Forum Discussion
Login with AzureAD Account sync instantly goes in "Error" state
DEV channelGA release
This is a user that is syncronized to Azure AD, but the source is Windows Server AD
Azure AD profile
Microsoftnidde nOrphf Thanks for your patience and apologies for delay in response here. I believe there are two topics in this thread
1. For accounts getting message of "Sync is not available for this account" - this is expected to show up when your account does not meet the pre-requisites needed for sync (for instance AAD premium accounts, correct configuration etc.) Please review the summary here - https://docs.microsoft.com/en-us/deployedge/microsoft-edge-enterprise-sync . This covers both the pre-requisites as well as configuration needed for sync to work.
2. There is a second bucket of errors reported where encryption management ran into error. This is expected to impact the account and thus will prevail on all devices (you should see crypto error on edge://sync-internals for this bucket). We are working on in-app control for users to reset their cloud data. However that is still further out. In the meantime, we are preparing and verifying a manual process allowing users to request deletion of their cloud data. I am hoping that we will be able to offer this manual set of instructions soon while we work on right long term solution in parallel.
Thanks again for your patience.
- Colleen_Williams
bandtank I'm sorry you've ben having such difficulties. I'm from the Edge team and would like to help. Can you e-mail me at collw (at) microsoftdotcom? We'll go from there. Thanks, Colleen
I've been having a similar issue and I documented it here. In short, none of the users in one of my tenants are able to sync via Edge. I'm seeing the following errors:
From edge://sync-internals:
Last Token Error EDGE_AUTH_ERROR: 3, 15, caa2000b and several of these:
Error: GenerateCryptoErrorsForTypes@../../components/sync/driver/data_type_manager_impl.cc:42, cryptographer error was encountered: From edge://signin-internals:
Error: Primary Error: kTokenRequestFailed, Secondary Error: kTokenFetchProviderError, Platform error: -895352821, hex:caa2000b, Error string: Error code: 0xcaa2000b, error message:AADSTS500014: The service principal for resource 'https://aadrm.com' is disabled. This indicate that a subscription within the tenant has lapsed, or that the administrator for this tenant has disabled the application, preventing tokens from being issued for it. Trace ID: <redacted> Correlation ID: <redacted> Timestamp: 2020-09-22 04:12:47Z I've tried every suggestion including filing a support ticket through Azure AD. Nothing has worked yet and it's becoming a large source of frustration.
MathiasR Hey there, i had this issue fixed last week for my account! Basically you need to contact the Microsoft Azure support team. This is a separate support area within the Microsoft Azure admin panel. See the screenshot i have attached, it should give you (or your Azure administrator) a good idea where to find this. I can confirm it was a data corruption issue in my case, and they had to wipe the data from my profile. From what i understand, the original data corrupting issue was resolved, but if your data is corrupt within your profile, it needs to be wiped manually.
akhator Hi there, I just found this thread, I too belong in bucket 2, sync fails for my work setup between Edge using my AAD account and I get that GenerateCryptoErrorsForTypes error.
Has a process been established to clear this? Other users in my organization can sync fine, so indeed something with just my account, I think.
Sure thing, will give it a try in the morning, however for some further color, I AM able to sync on my windows 10 1909 desktop using the same build (81.0.416.53) and account, however when I try and sync on our Windows 2016 RDS server, I get the error that I attached. But if I used a test account that has never synced before, I CAN sync on that same 2016 server. The behavior is mystifying, but clearly it isn't a client side network/proxy/config issue if I can sync with a new account, unless there is some profile specific file that is causing the issue.
I have a similar issue since the upgrade to the latest production build, but different error. I am able to sign in, however Sync is never able to connect. I can find no internet reference for the below error. Any idea what it means?
rror: Primary Error: kTokenRequestFailed, Secondary Error: kUserSwitch, Platform error: 1002, hex:3ea, Error string: UserSwitch {"Description":"Authentication was blocked because a user switch was detected. Old ID: '(pii)', new ID: '(pii)'.","ErrorCode":"1002","Tag":"96h1z"}- Bucket #2 here ;(
Looking forward to the workaround.
