Azure Passthrough代理安装失败-从密码哈希切换到传递身份验证 [英] Azure Passthrough Agent install failed - switching from password hash to pass-through authentication
问题描述
你好
我的组织正在使用Azure AD Connect将我们的本地AD帐户与我们的Office 365邮箱同步.我们目前正在使用密码哈希身份验证,并希望切换为直通身份验证,但是安装了身份验证 代理失败.我还尝试过在另一台服务器上(以暂存模式)安装并获得相同的结果.
在日志文件末尾附近,我看到了一些错误,但是我不知道是什么原因引起的.我已经查看了有关防火墙问题的信息,并在aadap-portcheck.connectorporttest(点)msappproxy(点)net
[15:59:56.661] [ 9] [INFO]任务检查用于配置传递身份验证的先决条件"已成功完成
[15:59:56.661] [ 9] [VERB]执行任务安装Azure AD Passthrough身份验证连接器
[15:59:56.664] [20] [INFO]为以下项目执行升级代码的直接查找:Microsoft Azure AD Connect身份验证代理
[15:59:56.665] [20] [动词]通过升级代码获取已安装软件包的列表
[15:59:56.665] [20] [信息] GetInstalledPackagesByUpgradeCode {0c06f9df-c56b-42c4-a41b-f5f64d01a35c}:未找到注册产品.
[15:59:56.665] [20] [信息]确定Microsoft Azure AD Connect身份验证代理(0c06f9df-c56b-42c4-a41b-f5f64d01a35c)的安装操作
[15:59:56.665] [20] [信息]产品未安装Microsoft Azure AD Connect身份验证代理.
[16:00:07.243] [20] [错误]安装连接器时出错:System.Runtime.InteropServices.COMException(0x80070643):安装期间发生致命错误. (HRESULT的异常:0x80070643)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,IntPtr errorInfo)
at Microsoft.Online.Deployment.Framework.Providers.ProcessProvider.Execute(字符串域,字符串用户名,SecureString密码,字符串文件名,字符串参数,TimeSpan超时,布尔值waitForAllInstance,Int32 [] allowedExitCodes)
at Microsoft.Online.Deployment.Framework.Providers.ProcessProvider.Execute(字符串文件名,字符串参数,TimeSpan超时,Int32 [] allowedExitCodes)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
[16:00:07.244] [20] [INFO]任务安装Azure AD Passthrough身份验证连接器"已完成执行
[16:00:07.246] [ 9] [错误] Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthConfigurationException:安装期间发生致命错误. (来自HRESULT的异常:0x80070643)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
异常数据(原始):Microsoft.Online.Deployment.Framework.Workflow.WorkflowTaskException:任务安装Azure AD Passthrough身份验证连接器"失败. ---> Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthConfigurationException:
安装期间发生致命错误. (HRESULT的异常:0x80070643)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
---内部异常堆栈跟踪的结尾---
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTaskGroup.CheckTaskCompletion(Int32 currentTaskIndex)
[16:00:07.247] [ 9] [VERB]清理:开始清理任务安装Azure AD Passthrough身份验证连接器"
[16:00:07.248] [ 9] [VERB]任务安装Azure AD Passthrough身份验证连接器":未定义清理
[16:00:07.249] [ 9] [VERB]将任务配置Azure AD通过身份验证连接器"标记为已跳过
[16:00:07.250] [ 9] [VERB]回滚任务检查用于配置传递身份验证的先决条件
[16:00:07.250] [ 9] [VERB]任务检查配置传递身份验证的先决条件":未定义回滚
[16:00:07.250] [ 9] [INFO]任务部署Microsoft Azure AD Connect身份验证代理"已完成执行
[16:00:07.251] [11] [错误]任务无一例外失败
[16:00:07.251] [11] [VERB]清理:开始清理任务部署Microsoft Azure AD Connect身份验证代理"
[16:00:07.251] [11] [VERB]任务部署Microsoft Azure AD Connect身份验证代理":未定义清理
[16:00:07.251] [11] [VERB]将任务配置通过身份验证"标记为已跳过
[16:00:07.251] [11] [VERB]将任务设置DesktopSso启用"标记为已跳过
[16:00:07.251] [11] [INFO]任务更改登录方法"已完成执行
[16:00:07.286] [ 4] [错误]安装期间发生致命错误. (HRESULT的异常:0x80070643)
异常数据(原始):Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthConfigurationException:安装期间的致命错误. (HRESULT的异常:0x80070643)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
[16:00:07.292] [ 4] [INFO] MicrosoftOnlinePersistedStateProvider.Save:保存持久状态文件
[16:00:07.292] [ 4] [INFO] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection:从持久状态文件C:\ ProgramData \ AADConnect \ PersistedState.xml,isAddProtection更新文件保护:False
[16:00:07.294] [ 4] [INFO] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection:从持久状态文件C:\ ProgramData \ AADConnect \ PersistedState.xml,isAddProtection更新文件保护:True
[16:00:07.296] [ 4] [INFO] ConfigureSyncEngineStage.StartADSyncConfiguration:AADConnectResult.Status = Failed
[16:00:07.360] [ 1] [INFO] MicrosoftOnlinePersistedStateProvider.Save:保存持久状态文件
[16:00:07.360] [ 1] [INFO] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection:从持久状态文件C:\ ProgramData \ AADConnect \ PersistedState.xml,isAddProtection更新文件保护:False
[16:00:07.362] [ 1] [INFO] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection:从持久状态文件C:\ ProgramData \ AADConnect \ PersistedState.xml,isAddProtection更新文件保护:True
[16:18:10.293] [ 1] [INFO]在路径C:\ ProgramData \ AADConnect \ trace-20180531-155309.log中打开日志文件
感谢您的帮助.
您在进行的测试 https://aadap-portcheck.connectorporttest.msappproxy.net/是Azure AD应用程序代理连接器端口从蔚蓝的一面.确保端口和URL的可访问性 提到 对Azure Active Directory传递身份验证进行故障排除
[15:59:49.215] [ 9] [VERB]执行任务检查配置传递身份验证的先决条件
AzureADConnect.exe错误:0:端点的端口检查:'https://registration.msappproxy.net/'失败,出现异常'System.Net.Http.HttpRequestException:发生错误 在发送请求时.
根据错误代码,您似乎没有网络可访问性问题.
----------- -------------------------------------------------- -------------------------
如果此答案有帮助,请单击标记为答案" "或赞".要提供有关您的论坛体验的其他反馈,请单击 此处
Hello,
My organization is using Azure AD Connect to sync our on prem AD accounts with our Office 365 mailboxes. We are currently using password hash authentication and would like to switch to pass-through authentication, but the installation of the Authentication Agent fails. I have also tried installing on a different server (in staging mode) and get the same results.
Near the end of the log file I see some errors but I don't know what's causing it. I have gone through the info about firewall issues and I tried the port test at aadap-portcheck.connectorporttest (dot) msappproxy (dot) net and get all green checks. No other firewall blocks that I am aware of. Here is the relevant portion of the error log:
[15:59:49.215] [ 9] [VERB ] Executing task Check Pre-requisities for configuring pass-through authenticationAzureADConnect.exe Error: 0 : Port check for the endpoint: 'https://registration.msappproxy.net/' failed with exception 'System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The remote name could not be resolved: 'registration.msappproxy.net'
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthUtility.<IsHttpEndPointAccessibleAsync>d__6.MoveNext()'
[15:59:56.657] [ 14] [INFO ] Task 'Check Pre-requisities for configuring pass-through authentication' has finished execution
[15:59:56.661] [ 9] [INFO ] Task 'Check Pre-requisities for configuring pass-through authentication' finished successfully
[15:59:56.661] [ 9] [VERB ] Executing task Install Azure AD Passthrough authentication Connector
[15:59:56.664] [ 20] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Azure AD Connect Authentication Agent
[15:59:56.665] [ 20] [VERB ] Getting list of installed packages by upgrade code
[15:59:56.665] [ 20] [INFO ] GetInstalledPackagesByUpgradeCode {0c06f9df-c56b-42c4-a41b-f5f64d01a35c}: no registered products found.
[15:59:56.665] [ 20] [INFO ] Determining installation action for Microsoft Azure AD Connect Authentication Agent (0c06f9df-c56b-42c4-a41b-f5f64d01a35c)
[15:59:56.665] [ 20] [INFO ] Product Microsoft Azure AD Connect Authentication Agent is not installed.
[16:00:07.243] [ 20] [ERROR] Error installing the connector : System.Runtime.InteropServices.COMException (0x80070643): Fatal error during installation. (Exception from HRESULT: 0x80070643)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at Microsoft.Online.Deployment.Framework.Providers.ProcessProvider.Execute(String domain, String username, SecureString password, String filename, String arguments, TimeSpan timeout, Boolean waitForAllInstance, Int32[] allowedExitCodes)
at Microsoft.Online.Deployment.Framework.Providers.ProcessProvider.Execute(String filename, String arguments, TimeSpan timeout, Int32[] allowedExitCodes)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
[16:00:07.244] [ 20] [INFO ] Task 'Install Azure AD Passthrough authentication Connector' has finished execution
[16:00:07.246] [ 9] [ERROR] Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthConfigurationException: Fatal error during installation. (Exception from HRESULT: 0x80070643)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
Exception Data (Raw): Microsoft.Online.Deployment.Framework.Workflow.WorkflowTaskException: The task 'Install Azure AD Passthrough authentication Connector' has failed. ---> Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthConfigurationException: Fatal error during installation. (Exception from HRESULT: 0x80070643)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
--- End of inner exception stack trace ---
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTaskGroup.CheckTaskCompletion(Int32 currentTaskIndex)
[16:00:07.247] [ 9] [VERB ] Cleanup: Starting cleanup for task 'Install Azure AD Passthrough authentication Connector'
[16:00:07.248] [ 9] [VERB ] Task 'Install Azure AD Passthrough authentication Connector': No cleanup defined
[16:00:07.249] [ 9] [VERB ] Marking task 'Configure Azure AD Passthrough Authentication Connector' as Skipped
[16:00:07.250] [ 9] [VERB ] Rolling back task Check Pre-requisities for configuring pass-through authentication
[16:00:07.250] [ 9] [VERB ] Task 'Check Pre-requisities for configuring pass-through authentication': No rollback defined
[16:00:07.250] [ 9] [INFO ] Task 'Deploy Microsoft Azure AD Connect Authentication Agent' has finished execution
[16:00:07.251] [ 11] [ERROR] Task failed without an exception
[16:00:07.251] [ 11] [VERB ] Cleanup: Starting cleanup for task 'Deploy Microsoft Azure AD Connect Authentication Agent'
[16:00:07.251] [ 11] [VERB ] Task 'Deploy Microsoft Azure AD Connect Authentication Agent': No cleanup defined
[16:00:07.251] [ 11] [VERB ] Marking task 'Configure Passthrough Authentication' as Skipped
[16:00:07.251] [ 11] [VERB ] Marking task 'Setting DesktopSso enablement' as Skipped
[16:00:07.251] [ 11] [INFO ] Task 'Change Sign-In Method' has finished execution
[16:00:07.286] [ 4] [ERROR] Fatal error during installation. (Exception from HRESULT: 0x80070643)
Exception Data (Raw): Microsoft.Online.Deployment.PSModule.Utility.PassthroughAuthConfigurationException: Fatal error during installation. (Exception from HRESULT: 0x80070643)
at Microsoft.Online.Deployment.PSModule.Tasks.PassthroughAuth.InstallAADConnectAgent`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
[16:00:07.292] [ 4] [INFO ] MicrosoftOnlinePersistedStateProvider.Save: saving the persisted state file
[16:00:07.292] [ 4] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: False
[16:00:07.294] [ 4] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: True
[16:00:07.296] [ 4] [INFO ] ConfigureSyncEngineStage.StartADSyncConfiguration: AADConnectResult.Status=Failed
[16:00:07.360] [ 1] [INFO ] MicrosoftOnlinePersistedStateProvider.Save: saving the persisted state file
[16:00:07.360] [ 1] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: False
[16:00:07.362] [ 1] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: True
[16:18:10.293] [ 1] [INFO ] Opened log file at path C:\ProgramData\AADConnect\trace-20180531-155309.log
Thanks for assistance.
The test which you carried out at https://aadap-portcheck.connectorporttest.msappproxy.net/ is the availability of Azure AD Application Proxy Connector Ports from Azure side. Ensure the accessibility of the ports and URLs mentioned here from your Azure AD Connect server. Refer: Troubleshoot Azure Active Directory Pass-through Authentication
[15:59:49.215] [ 9] [VERB ] Executing task Check Pre-requisities for configuring pass-through authentication
AzureADConnect.exe Error: 0 : Port check for the endpoint: 'https://registration.msappproxy.net/' failed with exception 'System.Net.Http.HttpRequestException: An error occurred while sending the request.
As per error code it seems you aren’t having some network accessibility issues.
--------------------------------------------------------------------------------------
If this answer was helpful, click "Mark as Answer" or Up-Vote. To provide additional feedback on your forum experience, click here
这篇关于Azure Passthrough代理安装失败-从密码哈希切换到传递身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
