SharePoint 2010: Errors while creating AD Sync connection on User Profile Service Application


In this blog we are going to see few common errors which we encounter while creating an AD Sync Connection in User Profile Service Application (UPA) and possible fix

 

Errors:“Unable to process create message” and “Unable to process put message”

Possible Fix:

  1. Stop UPSS (User Profile Sync Service)
  2. Make the following change on the App SharePoint Server
  3. Click Start –> Run –> GPEdit.msc \ Computer Configuration \ Windows \ Security Settings \ Local policies \ Security Options \ “Network security: LDAP client signing requirements”, set the parameter value on “None”
         (by default it will set to ‘Negotiate Signing’, details can be found on ‘Explain’ tab)
  4. Run “gpupdate /force” without quotes on command prompt
  5. Restart UPSS

 

And now you should be able to create the AD Sync connection successfully.

 

Error: “MOSS MA not found”

Possible fix: There could be many reasons on why this can come and this can be tricky to fix, in most of cases I usually try the following to fix this error:

 

  1. Stop UPSS
  2. Go to ‘Manage Service Applications’ page, select the User Profile Service Application and click ‘Permissions’ in the ribbon
  3. If you see the Farm Admin or the Service Account in here, remove and re-add with Full Control
  4. Once saved, now select ‘Administrators’ in the ribbon and do the same
  5. Restart UPSS, you should ideally be able to create a new AD Sync connection successfully.

 

This plan might sound silly, however this has helped me fix many of the cases!

 

Enjoy SharePointing!

Comments (7)

  1. Konnie says:

    Following the above steps did not allow me to create the Sync Connection.  

    Any other suggestions

  2. Billy says:

    Awesome Article. I was getting the "Unable to process create message" error. The fix worked perfectly for me. Thanks a lot.

  3. Thuy Nguyen says:

    Thank you, it does help on the "Unable to process put message" error

  4. Roy says:

    I have followed above steps.. But no luck 🙁

    We are using SP1 on sp 2010.

    I am trying to edit Ad Sync connection after changing the passowrd of AD Sync account. But not able to edit  connection.

    Getting Unable to process put message.

  5. Bjoern Graf says:

    I found that
    1) Stopping the whole User Profile Service Application and starting it again.
    2) Then starting the synchronization service worked fine.*

    *Though, before you start the synchronization service you’ll want to remove all Forefrontmanager certificates from the certificate store and remove the timerjob "ProfileSynchronizationSetupJob " from Central administration.

    brgs

    Bjorn

  6. Per says:

    I had the message "Unable to process put message" and this tutorial did the trick for me.

  7. Tushar Verma says:

    Of no use 🙁

Skip to main content