Articles Comments

Kicekpicek's online place » Uncategorized » Password Write-back enabling error.

Password Write-back enabling error.

Just to remember… or have a place to find Uśmiech

Error related with the following from PowerShell:

PS C:\Windows\system32> Enable-OnlinePasswordWriteBack -LocalADCredential (get-credential "PREDICA\Admin") -AzureADCredential (Get-Credential admin@testlab.onmicrosoft.com)
Enable-OnlinePasswordWriteBack : Server detected an invalid configuration (Error HRESULT E_FAIL has been returned from a call to a COM component.). AAD Password reset
configuration may be in an invalid state. Try removing the configuration.
At line:1 char:1
+ Enable-OnlinePasswordWriteBack -LocalADCredential (get-credential "PREDICA\Admin …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (Microsoft.Onlin…sswordWriteBack:EnableOnlinePasswordWriteBack) [Enable-OnlinePasswordWriteBack], CmdletInvocationExce
   ption
    + FullyQualifiedErrorId : 400,Microsoft.Online.Coexistence.PS.Config.EnableOnlinePasswordWriteBack

image

In Event Log:

System.Management.Automation.CmdletInvocationException: Server detected an invalid configuration (Error HRESULT E_FAIL has been returned from a call to a COM component.). AAD Password reset configuration may be in an invalid state. Try removing the configuration. —> System.ApplicationException: Server detected an invalid configuration (Error HRESULT E_FAIL has been returned from a call to a COM component.). AAD Password reset configuration may be in an invalid state. Try removing the configuration.
   at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
   — End of inner exception stack trace —
   at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
   at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)

Resolution

Check if DNS correctly resolves ssprsbprodncu.servicebus.windows.net and ssprsbprodncu-sb.accesscontrol.windows.net names.

If not – you have to fix your name resolution to correctly resolve those. Verify accessing ‘https://ssprsbprodncu-sb.accesscontrol.windows.net/WRAPv0.9/’.

Without this, enabling password write-back would not be successful.

image

Profile photo of kicekpicek

Written by

Filed under: Uncategorized

Leave a Reply

*

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
Skip to toolbar