- Новый стандартный контроллер домена Server 2019
- Брандмауэр Win отключен
- AV не установлен
- Пропускает все тесты, выполненные в сценарии тестирования подключения. https://gallery.technet.microsoft.com/scriptcenter/Azure-AD-Connect-Network-150c20a3
- Может соединяться с LDP.exe через порт 389 без проблем
- Пользователь домена является членом администраторов домена, администраторов схемы, администраторов предприятия.
- O365 - учетная запись администратора клиента. без проблем с паролем
- AD Syn c служба запускается и работает без проблем
- UA C отключена
- DNS указывает на локальный IP-адрес локальной сети, имя домена разрешается внутренне и внешне
- удалили все локальные файлы и SQL базы данных и переустановили AD syn c, та же проблема
ОШИБКА
[21:40:54.947] [ 18] [VERB ] ServiceControllerProvider: Initial service status: Stopped
[21:40:54.947] [ 18] [VERB ] ServiceControllerProvider: Starting service and waiting for completion.
[21:40:55.457] [ 18] [INFO ] ServiceControllerProvider: StartService status: Running
[21:40:55.465] [ 18] [ERROR] PerformConfigurationPageViewModel: Caught exception while installing synchronization service.
Exception Data (Raw): System.Exception: Unable to install the Synchronization Service. The server could not be contacted. | The LDAP server is unavailable. Please see the Application and System event logs for additional details. ---> System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
at System.DirectoryServices.Protocols.LdapConnection.Connect()
ОШИБКА
AzureActiveDirectorySyncEngine Verbose: 903 : CreateBootstrapService:
AzureActiveDirectorySyncEngine Verbose: 903 : TryStopAndDeleteBootstrapService.
AzureActiveDirectorySyncEngine Verbose: 903 : StopAndDeleteBootstrapService.
AzureActiveDirectorySyncEngine Verbose: 903 : StopAndDeleteBootstrapService completed successfully.
AzureActiveDirectorySyncEngine Verbose: 903 : CreateBootstrapService: EventLog.CreateEventSource caught expected exception. Details System.ArgumentException: Source ADSyncBootstrap already exists on the local computer.
at System.Diagnostics.EventLog.CreateEventSource(EventSourceCreationData sourceData)
at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SynchronizationServiceSetupTask.CreateBootstrapService(SyncServiceAccount syncServiceAccount)
AzureActiveDirectorySyncEngine Verbose: 903 : CreateBootstrapService: completed successfully.
AzureActiveDirectorySyncEngine Verbose: 903 : GetPrincipal: MachineName = IQMS-DCFS01 DomainName = 10100154, isLocalMachineAccount=False, isDomainController=True, IsManagedServiceAccount=False.
AzureActiveDirectorySyncEngine Error: 906 : SynchronizationServiceSetupTask:InstallCore - Caught unexpected exception. Details System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
at System.DirectoryServices.Protocols.LdapConnection.Connect()
at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
--- End of inner exception stack trace ---
at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name)
at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.SyncServiceAccount.GetPrincipal(Boolean isDomainController, AccountManagementAdapter localAccountManagementAdapter, AccountManagementAdapter& domainAccountManagementAdapter)
at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.SyncServiceAccount.ResolveSid(Boolean isDomainController)
at Microsoft.Azure.ActiveDirectory.Synchronization.Setup.SynchronizationServiceSetupTask.InstallCore(String logFilePath, String logFileSuffix)
AzureActiveDirectorySyncEngine Error: 906 : SyncServiceAccount:RemoveAccountRights - no SidString available
AzureActiveDirectorySyncEngine Verbose: 901 : >>> RegistryAdapter::SetBooleanValue(HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\services\ADSync\Parameters, LocalDBKeepAlive, False)
AzureActiveDirectorySyncEngine Verbose: 902 : <<< RegistryAdapter::SetBooleanValue
AzureActiveDirectorySyncEngine Verbose: 903 : RestartBootstrapService:
AzureActiveDirectorySyncEngine Verbose: 903 : RestartBootstrapService: completed successfully.
AzureActiveDirectorySyncEngine Error: 906 : The server could not be contacted.