Azure AD Connect sync errors? Here’s the fix using IdFix

If you are a new admin to Microsoft 365 and Azure AD Connect or even an experienced admin, you may come across issues with synchronization from your on-premises server to Azure AD. You can view the sync errors from the “Synchronization Service Manager” on your server that is running Azure AD Connect. Below is the application window:

IdFix

These issues can come up as one of the following in the table below. The list was compiled from information at Easy365Manager, as it explains the errors you may encounter quite well.

ERROR ERROR TYPE DESCRIPTION EXAMPLE
character An attribute holds invalid characters Email address with trailing space e.g. “[email protected]
duplicate Two or more objects hold the same value in attribute expected to be unique A user and a group both have “smtp:[email protected]” in the proxyAddresses attribute
format An attribute holds a value that’s non-compliant with e.g. the SMTP address format A user has a trailing period e.g.”jane.doe.” in the mailNickname attribute
topleveldomain A user has a mail alias that’s non-routable A user is using the local non-routable AD domain name in a mail alias e.g. “[email protected]
domainpart Domain part (@ right-hand side) of mail address is invalid A user has “smtp:[email protected]” in the proxyAddresses attribute
domainpart_localpart Local part (@ left-hand side) of mail address is invalid A user has “smtp:jane [email protected]” in the proxyAddresses attribute
length An attribute violates the length constraint of the attribute value A user has a very long mail address value
blank An attribute with a not-null requirement is empty A user has a blank mailNickname
mailmatch Mail attribute mismatch (only applicable to Office 365 Dedicated) A user has an smtp alias with no valid match

Using IdFix

I have used the IdFix tool a number of times to fix synchronization errors. IdFix is a lightweight tool that can be downloaded from GitHub.

You need to take note of the requirements that can be found on the GitHub page. The list includes:

  • Operating Systems
  • Active Directory
  • Exchange Server
  • Permissions

What happens if you install this on a machine that does not meet the requirements? You need to have a minimum of 4GB of RAM, but if you, for example, install it on a machine that has a total of 1GB of RAM, performance using the IdFix tool will be hampered and will frustrate you. So please adhere to what the requirements are.

Prerequisites

To install IdFix, you will need to ensure that you have the following prerequisites installed:

  • Microsoft .NET Framework 4.5.2
  • Windows Installer 5.0

Once you launch the installer, you will see a window similar to the image below. Click on the install button to proceed:

IdFix

Take note of the Privacy Statement warning that comes up. If you have no problem with it, you can click OK. If not, quit the installer. Here is the window that appears:

When you run the IdFix tool, you will see a window similar to the one shown below. (Your version might be newer or older.)

IdFix

You can now click the Query button in the blue bar, and it will list all the issues. Once the query is complete, you will have an action drop-down next to each item to select what you want to do. Once you have made the changes and clicked on Apply, it should come back with a clean list, just like when you started. If you did make a mistake, you can always select the Undo button.

In 99% of cases where I have had to fix issues using IdFix, it works perfectly. You do get the 1% where you need to perform some other changes on accounts for them to synchronize properly and not give errors.

Last resort: Support ticket with Microsoft

Your Azure AD Connect Synchronization Service should be clean from errors to ensure that everything is in Azure AD and that you are not missing anything. If you are not sure about something that IdFix cannot resolve, you can always open a support ticket from the portal for Microsoft to assist.

One other thing to point out that can be helpful to you: Use the export button, which will export everything to a .CSV file for you to work with.

If you encounter issues with the tool, look at the FAQ on the GitHub page mentioned at the beginning of this article, It should answer the question or query you have.

On a final note, look at the errors supported by the IdFix tool as well. They are broken up into different sections.

Featured image: Shutterstock

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top