+ Post New Thread
Results 1 to 1 of 1
Cloud Services Thread, DirSync will break when your Office 365 admin password expires in Technical; For those of you that have recently installed DirSync, be aware that the admin account that DirSync uses to authenticate ...
  1. #1

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    395

    DirSync will break when your Office 365 admin password expires

    For those of you that have recently installed DirSync, be aware that the admin account that DirSync uses to authenticate to Office 365 is not exempt from the password expiration policy. This means that in the default setup, DirSync will break 90 days after you first set up the admin account. Obviously if you have changed the password expiration policy, it will be longer (or shorter), but even lengthening it to the maximum of 730 days will only delay the inevitable.

    The error messages you get form it are also bloody useless and contain only obscure clues to what the problem is. The email you get from MicrosoftOnline.com only refers to this page which mentions nothing about password expiry. Meanwhile, the FIM UI reports a status of stopped-extension-dll-exception and Event Viewer only has this to say:

    An unknown error occurred with the Microsoft Online Services Sign-in Assistant. Contact Technical Support. GetAuthState() failed with -2147186688 state. HResult:0. Contact Technical Support. (0x80048831)
    Nice to know Microsoft are still world-leading in descriptive error messages, isn't it?

    How to fix it

    There's a detailed post about what to do about it here: Office 365 Service Accounts - How do I stop DIRSYNC from breaking every 90 days…

    Basically, you can use Powershell (because Microsoft apparently don't hire GUI designers any more) to flag a particular account to never expire the password. Use this on the admin account that DirSync uses and you are all set.

    Also, if anyone from Microsoft is reading this, any chance we could have this mentioned in the setup guides? Or the troubleshooting page? The above blog post is nearly 2 years old and still no-one has got around to putting it in the official documentation.

  2. Thanks to AngryTechnician from:

    pete (25th February 2014)

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 1
    Last Post: 1st April 2014, 01:15 PM
  2. [Video] Things to do in the office when your bored!
    By andrew_91090 in forum Jokes/Interweb Things
    Replies: 2
    Last Post: 1st March 2013, 10:26 AM
  3. Replies: 12
    Last Post: 4th July 2012, 04:13 PM
  4. AD time is 1 hour behind this morning - what will break when I fix it?
    By AngryTechnician in forum Windows Server 2008 R2
    Replies: 32
    Last Post: 3rd May 2011, 11:04 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •