Feb 23 2018
08:17 AM
- last edited on
Jan 14 2022
05:26 PM
by
TechCommunityAP
Feb 23 2018
08:17 AM
- last edited on
Jan 14 2022
05:26 PM
by
TechCommunityAP
When configuring AAD Connect I get to the 'connect directories' stage, and it auto discovers my local AD/forest name, but when I click Add Directory, I enter the domain administrators credentials and get the message back saying:
"An error occured while auto creating an account in the forest <forestname>. AuthorizationManager check failed."
Here is the error trace:
[ERROR] Caught exception while creating synchronization account. Exception Data (Raw): System.Management.Automation.CmdletInvocationException: AuthorizationManager check failed. ---> System.Management.Automation.PSSecurityException: AuthorizationManager check failed. ---> System.Management.Automation.Host.HostException: A command that prompts the user failed because the host program or the command type does not support user interaction. The host was attempting to request confirmation with the following message: File C:\Program Files\Microsoft Azure Active Directory Connect\AdSyncConfig\AdSyncConfig.psm1 is published by CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US and is not trusted on your system. Only run scripts from trusted publishers. at System.Management.Automation.Internal.Host.InternalHostUserInterface.ThrowPromptNotInteractive(String promptMessage) at System.Management.Automation.Internal.Host.InternalHostUserInterface.PromptForChoice(String caption, String message, Collection`1 choices, Int32 defaultChoice) at Microsoft.PowerShell.PSAuthorizationManager.AuthenticodePrompt(String path, Signature signature, PSHost host) at Microsoft.PowerShell.PSAuthorizationManager.SetPolicyFromAuthenticodePrompt(String path, PSHost host, Exception& reason, Signature signature) at Microsoft.PowerShell.PSAuthorizationManager.CheckPolicy(ExternalScriptInfo script, PSHost host, Exception& reason) at Microsoft.PowerShell.PSAuthorizationManager.ShouldRun(CommandInfo commandInfo, CommandOrigin origin, PSHost host, Exception& reason) at System.Management.Automation.AuthorizationManager.ShouldRunInternal(CommandInfo commandInfo, CommandOrigin origin, PSHost host)
I'm not sure where else to look, as I'm using the current logged in user domain admin account on the same VM which has AD/DNS installed etc, so permissions shouldn't be an issue
Feb 26 2018 02:43 AM
SolutionI've solved this by manually installing the Microsoft certificate:
I hope this helps someone else
Feb 26 2018 02:43 AM
SolutionI've solved this by manually installing the Microsoft certificate:
I hope this helps someone else