Troubleshooting Guide: Active Directory (AD) Sync Issues

Active Directory (AD) Sync is a crucial component for seamless integration between the platform and Microsoft Azure Active Directory (AD). However, issues may arise that hinder this synchronization process.

Problem: Error Message -"The Connection Failed"

Follow these Troubleshooting Steps to Effectively Diagnose and Resolve AD Sync issues:

Step 1: Credentials Verification

  • Action: Verify that the Application (client) ID, Directory (tenant) ID, and Client Secret entered in the platform match exactly with those in the Azure portal.
  • Outcome: Ensures correct authentication between the platform and Azure AD.

Step 2: Client Secret Expiry

  • Action: Check if the client secret has expired in the Azure portal and renew it if necessary.
  • Outcome: Prevents authentication failures due to an expired client secret.

Step 3: API Permissions

  • Action: Confirm that the "Directory.Read.All" application permission is granted in the Microsoft Graph API settings and that admin consent is given.
  • Outcome: Ensures the necessary permissions are granted for data synchronization.

Step 4: Tenant Selection

  • Action: Verify that the correct Azure AD tenant is selected for use with the Security Awareness Platform.
  • Outcome: Ensures synchronization is performed with the intended Azure AD tenant.

Step 5: Group ID Configuration

  • Action: If using Active Directory Group Sync, ensure the Group's Object ID is correctly entered in the sync configuration.
  • Outcome: Ensures accurate mapping and synchronization of AD groups.

Further Actions to Consider:🧐⚒

  1. Permission Check
  • Action: Double-check that all necessary permissions, including "Directory.Read.All", have been granted in the Azure portal and that admin consent has been given.
  • Outcome: Ensures comprehensive permission settings for successful synchronization.
  1. Credentials Re-verification
  • Action: Revisit the Application (client) ID, Directory (tenant) ID, and Client Secret in the Azure portal to ensure they match exactly with what's entered in the platform.
  • Outcome: Eliminates potential discrepancies in credential configuration.
  1. Client Secret Validity
  • Action: Verify that the Client Secret has not expired in the Azure portal.
  • Outcome: Prevents authentication failures due to an expired client secret.
  1. Tenant Consistency
  • Action: Ensure that the Azure AD tenant used for synchronization is consistent with the one configured in the platform.
  • Outcome: Prevents synchronization issues caused by mismatched tenants.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles