Share via

Why isn't Azure AD Connect Syncing

Mike P. Smith 60 Reputation points
2024-10-21T19:00:17.77+00:00

Upgraded AD Sync to Azure AD Connect 2.3.20.0 and now it does not look like we're syncing.

Didn't get any errors during the upgrade.

Added one more OU to be synced, everything looks good. I do see objects from the added OU in Entra Admin Center, but changes to user accounts are not syncing and the Directory Sync Status page shows last directory sync was 3 days ago.

Last Password Sync was 26 minutes ago.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,591 questions
Microsoft Entra
0 comments
Accepted answer
  1. Sandeep G-MSFT 19,516 Reputation points Microsoft Employee
    2024-10-22T04:20:54.7233333+00:00

    @Mike P. Smith

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "[The question author cannot accept their own answer. They can only accept answers by others] (https://docs.microsoft.com/en-us/answers/support/accepted-answers#why-only-one-accepted-answer)**)", I'll repost your solution in case you'd like to "[Accept] (https://docs.microsoft.com/en-us/answers/support/accepted-answers#accepted-answer-in-a-question-thread)**)" the answer.

     

    Issue: Post upgrading AD connect to latest version, syncing stopped working.

    Solution: Enabling TLS 1.2 and adding 4 additional registry keys manually in device fixed the issue.

    Reference: https://zcusa.951200.xyz/en-us/entra/identity/hybrid/connect/reference-connect-tls-enforcement#powershell-script-to-check-tls-12

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 148.6K Reputation points MVP
    2024-10-21T19:39:19.5266667+00:00

    Whats the status of the sync? Is it stopped? Check the Entra Connect Services program itself and restart the Microsoft Azure AD Sync service if its stopped or hung up

    https://zcusa.951200.xyz/en-us/entra/identity/hybrid/connect/how-to-connect-sync-service-manager-ui

  2. Mike P. Smith 60 Reputation points
    2024-10-21T22:31:40.8766667+00:00

    Newer version of Azure AD Connect requires TLS 1.2 to be enabled. I ran a slightly newer installer and it stopped right away and told me TLS 1.2 was not enabled. So 2.3.20.0 does not warn you, but 2.4.21.0 does.

    The 2.4.21.0 installer also has a link to a page that shows all the registry keys you need to add in order to get this working. I think for an Azure AD Sync server you need to add some keys that otherwise might not be necessary. I added the TLS 1.2 Server and Client keys earlier today, but that did not fix it.

    Adding the 4 additional keys shown on the page linked in the 2.4.21.0 installer fixed it.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.