Forum Discussion

Dean_Gross's avatar
Dean_Gross
Silver Contributor
May 17, 2018

Service Account for AAD Connect Changed after reboot

My customer rebooted his server and the Sync Service won't start, we discovered that service account is showing as Local Admin instead of the expected AAD_mmmmm. Has anyone seen this before, now why it would happen, or have a recommendation on the best way to fix?

 

TIA

Azure Active Directory (AAD)

4 Replies

  • Mitch King's avatar
    Mitch King
    Iron Contributor
    May 21, 2018

    I saw this but on old directory sync, The service account AAD_mmmm is created upon installation and is a domain user so you can reset the password but usually the password is rolled/controlled by AADC....

    Repair installation is probably the best way to re-link this but I cant tell you why it happens.

    • Dean_Gross's avatar
      Dean_Gross
      Silver Contributor
      May 21, 2018

      Thanks, after troubleshooting for a few hours without being able to figure out what happened we decided to uninstall and reinstall and that fixed the problem. 

      • Josh Villagomez's avatar
        Josh Villagomez
        Icon for Microsoft rankMicrosoft
        May 21, 2018

        Hello Dean,

         

        Your course of action would have been my recommendation. The AAD_xxxxx account is a local account created by the AAD Connect Wizard. The password is complex and never known. Very strange that it was changed. I usually recommend my customers to create a service account to avoid these scenarios. Then, use the Custom install method and supply your new domain service account. You can also use it to read and/or write to your AD.

Resources