locked
Windows Server Essentials Service Cannot Reset the password for the following accounts RRS feed

  • Question

  • I have a Server 2012 R2 Essentials and passwords have stopped syncing with Office 365. I reset the password for the administrative account that Essentials uses to sync information with Office 365 since it expired. After fixing the password it still won't sync. I need to know how to force Server Essentials to perform a full password sync with Office 365.

    *Update

    I'm seeing Error ServerEssentials Event Id 1280 as well

    Critical Alert: PasswordSyncOtherFailure is raised at Server. <Title> The Windows Server Essentials Service cannot synchronize the user password to the online identity repository.. <Description> The Windows Server Essentials Service cannot reset the password for the following accounts:

    user1@domain.com,user3@domain.com,user3@domain.com. <AdditionalInfo> .

    I went down through the list of logs and it is no longer generating authentication failed errors.


    Vincent Sprague



    • Edited by Baron164 Tuesday, November 11, 2014 3:53 PM
    Tuesday, November 11, 2014 3:41 PM

Answers

  • I disabled Office 365 integration and when I tried to re-enable it said that the "server was not connected to the internet" I dug into that and found that somehow all but one of the DNS root hints were gone. I recreated them and was able to re-enable office 365 integration. So far the password sync error has not re-occurred.

    Vincent Sprague

    • Marked as answer by Baron164 Wednesday, November 12, 2014 7:36 PM
    Wednesday, November 12, 2014 7:36 PM

All replies

  • Have you tried turning the sync of 365 off, then re-enable with the new office 365 credentials?

    Robert Pearman SBS MVP
    itauthority.co.uk | Title(Required)
    Facebook | Twitter | Linked in | Google+

    Wednesday, November 12, 2014 9:56 AM
  • I thought about disabling Office 365 Integration and re-enabling it, I wasn't sure what effect that would have. I went through and unassigned the Microsoft online account from each of the accounts and re-assigned it but that didn't help.

    Vincent Sprague

    Wednesday, November 12, 2014 2:22 PM
  • I disabled Office 365 integration and when I tried to re-enable it said that the "server was not connected to the internet" I dug into that and found that somehow all but one of the DNS root hints were gone. I recreated them and was able to re-enable office 365 integration. So far the password sync error has not re-occurred.

    Vincent Sprague

    • Marked as answer by Baron164 Wednesday, November 12, 2014 7:36 PM
    Wednesday, November 12, 2014 7:36 PM
  • Hi Vincent,

    Glad to hear that you have solved this issue and thanks for sharing your solution in the forum. Your time and efforts are highly appreciated.

    Best regards,

    Justin Gu

    Thursday, November 13, 2014 1:07 AM
  • One of our customers has a Windows Server 2012 R2 Essentials server and Office 365, both integrated via Windows Server Essentials. This worked fine from ~2015/12/31 (setup) but stopped working ~2016/05/13.

    Having had very little success fixing Office 365 integration via WSE and having had a lot of success integrating Office 365 via Azure Active Directory Connect I decided to abandon WSE and install AADC.

    Installing AADC version 1.1.180.0 succeeded but, despite all prerequisites being met and using default configuration, configuring it failed with the following errors:

    1. "Unable to install the Synchronization Service. Please see the event log for additional details."
    2. "Log Name: Application
      Source: AzureActiveDirectorySyncEngine
      Date: 2016/06/01 12:12:15
      Event ID: 906
      Task Category: None
      Level: Error
      Keywords: Classic
      User: N/A
      Computer: <FQDN>
      Description:
      Object reference not set to an instance of an object."

    I contacted Office 365's technical support who explained that this was due to a conflict with the installation of SQL Server and advised installing AADC on a different server (which wasn't possible for reasons I won't get into). So, I had no choice but to try and fix WSE.

    No matter how many times that I rebooted the server and reconfigured the Office 365 integration, it always integration but always failed to entirely assign accounts and synchronise passwords (refer to the WSE health checks).

    I found it odd that any Office 365-related operations failed with "Unable to connect to the Internet" (or whatever it said) and this post suggested DNS-related problems.

    I investigated the DNS configuration and found that (almost) everything was perfectly normal:

    1. The service was functioning correctly.
    2. The root servers were all added and resolved.
    3. The forwarders were all added and resolved.
    4. The network adapter's DNS servers were simply 127.0.0.1 (itself).
    5. Commands "nslookup ps.outlook.com" and "nslookup outlook.office365.com" completed successfully.

    However, I noticed an oddity: viewing the network adapters details showed "IPV4 DNS Server            " - it was blank.

    Suspecting a long-shot theory that the first thing that WSE does is something like "if(networkAdapter.IPv4.DNSservers == null){return "Unable to connect to the Internet"}", I reconfigured the network adapter adding a secondary DNS server of 8.8.8.8 (Google Public DNS).

    Now viewing the network adapters details showed "IPV4 DNS Server 8.8.8.8", ignoring the primary.

    Re-assigning the AD account to the AAD / O365 / MSOL account still failed with the error but its password was actually synchronised (after changing it, as it was required, for some reason).

    The even more odd thing is that the DNS configuration hasn't changed and this used to work.

    Whatever, I'm not complaining - it's working.

    I hope this helps someone as information on WSE's Office 365 integration is few and far between, especially problems with it.

    Ben.


    • Edited by MythOfEchelon Thursday, June 9, 2016 9:31 AM More info
    Thursday, June 9, 2016 9:26 AM