AADConnect

Recently I faced an issue with Azure AD Connect.

The scenario:

A Windows Server 2012 R2 box with direct access to the internet with Azure AD Connect installed and running under the context of a service account.

As Azure AD Connect was running in the context of a service account, it wanted to utilise a proxy server to connect to the internet as it is WPAD aware.

The error message given was:

An error occurred executing Configure AAD Sync task: user_realm_discovery_failed: User Realm Discovery Failed

The trace log file also reported:

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed —> System.Net.WebException: The remote server returned an error: (407) Proxy Authentication Required.

All the solutions (AADConnect Troubleshooting) I found on the internet pointed me at configuring the machine.config (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\config) with the required proxy server settings, but in my scenario I did not want to utilise a proxy server.

To resolve the issue I added the syntax below to the machine.config file which resolved the issue.

<system.net>
                <defaultProxy enabled=”false”></defaultProxy>
 </system.net>

As always test in your environment before deploying into production.

AADConnect Troubleshooting – https://azure.microsoft.com/en-gb/documentation/articles/active-directory-aadconnect-troubleshoot-connectivity/ (Accessed 16/05/2016)

 

 

 

Posted by markparris

Microsoft MVP - Enterprise mobility.

4 Comments

  1. Had the same issue mark, annoying and took some time to hunt down.

    Reply

  2. […] articles that matched the same error. The first one I went to was by Mark Parris. His blog post (available here) had all the makings of a solution. I followed those instructions to try and resolve my […]

    Reply

  3. Jakob Kvistgaard April 24, 2017 at 11:12 am

    Thanks, this fixed my issue as well

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s