Skip to main content

Error - AttributeValueMustBeUnique in Azure AD connect sync



My customer had already created accounts in office 365 and managing them in Azure, however due to some changes in business they wanted to sync AD with Azure to sync Password and Manage Identity form AD.

 Solution - Deploy Azure AD connect on ADDC, and post that it will do a Soft Match.

 However there were error with some users, their identities did not sync and their status still reflected as Azure AD.

 Error - 

 Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:user@domain.com;].  Correct or remove the duplicate values in your local directory.  Please refer to http://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values.

 Tracking Id: b8367c95-ae67-46e1-xxxx-xxxxxxxxxx
ExtraErrorDetails:
[{"Key":"ObjectId","Value":["cd088468-bb6a-40f9-xxxx-xxxxxxxxxx"]},{"Key":"ObjectIdInConflict","Value":["d7e8405c-54d5-41c6-xxxx-xxxxxxxxxxx"]},{"Key":"AttributeConflictName","Value":["ProxyAddresses"]},{"Key":"AttributeConflictValues","Value":["SMTP:user@domain.com"]}]


 I tried to do a Hard match following the article - https://blogs.technet.microsoft.com/praveenkumar/2014/04/11/how-to-do-hard-match-in-dirsync/ 

 This did not helped 

 From the Azure AD connect health wizard took Object ID of On-Prim AD  and tried to Map it against the Azure user 

 Set-MsolUser -UserPrincipalName user@domain.com -objectId "1xxxxxxxxxxxxxxxxx=="

 Ran the Azure AD connect sync - Did not helped
From the same place (AAD connect health page took Source Anchor
of AD object and Tried to map it 

 Set-MsolUser -UserPrincipalName user@domain.com -ImmutableId "1xxxxxxxxxxxxxxxxx=="

 This time it was successful 

Comments

Post a Comment

Popular posts from this blog

Error - QuarantinedAttributeValueMustBeUnique

Case History. 1. Client already had users created in office 365 2. Client wanted to setup SSO for office 365 users Approach for requirement fullfilment   1. Deployed and configured Azure AD connect      95% users were synced and soft match was successfully done  5% users were getting error - QuarantinedAttributeValueMustBeUnique  (to view the sync issues -  https://aad.portal.azure.com/#blade/Microsoft_Azure_ADHybridHealth/AadHealthMenuBlade/SyncErros )  When we checked 2 users were found under Active users  1. one in Cloud (this was created earlier/ already existed ) with active licenses and Mailbox 2. one unlicensed synced with AD Solution - 1. Delete the unwanted user in Azure or AD as per this document.  https://blogs.msdn.microsoft.com/hkong/2017/03/23/how-to-fix-attributevaluemustbeunique-error-message-when-trying-to-sync-an-object-from-on-premises-active-directory-to-office-365/ ...
Post a Comment
Read more

Microsoft office 365 product shows as not activated after few days.

Solution Opened CMD Navigated to Path - cd C:\Program Files (x86)\Microsoft Office\Office16\14\15 To view the installed product key, execute cscript ospp.vbs /dstatus To uninstall an installed product key, execute cscript ospp.vbs /unpkey:XXXXX Replace the XXXXX with the last five character of the currently installed product key (found in step 3). Last 5 digits only To activate Office with the new product key, execute cscript ospp.vbs /act
2 comments
Read more