Azure – DirSync

How to waste an entire afternoon!

Finally got AAD Connect installed at a Canberra government department.


remove any inspection on





  fixed proxy: proxy must allow





then created a  globaladmin account  in AAD to use for the dirsynch, made him a subscription admin for good measure.


oh.. and on the on-premises box, the Local Policy on the box to grant run as a service.. check if Group Policy is blocking that...

Hmm..  Got failures on the setup of AAD Connect. Grrr…


THEN as per 

Had to alter the machine.config etc. to have the proxy settings. Still no go. GRR...


AND the very last thing to get it all working

    netsh winhhtp import proxy ie


now run the AAD Connect installer and it (finally) completes. Yay!


One last gotcha - password Sync was not working. Hmmm..

Turns out the account did not have appropriate AD rights, so got them to fix that.

Yay! All now works as desired.


A colleague bitten too:

"Turns out the account we were using to install the AAD connect tool wasn’t Enterprise Admin even though the service account was."


Comments (1)
  1. heythere says:


Comments are closed.

Skip to main content