Kicekpicek's online place » Uncategorized » Password Write-back enabling error.
Password Write-back enabling error.
Just to remember… or have a place to find
Error related with the following from PowerShell:
PS C:\Windows\system32> Enable-OnlinePasswordWriteBack -LocalADCredential (get-credential "PREDICA\Admin") -AzureADCredential (Get-Credential admin@testlab.onmicrosoft.com)
Enable-OnlinePasswordWriteBack : Server detected an invalid configuration (Error HRESULT E_FAIL has been returned from a call to a COM component.). AAD Password reset
configuration may be in an invalid state. Try removing the configuration.
At line:1 char:1
+ Enable-OnlinePasswordWriteBack -LocalADCredential (get-credential "PREDICA\Admin …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Microsoft.Onlin…sswordWriteBack:EnableOnlinePasswordWriteBack) [Enable-OnlinePasswordWriteBack], CmdletInvocationExce
ption
+ FullyQualifiedErrorId : 400,Microsoft.Online.Coexistence.PS.Config.EnableOnlinePasswordWriteBack
In Event Log:
System.Management.Automation.CmdletInvocationException: Server detected an invalid configuration (Error HRESULT E_FAIL has been returned from a call to a COM component.). AAD Password reset configuration may be in an invalid state. Try removing the configuration. —> System.ApplicationException: Server detected an invalid configuration (Error HRESULT E_FAIL has been returned from a call to a COM component.). AAD Password reset configuration may be in an invalid state. Try removing the configuration.
at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
— End of inner exception stack trace —
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)
Resolution
Check if DNS correctly resolves ssprsbprodncu.servicebus.windows.net and ssprsbprodncu-sb.accesscontrol.windows.net names.
If not – you have to fix your name resolution to correctly resolve those. Verify accessing ‘https://ssprsbprodncu-sb.accesscontrol.windows.net/WRAPv0.9/’.
Without this, enabling password write-back would not be successful.
Filed under: Uncategorized