May 17 2018
08:53 AM
- last edited on
Jan 14 2022
05:24 PM
by
TechCommunityAP
May 17 2018
08:53 AM
- last edited on
Jan 14 2022
05:24 PM
by
TechCommunityAP
My customer rebooted his server and the Sync Service won't start, we discovered that service account is showing as Local Admin instead of the expected AAD_mmmmm. Has anyone seen this before, now why it would happen, or have a recommendation on the best way to fix?
TIA
May 21 2018 06:30 AM
I saw this but on old directory sync, The service account AAD_mmmm is created upon installation and is a domain user so you can reset the password but usually the password is rolled/controlled by AADC....
Repair installation is probably the best way to re-link this but I cant tell you why it happens.
May 21 2018 09:25 AM
Thanks, after troubleshooting for a few hours without being able to figure out what happened we decided to uninstall and reinstall and that fixed the problem.
May 21 2018 01:47 PM
Hello Dean,
Your course of action would have been my recommendation. The AAD_xxxxx account is a local account created by the AAD Connect Wizard. The password is complex and never known. Very strange that it was changed. I usually recommend my customers to create a service account to avoid these scenarios. Then, use the Custom install method and supply your new domain service account. You can also use it to read and/or write to your AD.
May 21 2018 07:42 PM
I had a very similar scenario after an update of AD Connect was installed.