samba - Jun 2022 - Azure AD Sync not working

Hi, 

I'm trying to sync my local samba AD to azure AD, but I'm running into
an issue with password hash synchronization.
The users sync task works well,but the password hash sync task is always marked
"Active" on the interface but never finishes
I'm following this guide : [ https://wiki.samba.org/index.php/Azure_AD_Sync
| https://wiki.samba.org/index.php/Azure_AD_Sync ] with samba 4.13.13
Does someone have any pointers on where and what to do to diagnose the issue,
I'm not seeing any logs
Also, I'm not sure anyone has managed to sync passwords, so even a
"Password sync works for me" answer would be a huge help.

Thanks a lot 
Arthur

I've updated the azure AD connect client and now have some logs in the event
viewer :
Password hash synchronization failed for domain: samdom.contoso.com, domain
controller hostname: ad1.samdom.contoso.com, domain controller IP address:
X.X.X.X. Details:
Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException:
RPC Error 8420 : The naming context could not be found. There was an error
calling _IDL_DRSGetNCChanges.
at
Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.OnReplicateSingleObject(DsName
directoryName)
at
Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.ReplicateSingleObject(Guid
objectGuid, String distinguishedName)
at
Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.<>c__DisplayClass55_0.<BuildPasswordBatch>b__1(IDrsConnection
c)
at
Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1
operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at
Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.BuildPasswordBatch(IEnumerable`1
changeObjects, IList`1& passwordChanges, IList`1& retryObjects)
at
Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.BuildPasswordBatch(IList`1
changeSetObjects)
at
Microsoft.Online.PasswordSynchronization.DeltaSynchronizationTask.SynchronizeCredentialsToCloud()
at
Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at
Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at
Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext
syncExecutionContext)


It seems there are some other people who have the RPC Error 8420, but I
don't see any solutions, is there anyone who already had this issue ?
Thanks a lot 
Arthur 


De: "arthur toussaint" <arthur.toussaint at wandercraft.eu> 
?: "samba" <samba at lists.samba.org> 
Envoy?: Jeudi 23 Juin 2022 11:03:00 
Objet: Azure AD Sync not working 

Hi, 

I'm trying to sync my local samba AD to azure AD, but I'm running into
an issue with password hash synchronization.
The users sync task works well,but the password hash sync task is always marked
"Active" on the interface but never finishes
I'm following this guide : [ https://wiki.samba.org/index.php/Azure_AD_Sync
| https://wiki.samba.org/index.php/Azure_AD_Sync ] with samba 4.13.13
Does someone have any pointers on where and what to do to diagnose the issue,
I'm not seeing any logs
Also, I'm not sure anyone has managed to sync passwords, so even a
"Password sync works for me" answer would be a huge help.

Thanks a lot 
Arthur

Hi


Am 23.06.22 um 11:03 schrieb Arthur Toussaint via samba:
> Hi,
>
> I'm trying to sync my local samba AD to azure AD, but I'm running
into an issue with password hash synchronization.
> The users sync task works well,but the password hash sync task is always
marked "Active" on the interface but never finishes
> I'm following this guide :
[https://wiki.samba.org/index.php/Azure_AD_Sync 
|https://wiki.samba.org/index.php/Azure_AD_Sync  ] with samba 4.13.13
> Does someone have any pointers on where and what to do to diagnose the
issue, I'm not seeing any logs
> Also, I'm not sure anyone has managed to sync passwords, so even a
"Password sync works for me" answer would be a huge help.
Password sync? has been working for almost one year, with the config you 
mention above, but it stopped working some month ago (without any change 
on the samba side)
We did not manage to trace it down up to now

Regards

Hansj?rg

> Thanks a lot
> Arthur