Recently worked an issue where an O365/DIRSYNC customer was attempting to start the Forefront Identity Manager Synchronization Service and it would not start. Upon investigation I found the following
APPLICATION EVENT LOG – EVENT ID 6208
The server encryption keys could not be accessed. User Action Verify that the service account has permissions to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Synchronization
Service If the problem persists, run setup and restore the encryption keys from backup.
PROCESS MONITOR LOG
12:34:08.4998737 PM sqlservr.exe 1244 CreateFile C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSONLINE\MSSQL\DATA ACCESS DENIED Desired Access: Read Attributes, Synchronize,
Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: S-1-5-21-1760301770-621578649-900842474-1007
SYSTEM EVENT LOG – EVENT ID 7000
The Forefront Identity Manager Synchronization Service service failed to start due to the following error: The service did not start due to a logon failure.
Here are the steps taken to resolve the issue.
Click the Start Button, and go to All Programs > Microsoft Forefront Identity Manager > Synchronization Service Key Management Utility
If for some reason that you do not have this menu item, then you will need to look for
miiskmu.exe file on your system.
You will get the Microsoft Identity Integration Server Key Management Utility dialog
Select Abandon Key Set, and click Next and follow the wizard through to Abandon the Key Set
Go back into the Microsoft Identity Integration Server Key Management Utility
dialog and select Add New Key to Key Set
Follow the wizard through, and create a new Key Set which will create a new BIN file for you.
Once you do this, please test and see if you can start the service