Windows Server AD 与 Azure AD 之间的同步错误

tag-icon tag-icon active-directory windows-server-2019 entra-id
Windows Server AD 与 Azure AD 之间的同步错误

我有 Windows Server 2019 操作系统,其中 AD 通过 Azure AD 连接同步同步到 Azure AD。

我最近为一些老用户更改了域名@mydomain。不幸的是,我还错误地更改了在 AD 和 Azure AD 之间同步的用户的域名。后来,我将更改从@mydomain 恢复为@Istit.omnimicrosoft.com。在 office365(Azure AD)控制面板上,密码​​的同步状态为绿色,而目录的同步状态为红色(同步帐户正确,控制面板->设置->目录同步错误下没有错误)。

我试着跑身份修复,没有任何错误。在本地 AD 上,Azure AD 连接报告了一些错误附上。具体来说,有一个常见错误 sync-generic-failure ,其堆栈跟踪如下:

GetAttribute(): Attribute extension_ebca89ec5199450f860137ded21a1394_accountExpires not found in schema with GUID: 00000000-0000-0000-0000-000000000000 

   in Microsoft.IdentityManagement.PowerShell.ObjectModel.Schema.GetAttribute(String name)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.AttributeFlowModule.PerformAttributeFlowMappingFlow(IEnumerable`1 annotatedAttributeFlowMappings, IEntryModification targetObject)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.AttributeFlowModule.PerformSyncRuleAttributeFlows(IEntryModification sourceObject, IEntryModification targetObject, SynchronizationRule synchronizationRule, Boolean applyExecuteOnceMappings)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.JoinModule.PerformAttributeFlowForAllSourceLinks(SyncRulePipelineArguments pipelineArguments, IEntryModification sourceObject, IEnumerable`1 syncRulesJustApplied, AttributeFlowModule attributeFlowModule)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.JoinModule.Execute(PipelineArguments argsToProcess)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.Server.SyncEngine.RunSyncPipeline(SyncRulePipelineArguments pipelineData, List`1 pipelineChain)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.Server.SyncEngine.RunOutboundWithRecall(SyncRulePipelineArguments pipelineData)
   in Microsoft.MetadirectoryServices.SyncRulesEngine.Server.SyncEngine.Synchronize(SynchronizationOperation operation, IObjectLinkGraph inputGraph, Boolean preview)
   in ManagedSyncRulesEngine.Synchronize(ManagedSyncRulesEngine* , CCsObject* sourceCsObject, CMvObject* mvObject, SynchronizationOperation operation, Char** error)


InnerException=>
none 

Native call stack:

我在网上搜索了很多,但没有找到解决办法。您有什么想法吗?

谢谢

答案1

我找到了一个(简单的)解决方案。我刚刚将 AD Azure 连接软件从 1.4.18 升级到 2.0.28。我之前没想到要这样做,但直到一周前它才正常工作。

相关内容