Forum Discussion
Azure AD Connect Failed Automatic Upgrade 1.6.16.0 to 2.1.16.0
After opening a ticket on August 15th with Azure AD technical support, September 12th, I was informed that my issue was out of scope and would not be supported. We manage two forests and the sync servers are on the same network in this example. One server automatically upgraded without issue. One did not. Reviewing the logs, the software upgrade failed on enumerating the local administrator group. Support decided that was an on premise issue, assuming it was a change in our environment, and no further help was forthcoming. While disappointed by this decision, we continued to work the issue and started over again.
Looking at the local administrator group, we determined there was a security group that was a member from the other forest via trust. This group had been part of the local administrator group since June 2018. Removing this group from the server's local administrator group allowed Azure AD Connect to install on a new server and upgrade on the other server after a swing migration process.
If you see an error with group enumeration, consider stripping groups or reviewing membership of the group generating the error.
Thanks for the suggestions, we really appreciate the community feedback and investigated them as possible solutions.
After opening a ticket on August 15th with Azure AD technical support, September 12th, I was informed that my issue was out of scope and would not be supported. We manage two forests and the sync servers are on the same network in this example. One server automatically upgraded without issue. One did not. Reviewing the logs, the software upgrade failed on enumerating the local administrator group. Support decided that was an on premise issue, assuming it was a change in our environment, and no further help was forthcoming. While disappointed by this decision, we continued to work the issue and started over again.
Looking at the local administrator group, we determined there was a security group that was a member from the other forest via trust. This group had been part of the local administrator group since June 2018. Removing this group from the server's local administrator group allowed Azure AD Connect to install on a new server and upgrade on the other server after a swing migration process.
If you see an error with group enumeration, consider stripping groups or reviewing membership of the group generating the error.
Thanks for the suggestions, we really appreciate the community feedback and investigated them as possible solutions.