2
   0
    0x80000000000000
   
    8469
    Application
    AADConnect Server
   
 
 
    TrackingId: f771fb12-ccca-49bc-80aa-7235c97369be, Error connecting to OnPremisesPasswordResetOnboarding Service, Details: System.TimeoutException: The request channel timed out while waiting for a reply after 00:00:59.9589823. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. ---> System.TimeoutException: The HTTP request to 'https://passwordreset.microsoftonline.com/OnboardingService/OnPremisesPasswordResetOnboardingService.svc/OnboardTenantForOnPremisesPasswordResetWithSymmetricKey' has exceeded the allotted timeout of 00:01:00. The time allotted to this operation may have been a portion of a longer timeout. ---> System.Net.WebException: The operation has timed out
   at System.Net.HttpWebRequest.GetResponse()
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   --- End of inner exception stack trace ---
Server stack trace:
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at IOnPremisesPasswordResetOnboarding.OnboardTenantForOnPremisesPasswordResetWithSymmetricKey(OnPremisesPasswordResetOnboardingRequest request)
   at Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.Invoke[TResult](Func`2 operation)
   at Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.InvokeWithRetry[TResult](Func`2 operation, String onboardingServiceUrl, String authenticationToken)
 


Resolution
According to the event log message, we had some type of connection time out issue. These types of errors are mainly due to firewall or proxy issues.  The required firewall and port details are documented in the
https://azure.microsoft.com/en-us/documentation/articles/active-directory-passwords-getting-started/#step-3-configure-your-firewall
article.  Make sure to enable these ports for password writeback configuration.

Step 3: Configure your firewall
After you have enabled Password Writeback in the Azure AD Connect tool, you will need to make sure the service can connect to the cloud.
1. Once installation is complete, if you are blocking unknown outbound connections in your environment, you will also need to add the following rules to your firewall. Make sure you reboot your AAD Connect machine after making these changes:
· Allow outbound connections over port 443 TCP
· Allow outbound connections to https://ssprsbprodncu-sb.accesscontrol.windows.net/

· When using a proxy or having general connectivity issues, allow outbound connections over port 9350-9354 TCP

4 comments:

American woman it is highly recommended that they be treated with respect and sexy mexican women honor otherwise the man could be in for a lot of trouble! But what can be safely assumed is that your Latin bride will be a fun, sexy, and family-oriented person with whom to share your life!

During some articles, I saw your post about AADConnect – Password Writeback - Unable to Configure Password Writeback, Which is very interesting for me. Actually, I came across this post of yours while interacting with some friends who have told me about Periodic report writing. By the way, Thanks for letting us know You can get some additional information by verifying the Application Event log on the AAD Connect server. I enjoy reading your essay and am grateful for the knowledge you provide.

The HESI exam is a requirement for nursing students. HESI exams help can assist you in mastering the test's content and structure, HESI Exams Help increasing your chances of scoring well on this critical exam

Secure great savings with the Legal Deedpolls Discount Code! Whether you're changing your name or updating legal documents, Legal Deedpolls provides reliable services at affordable prices. Don't miss out on these exclusive discounts—make your legal processes smoother and more cost-effective today!

Post a Comment

Popular Posts

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More