Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Azure AD Connect May 2018 Version Unable to Enumerate Domain (Domain & OU Filtering Page)

Iron Contributor

[19:01:23.051] [ 1] [INFO ] Page transition from "Domain/OU Filtering" [ConfigPartitionFilterPageViewModel] to "Error" [ErrorPageViewModel]
[19:01:23.071] [ 2] [ERROR] A terminating unhandled exception occurred.
Exception Data (Raw): System.AggregateException: A Task's exception(s) were not observed either by Waiting on the Task or accessing its Exception property. As a result, the unobserved exception was rethrown by the finalizer thread. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Online.Deployment.OneADWizard.UI.Controls.PartitionFiltering.LdapTreeviewItemViewModel.PopulateTreeviewItemView(TreeviewItemResults results)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.GetChildrenDirectoryObjects(AzureADSyncDirectory directory, String containerDistinguishedName, Boolean parentCheckState, Action`1 entryFound)
at Microsoft.Online.Deployment.OneADWizard.UI.Controls.PartitionFiltering.LdapTreeviewItemViewModel.StartQueryAndUpdateTreeview()
at System.Threading.Tasks.Task.Execute()
--- End of inner exception stack trace ---
---> (Inner Exception #0) System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Online.Deployment.OneADWizard.UI.Controls.PartitionFiltering.LdapTreeviewItemViewModel.PopulateTreeviewItemView(TreeviewItemResults results)
at Microsoft.Online.Deployment.Types.Providers.SyncEngineQueryProvider.GetChildrenDirectoryObjects(AzureADSyncDirectory directory, String containerDistinguishedName, Boolean parentCheckState, Action`1 entryFound)
at Microsoft.Online.Deployment.OneADWizard.UI.Controls.PartitionFiltering.LdapTreeviewItemViewModel.StartQueryAndUpdateTreeview()
at System.Threading.Tasks.Task.Execute()<---

[19:01:23.139] [ 1] [INFO ] Page transition from "Error" [ErrorPageViewModel] to "Error" [ErrorPageViewModel]
[19:02:04.304] [ 1] [INFO ] Opened log file at path C:\ProgramData\AADConnect\trace-20180518-190009.log

1 Reply
best response confirmed by Himanshu Singh (Iron Contributor)
Solution
we kept concentrating on permissions and child domains in the forest,
Then there were suggestions to create same accounts with the same names and creds in the child domains,
And Scripts to enumerate OU’s (Which I think I was one of the right things done) that’s where Microsoft sort a went out of suggestions…
 
However from my end I kept trying as it is my environment and my problem at the end of the day,
Bright side of looking at this was I could always try things as they clicked as issue was there,
However now I can reproduce this issue when required,
 
I figured that I have to spend time on this one to pinpoint the reason (a.k.a root cause) of the problem,
So I uninstalled – reinstalled or so to say kept trying everytime there was a new version out for AADConnect,
Now I have
            Prod Environment     – 2 AADConnect Servers Primary & Staging (So will move to full Sql)
            QA Environment        – 2 AADConnect Servers Primary & Staging (So moving to Full SQL will start from here)
            Test Environment      – 1 AADConnect Server (Primary only)
 
So with these many installations,  Only Prod Environment was giving issues,
So I started from the scratch simply when ahead with the fresh install after complete uninstall of AADConnect from Staging Server,
It failed at the same place/point I collected network traces again:
ERROR A terminating unhandled exception occurred.
Exception Data (Raw): System.AggregateException: A Task's exception(s) were not observed either by Waiting on the Task or accessing its Exception property.
As a result, the unobserved exception was rethrown by the finalizer thread. ---> System.NullReferenceException: Object reference not set to an instance of an object.
 
However this time I wanted to see what error matches/similar/points to the same thing in the AADConnect Trace log as well as the Network Trace,
So check and notice the 4 Characters that did match and letters “RefErr” highlighted below in the screenshot in both traces,
 
That was it!,
 
So it wasn’t the AADConnect, It was DNS App Partitions in our AD environment which were hosted on specific DC(s) only,
And when AADConnect was trying to enumerate these partitions it was getting an “REFERRAL ERROR”,
As the DC it was checking or trying to enumerate this partition on was not hosting this partition,
I added the DC’s(to host these DNS Apps Partitions)  were being contacted by AADConnect and BOOM that was it,
1 best response

Accepted Solutions
best response confirmed by Himanshu Singh (Iron Contributor)
Solution
we kept concentrating on permissions and child domains in the forest,
Then there were suggestions to create same accounts with the same names and creds in the child domains,
And Scripts to enumerate OU’s (Which I think I was one of the right things done) that’s where Microsoft sort a went out of suggestions…
 
However from my end I kept trying as it is my environment and my problem at the end of the day,
Bright side of looking at this was I could always try things as they clicked as issue was there,
However now I can reproduce this issue when required,
 
I figured that I have to spend time on this one to pinpoint the reason (a.k.a root cause) of the problem,
So I uninstalled – reinstalled or so to say kept trying everytime there was a new version out for AADConnect,
Now I have
            Prod Environment     – 2 AADConnect Servers Primary & Staging (So will move to full Sql)
            QA Environment        – 2 AADConnect Servers Primary & Staging (So moving to Full SQL will start from here)
            Test Environment      – 1 AADConnect Server (Primary only)
 
So with these many installations,  Only Prod Environment was giving issues,
So I started from the scratch simply when ahead with the fresh install after complete uninstall of AADConnect from Staging Server,
It failed at the same place/point I collected network traces again:
ERROR A terminating unhandled exception occurred.
Exception Data (Raw): System.AggregateException: A Task's exception(s) were not observed either by Waiting on the Task or accessing its Exception property.
As a result, the unobserved exception was rethrown by the finalizer thread. ---> System.NullReferenceException: Object reference not set to an instance of an object.
 
However this time I wanted to see what error matches/similar/points to the same thing in the AADConnect Trace log as well as the Network Trace,
So check and notice the 4 Characters that did match and letters “RefErr” highlighted below in the screenshot in both traces,
 
That was it!,
 
So it wasn’t the AADConnect, It was DNS App Partitions in our AD environment which were hosted on specific DC(s) only,
And when AADConnect was trying to enumerate these partitions it was getting an “REFERRAL ERROR”,
As the DC it was checking or trying to enumerate this partition on was not hosting this partition,
I added the DC’s(to host these DNS Apps Partitions)  were being contacted by AADConnect and BOOM that was it,

View solution in original post