Azure AD Connect mess RRS feed

  • Question

  • Window server 2016 with the essentials role installed.

    We setup O365 before Azure AD Connect existed, and were using Azure Active directory service on the essentials dashboard. All was good for several month and received a message the we had to install Azure AD Connect.

    Currently both are running on the server and they don't like each other. Azure AD Connect for the most part is working but I believe Essentials is blocking certain things. The integration is broken in the essentials dashboard and O365 wizard = N/A. When I add an email address in active directory (By passing essentials) the address does sync but it duplicates the .onmicrosoft.com address for the user and doesn't add the email with the proper domain.

    I think the best solution is to disable Azure Active Directory in the essentials dashboard, but I get an unknown error occurred. 

    Any ideas on how to disable the integration?

    Charles Frost

    Tuesday, November 13, 2018 11:43 PM

All replies

  • Hi Charles,

    Please refer to this similar case for some idea.


    You’d better post in Windows Server 2016 Essentials forum for more assistance.

    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. 

    Thanks for your understanding and cooperating.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, November 14, 2018 6:07 AM
  • "Received a message the we had to install Azure AD Connect."

    Where did that message originate, exactly?  I can't imagine why MS would push such a message, even if they are emphasizing Azure AD Connect these days.

    You're right though that they're not both meant to be active, strictly one or the other. You should be able to find something about getting past the error, but if you haven't already, I would suggest reading up on Azure AD Connect before going further. It's not one of those things you can just install; there's quite a lot to it, much more than the Essentials connector.

    Wednesday, November 14, 2018 7:02 AM
  • My boss pointed out that his password didn't sync to the cloud account. On the console there was a message that the prior methods of syncing were no longer being used and the only method was to use AD Connect. Even after installing AD Connect there wasn't a problem, we could still use the essentials dashboard (Microsoft Cloud Services integration) to Add, deleted, and assign O365 licenses. About a month ago we started having problems. AD Connect would not start after rebooting, and the essentials dashboard was no longer connected to O365, or azure. My assumption is AD connect and Microsoft Cloud Services integration (Essentials) are stepping on each other? 

    Ironically, we have another business that has a Windows 2016 Essential Server. The same message advising us that we had to install Azure AD Connect, and a message on the admin console (O365) that the sync was disabled. After discovering I could not install AD connect on this Essential server I contacted O365 support. A short time later the server started syncing again. No explanation from Microsoft. 

    My preference is to uninstall Azure AD Connect and use the integration built in the WS Essentials ROLE, but I'm concerned Azure will not work using this method (because Microsoft said so). Plus after reading the literature Microsoft advises not uninstalling/reinstalling AD Connect for diagnostic purposes.

    Anyway I'm stuck, 

    I could uninstall Azure AD Connect and install it on another server, but I will still need to disable Microsoft Cloud Services integration on the original server.

    Or I might try uninstalling the Essential role for the server?

    Or just wipe the server and start over. (With Rack Space)

    Or pony up the $495 Microsoft wants for assistance.

    Any advice would be appreciated.


    Charles Frost

    Wednesday, November 14, 2018 3:23 PM
  • I just looked in on a Server 2016 that we have with the Essentials role connected to O365 and fortunately don't see the warning you're talking about. Everything looks normal. I'm definitely going to seek out more information on what MS is up to though, since clearly something is up. Server 2016, even with that role, should be supported for years to come. Just because MS killed the role in 2019 doesn't mean that it should be banished from earlier versions.

    Not really sure which tack you should take (uninstalling the role and maybe trying to reestablish it, since it's your preference to continue with it, or uninstalling Azure AD Connect). If you go the troubleshooting route, the logs are here:

    %ProgramData%\Microsoft\Windows Server\Logs

    Re the Windows 2016 Essentials Server, at least what you saw there was expected: Azure AD Connect isn't supported on it. Whether there's a workaround for that I don't know. It is supported (officially) on Windows 2019 Essentials Server, which incidentally, like all iterations of 2019, doesn't have the Essentials role and so bears little resemblance to what we know from 2012/2016. 

    Wednesday, November 14, 2018 5:53 PM
  • Is your WS2016 using AD Connect, or Microsoft Cloud Services integration? If it is working without AD Connect I will try to get rid of it and use Microsoft Cloud Services integration instead. That is my first preference anyway?


    Thanks for responding

    Charles Frost

    Wednesday, November 14, 2018 6:19 PM
  • Purely the integration from the role. That server has never seen Azure AD Connect or any of its sync predecessors. 
    Wednesday, November 14, 2018 6:22 PM
  • Great, That is very helpful. I'll get rid of AD Connect.

    We are in the process of moving so I will give it a shot next week and will post the result

    Thanks for the help !!!!

    Charles Frost

    Wednesday, November 14, 2018 7:06 PM
  • Hope it goes well. I know in even the best of circumstances, getting the Essentials 365 integration connected can be a little problematic, as it's always been finicky.

    Since you mentioned other sites, if you can ever get a screenshot of the message about needing to install Azure AD Connect, I'd really like to see it.

    I wonder, is it possible that these servers ever had Dirsync or AAD Sync, the predecessors of of Azure AD Connect?  In that case, a popup telling you that you need to install Azure AD Connect would be expected.

    Wednesday, November 14, 2018 8:52 PM
  • This might explain what happened. It was around December 2017 when we had the issues. 

    I'm assuming Microsoft Cloud Services integration used one of these methods to sync to Azure AD? If that is correct then it was supposed to stop working December 31, 2017?? 

    Azure AD will no longer accept communications from the unsupported tools as of December 31st 2017.



    Charles Frost

    Wednesday, November 14, 2018 10:06 PM
  • That built-in integration doesn't use any of them. It's always been its own thing entirely.

    But if anyone with access to those servers ever installed Dirsync or AAD Sync (the latter being more likely, just due to Dirsync's age), then what you saw would make perfect sense. If either was installed, it's kind of amazing that you didn't see problems in 2017, before it stopped working at the end of 2017, because the built-in integration (which sounds like it was enabled) and any other AD sync tool would be at cross-purposes and lead to unpredictable things happening in O365.

    Wednesday, November 14, 2018 10:18 PM