John Yassa's Blog

Home » 2015 » May

Monthly Archives: May 2015

Unable to Sync Hash of users’ password with Azure AD using AAD Sync service

After downloading the new Microsoft Azure Active Directory Sync Services (AADSync tool) from the URL Download, i faced a very wired issue, all functions was working properly syncing to the cloud from on premise and also write back password was working fine except the Password synchronization to the cloud , it was not working at all  even after the full initial sync

I found the below event log in the application log

Log Name: Application
Source: Directory Synchronization
Date: 5/5/2015 12:50:50 PM
Event ID: 611
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: AADsyncserver1.xxxxxxx.com
Description:
Password synchronization failed for domain: xxxxxxx.com. Details:
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: xxxxxxx.com. Error: There was an error creating the connection context. —> Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. —> System.MissingMethodException: Method not found: ‘IntPtr System.Runtime.InteropServices.Marshal.GetFunctionPointerForDelegate(!!0)’.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnectionContext.CreateDrsHandle(Void* rpcBindingHandle, SafePointer<_SEC_WINNT_AUTH_IDENTITY_W> authHandle)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.EstablishConnection()
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.Connect()
at Microsoft.Online.PasswordSynchronization.RetryUtility.<>c__DisplayClass1.<ExecuteWithRetry>b__0()
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.CreateConnection()
at Microsoft.Online.PasswordSynchronization.RecoveryTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: xxxxxxx.com. Error: There was an error creating the connection context. —> Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. —> System.MissingMethodException: Method not found: ‘IntPtr System.Runtime.InteropServices.Marshal.GetFunctionPointerForDelegate(!!0)’.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnectionContext.CreateDrsHandle(Void* rpcBindingHandle, SafePointer<_SEC_WINNT_AUTH_IDENTITY_W> authHandle)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.EstablishConnection()
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.Connect()
at Microsoft.Online.PasswordSynchronization.RetryUtility.<>c__DisplayClass1.<ExecuteWithRetry>b__0()
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.CreateConnection()
at Microsoft.Online.PasswordSynchronization.RecoveryTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: xxxxxxx.com. Error: There was an error creating the connection context. —> Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. —> System.MissingMethodException: Method not found: ‘IntPtr System.Runtime.InteropServices.Marshal.GetFunctionPointerForDelegate(!!0)’.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnectionContext.CreateDrsHandle(Void* rpcBindingHandle, SafePointer<_SEC_WINNT_AUTH_IDENTITY_W> authHandle)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.EstablishConnection()
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.Connect()
at Microsoft.Online.PasswordSynchronization.RetryUtility.<>c__DisplayClass1.<ExecuteWithRetry>b__0()
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.CreateConnection()
at Microsoft.Online.PasswordSynchronization.RecoveryTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
.

xxxxxxx.com
Event Xml:
<Event xmlns=”http://schemas.microsoft.com/win/2004/08/events/event”&gt;
<System>
<Provider Name=”Directory Synchronization” />
<EventID Qualifiers=”0″>611</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime=”2015-05-05T09:50:50.000000000Z” />
<EventRecordID>15413</EventRecordID>
<Channel>Application</Channel>
<Computer>QinvestADSYNC01.xxxxxxx.com</Computer>
<Security />
</System>
<EventData>
<Data>Password synchronization failed for domain: xxxxxxx.com. Details:
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: xxxxxxx.com. Error: There was an error creating the connection context. —&gt; Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. —&gt; System.MissingMethodException: Method not found: ‘IntPtr System.Runtime.InteropServices.Marshal.GetFunctionPointerForDelegate(!!0)’.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnectionContext.CreateDrsHandle(Void* rpcBindingHandle, SafePointer&lt;_SEC_WINNT_AUTH_IDENTITY_W&gt; authHandle)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.EstablishConnection()
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.Connect()
at Microsoft.Online.PasswordSynchronization.RetryUtility.&lt;&gt;c__DisplayClass1.&lt;ExecuteWithRetry&gt;b__0()
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.CreateConnection()
at Microsoft.Online.PasswordSynchronization.RecoveryTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: xxxxxxx.com. Error: There was an error creating the connection context. —&gt; Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. —&gt; System.MissingMethodException: Method not found: ‘IntPtr System.Runtime.InteropServices.Marshal.GetFunctionPointerForDelegate(!!0)’.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnectionContext.CreateDrsHandle(Void* rpcBindingHandle, SafePointer&lt;_SEC_WINNT_AUTH_IDENTITY_W&gt; authHandle)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.EstablishConnection()
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.Connect()
at Microsoft.Online.PasswordSynchronization.RetryUtility.&lt;&gt;c__DisplayClass1.&lt;ExecuteWithRetry&gt;b__0()
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.CreateConnection()
at Microsoft.Online.PasswordSynchronization.RecoveryTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain: xxxxxxx.com. Error: There was an error creating the connection context. —&gt; Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. —&gt; System.MissingMethodException: Method not found: ‘IntPtr System.Runtime.InteropServices.Marshal.GetFunctionPointerForDelegate(!!0)’.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnectionContext.CreateDrsHandle(Void* rpcBindingHandle, SafePointer&lt;_SEC_WINNT_AUTH_IDENTITY_W&gt; authHandle)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.CreateConnectionContext(SourceDomainController sourceDomain)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.EstablishConnection()
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.Connect()
at Microsoft.Online.PasswordSynchronization.RetryUtility.&lt;&gt;c__DisplayClass1.&lt;ExecuteWithRetry&gt;b__0()
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
— End of inner exception stack trace —
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.OpenConnection(IDrsConnection connection)
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.CreateConnection()
at Microsoft.Online.PasswordSynchronization.RecoveryTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
.

xxxxxxx.com</Data>
</EventData>
</Event>

 

ِAfter a long time of troubleshooting and contacting Microsoft support here is what we got

Cause: Essential component required by the password sync engine was not installed; The generic version of “GetFunctionPointerForDelegate” only exists in .Net 4.5.1 and later

Resolution: Installing .net 4.5.2 and latest .net live updates.

 

Overview on Exchange 2016

The below is preliminary information and subject to change before the first release of Exchange server 2016

1- The Block Architecture:

In Exchange 2013 , there were 2 blocks (CAS – MBX) , these both blocks has been merged in Exchange 2016 , there is a single building block that provides the client access services and the high availability architecture necessary for any enterprise messaging environment.

1

The Mailbox server role now:

  1. Houses the logic to route protocol requests to the correct destination endpoint.
  2. Hosts all of the components and/or protocols that process, render and store the data.

No clients connect directly to the back-end endpoints on the Mailbox server; instead, clients connect client access services and are routed (via local or remote proxy) to the Mailbox server that hosts the active database that contains the user’s mailbox.

DAGs in Exchange Server 2016 do have a few specific enhancements:

  1. DatabaseAvailabilityGroupIpAddresses is no longer required when creating a DAG. By default, the failover cluster will be created without an administrative access point, as this is the recommended best practice.
  2. Replay Lag Manager is enabled by default.
  3. Lagged database copy play down can be delayed based on disk latency, thereby ensuring active users are not impacted.
  4. Database failovers times are reduced by 33% when compared to Exchange Server 2013.

Communication between servers still occurs at the protocol layer, effectively ensuring that every server is an island. For a given mailbox’s connectivity, the protocol being used is always served by the protocol instance that is local to the active database copy.

2

 

The load balancer configuration is also not affected by this architectural change. From a protocol perspective, the following will happen:

  1. A client resolves the namespace to a load balanced virtual IP address.
  2. The load balancer assigns the session to a Mailbox server in the load balanced pool.
  3. The Mailbox server authenticates the request and performs a service discovery by accessing Active Directory to retrieve the following information:
    1. Mailbox version (for this discussion, we will assume an Exchange 2016 mailbox)
    2. Mailbox location information (e.g., database information, ExternalURL values, etc.)
  4. The Mailbox server makes the decision to proxy the request or redirect the request to another Mailbox server in the infrastructure (within the same forest).
  5. The Mailbox server queries an Active Manager instance that is responsible for the database to determine which Mailbox server is hosting the active copy.
  6. The Mailbox server proxies the request to the Mailbox server hosting the active copy

3

 2- Search Improvements

One of the challenging areas for on-premises environment was the amount of data that was replicated with each database copy in previous releases. In Exchange Server 2016, we have reduced bandwidth requirements between the active copy and a passive copy by 40%. This was accomplished by enabling the local search instance to read data from its local database copy. As a result of this change, passive search instances no longer need to coordinate with their active counterparts in order to perform index updates.

Another area of investment in search has been around decreasing the length of time to return search results, especially in online mode clients like OWA. This is accomplished by performing multiple asynchronous disk reads prior to the user completing the search term, which populates the cache with the relevant information, providing sub-second search query latency for online mode clients.

 

3- Document Colloboration

In previous releases of Exchange, OWA included document preview for Office and PDF documents, reducing the need to have a full fidelity client. SharePoint had a similar feature, however it used the Office Web Apps Server to accomplish this capability. Within Office 365, we also leverage Office Web Apps Server to provide this capability, ensuring uniform document preview and editing capability across the suite.

In Exchange Server 2016, we leverage Office Web Apps Server to provide the rich document preview and editing capabilities for OWA. While this was a necessary change to ensure a homogenous experience across the Office Server suite, this does introduce additional complexity for environments that don’t have Office Web Apps Server.

 

4- Outlook Connectivity

Introduced in Exchange Server 2013 Service Pack 1, MAPI/HTTP is the new standard in connectivity for Outlook. In Exchange Server 2016, MAPI/HTTP is enabled by default. In addition, Exchange Server 2016 introduces per-user control over this connectivity model, as well as, the ability to control whether the protocol (and Outlook Anywhere) is advertised to external clients.

 

Topology Requirements

Exchange Server 2016 will only be supported on Windows Server 2012 R2 and Windows Server “10” operating systems.

From an Active Directory perspective, Exchange Server 2016 will require:

  • Windows Server 2008 R2 or later Active Directory servers.
  • Windows Server 2008 R2 or higher Forest Functional Mode and Domain Functional Mode.

Exchange Server 2016 will only support coexistence with Exchange Server 2010 SP3 RU11* and Exchange Server 2013 CU11* (*subject to change).

These are the main improvements and enhancements that exist in the new version of Exchange

Resources and more Information at : Exchange Team Blog & Exchange 2016 Ignite Video

How to monitor availability of your Azure datacenter

It is one of those days when you face connectivity issue with your Azure Virtual machines,  and you don’t know what is the problem

Now you can use the URL : http://azure.microsoft.com/en-in/status/#current

As per the below , you will find :

1- Refresh interval

2- Types of information (Good – Warning – Error – ………)

3- Location of the Datacenter (West Europe – East US – ……………)

4- The service (Storage – VM – …………..)

1

 

 

If you want to check the incident history , just go to History tab

You can check the old incidents related to any service , any data center or any time interval

2

 

Configure Auditing & Reporting for one drive for business

First thing you need to know that the Auditing and Reporting is not enabled by default

The below article will help you to enable both features on your One drive for business

What we will gain from Auditing and Reporting:

1- Shows all events where a user viewed content in this site

2- Shows all events that caused content in this site to be deleted or restored from the Recycle Bin

3- Shows all events that modified content types and lists in this site

 

Now lets see how can we enable these features:

1- Log in to your Office 365 Portal

2- Click One Drive as below

0

3- Now navigate to the gear icon and choose “Site Settings” as below

1

4- After the “Site Settings” page open , click on “Site Collection Features” under “Site Collection Administration” as below

2

 

5- Once the “Site Collection Features” page opened , scroll down to “Reporting” and then click “Activate” as below

3

6- Now got Back to the “Site Settings”  page as step 4 , you will find 2 new options appeared under “Site Collection Administration” which are “Site collection audit settings” and “Audit Log Reports” , now choose “Site collection audit settings” as below

Note: it is prefer to crate a folder under your one drive for business for the reports only

5

 

7- Now go back to “Site Settings” step 4 , and choose “Audit Log Reports” , the below page will open to you

6

8- Now you can choose any report you want to generate and press on it and the below page will appear to you

7

9- Press on OK , the below page will appear

8

10- Now press on “Click Here to view the report”, the report will be as below

9

11- Press on the “Report Data” tab , in the bottom of the Excel sheet to know more information (like who delete the file or folder)

10

 

Now if you share any file or folder with internal or external users , you will be able to know who deleted or modified your files and what actions has been taken on you shares

 

Sources: office 365 advisors

 

 

%d bloggers like this: