This
error message is little misleading “Ensure you have a required license”.
The issue is AADConnect cannot verify the licensing or any other information
from Azure at this point. It could be a license or some other issues. You can
get some additional information by verifying the Application Event log on the
AADConnect server.
Unable
to configure password writeback. Ensure you have a required license and
consult the event log for additional information.
Event
Log message:
Log
Name: Application
Source:
PasswordResetService
Date:
11/11/2015 11:01:20 AM
Event
ID: 32011
Task
Category: None
Level:
Error
Keywords:
Classic
User:
N/A
Computer:
AADConnect Server
Description:
TrackingId:
f771fb12-ccca-49bc-80aa-7235c97369be, Error connecting to
OnPremisesPasswordResetOnboarding Service, Details: System.TimeoutException:
The request channel timed out while waiting for a reply after 00:00:59.9589823.
Increase the timeout value passed to the call to Request or increase the
SendTimeout value on the Binding. The time allotted to this operation may have
been a portion of a longer timeout. ---> System.TimeoutException: The HTTP
request to
'https://passwordreset.microsoftonline.com/OnboardingService/OnPremisesPasswordResetOnboardingService.svc/OnboardTenantForOnPremisesPasswordResetWithSymmetricKey'
has exceeded the allotted timeout of 00:01:00. The time allotted to this operation
may have been a portion of a longer timeout. ---> System.Net.WebException:
The operation has timed out
at System.Net.HttpWebRequest.GetResponse()
at
System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan
timeout)
--- End of inner exception stack trace ---
at
System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException
webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan
timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message,
TimeSpan timeout)
--- End of inner exception stack trace ---
Server
stack trace:
at System.ServiceModel.Channels.RequestChannel.Request(Message message,
TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean
oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan
timeout)
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception
rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
at IOnPremisesPasswordResetOnboarding.OnboardTenantForOnPremisesPasswordResetWithSymmetricKey(OnPremisesPasswordResetOnboardingRequest
request)
at
Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.Invoke[TResult](Func`2
operation)
at Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.InvokeWithRetry[TResult](Func`2
operation, String onboardingServiceUrl, String authenticationToken)
Event
Xml:
">
TrackingId: f771fb12-ccca-49bc-80aa-7235c97369be, Error connecting
to OnPremisesPasswordResetOnboarding Service, Details: System.TimeoutException:
The request channel timed out while waiting for a reply after 00:00:59.9589823.
Increase the timeout value passed to the call to Request or increase the
SendTimeout value on the Binding. The time allotted to this operation may have
been a portion of a longer timeout. ---> System.TimeoutException: The
HTTP request to
'https://passwordreset.microsoftonline.com/OnboardingService/OnPremisesPasswordResetOnboardingService.svc/OnboardTenantForOnPremisesPasswordResetWithSymmetricKey'
has exceeded the allotted timeout of 00:01:00. The time allotted to this
operation may have been a portion of a longer timeout. --->
System.Net.WebException: The operation has timed out
at System.Net.HttpWebRequest.GetResponse()
at
System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan
timeout)
--- End of inner exception stack trace ---
at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException
webException, HttpWebRequest request, HttpAbortReason abortReason)
at
System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan
timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message,
TimeSpan timeout)
--- End of inner exception stack trace ---
Server
stack trace:
at System.ServiceModel.Channels.RequestChannel.Request(Message message,
TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean
oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan
timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception
rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
at
IOnPremisesPasswordResetOnboarding.OnboardTenantForOnPremisesPasswordResetWithSymmetricKey(OnPremisesPasswordResetOnboardingRequest
request)
at
Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.Invoke[TResult](Func`2
operation)
at Microsoft.CredentialManagement.OnPremisesPasswordReset.Library.OnboardingServiceConnector.InvokeWithRetry[TResult](Func`2
operation, String onboardingServiceUrl, String
authenticationToken)
Resolution
According
to the event log message, we had some type of connection time out issue. These
types of errors are mainly due to firewall or proxy issues. The required
firewall and port details are documented in the
https://azure.microsoft.com/en-us/documentation/articles/active-directory-passwords-getting-started/#step-3-configure-your-firewall
article.
Make sure to enable these ports for password writeback configuration.
Step
3: Configure your firewall
After
you have enabled Password Writeback in the Azure AD Connect tool, you will need
to make sure the service can connect to the cloud.
1. Once
installation is complete, if you are blocking unknown outbound connections in
your environment, you will also need to add the following rules to your
firewall. Make sure you reboot your AAD Connect machine after making these
changes:
· Allow
outbound connections over port 443 TCP
· Allow
outbound connections to https://ssprsbprodncu-sb.accesscontrol.windows.net/
· When
using a proxy or having general connectivity issues, allow outbound connections
over port 9350-9354 TCP
Tuesday, October 6, 2015
AADConnect – Password Writeback - Unable to Configure Password Writeback
Popular Posts
-
The ADMT service account needs to have proper permission in source and target domains. You don’t need to use 2 separate accounts. You can ...
-
Issue: You receive the following error message, when you try to login to the domain. The security database on the server does not have ...
-
What is an objectSID in Active Directory? When a new object is created in Active Directory, Domain Controller assigns a unique value used ...
-
Updated Script - http://portal.sivarajan.com/2011/10/search-ad-collect-local-admin-group.html Script #1 This script...
-
Purpose – Add users to a group from an input file – PowerShell V2 Script. Input file – Input file (Users.csv) contains samAccountName in...
-
Part I - User Account Migration and Merging Using ADMT Part II - User Account Migration and Merging Using QMM Pre-creating user account in...
-
Part I - User Account Migration and Merging Using ADMT Part II - User Account Migration and Merging Using QMM pre-creating user account ...
-
Before I really dive into Exchange 2010, I thought I would install and play with it first. I took some screen shots and notes during the ins...
-
Here is an easy way to identify and delete inactive or stale computers in an Active Directory environment. Using the dsquery command you c...
-
As we know, there many applications available to convert a PowerShell file to a standalone executable file. Based on my experience, PowerSh...
4 comments:
American woman it is highly recommended that they be treated with respect and sexy mexican women honor otherwise the man could be in for a lot of trouble! But what can be safely assumed is that your Latin bride will be a fun, sexy, and family-oriented person with whom to share your life!
During some articles, I saw your post about AADConnect – Password Writeback - Unable to Configure Password Writeback, Which is very interesting for me. Actually, I came across this post of yours while interacting with some friends who have told me about Periodic report writing. By the way, Thanks for letting us know You can get some additional information by verifying the Application Event log on the AAD Connect server. I enjoy reading your essay and am grateful for the knowledge you provide.
The HESI exam is a requirement for nursing students. HESI exams help can assist you in mastering the test's content and structure, HESI Exams Help increasing your chances of scoring well on this critical exam
Secure great savings with the Legal Deedpolls Discount Code! Whether you're changing your name or updating legal documents, Legal Deedpolls provides reliable services at affordable prices. Don't miss out on these exclusive discounts—make your legal processes smoother and more cost-effective today!
Post a Comment