Forum Discussion

Don_Vlogeer's avatar
Don_Vlogeer
Brass Contributor
Apr 12, 2023

unable to run Update-AzureADSSOForest

Dear All, 

 

We encounter an issue with update-azureadssoforest it prompt below errro, need help 

 

Update-AzureADSSOForest : one or more error occurred。
所在位置 行:1 字符: 1
+ Update-AzureADSSOForest
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Update-AzureADSSOForest], AggregateException
+ FullyQualifiedErrorId : System.AggregateException,Microsoft.KerberosAuth.Powershell.PowershellCommands.UpdateAzureADSSOForestCommand

  • Don_Vlogeer's avatar
    Don_Vlogeer
    Brass Contributor
    Runnin through a netmon log and figured out there as an connectivity issue with one of the url. after enabling the port 443, things started to roll
  • LainRobertson's avatar
    LainRobertson
    Silver Contributor

    Don_Vlogeer 

     

    Hi, Don.

     

    I'd recommend reading the following two articles as there's not enough information in the error you've provided to guide us:

     

     

    I've bookmarked the second article on the process for rotating the Kerberos decryption key as that's related to the first article, but you should probably read the whole article.

     

    Also pay particular attention to the information call-outs (both articles have these call-outs) that discuss things to look out for in relation to the Active Directory domain administration account (included in the picture below for ease of reference) used with the call to Update-AzureADSSOForest, as not adhering to these will also result in a Kerberos error:

     

     

    Cheers,

    Lain

Resources