When utilizing the Sync Service Capture Agent Group Policy (GPO) to define a Connection Point to the Synchronization Service, the Capture Agent fails to connect to the Sync Service. The following error is observed in the caSvcCfg.xml file:
Can't process link to 'net.tcp://syncservicehost.domain.com/ActiveRoles.SyncService.Server/PasswordService': Could not connect to net.tcp://syncservicehost.domain.com/ActiveRoles.SyncService.Server/PasswordService. The connection attempt lasted for a time span of 00:00:01.0099426. TCP error code 10061: No connection could be made because the target machine actively refused it 10.250.1.121:808. No connection could be made because the target machine actively refused it 10.250.1.121:808
The Capture Agent caSvcCfg.xml file can be found in the following location on the Domain Controller:
When utilizing the Sync Service Capture Agent GPO .adm template to define a Connection Point, the connection defaults to using port 808. Port 808 is no longer utilized in the latest versions of the Sync Service, and has been replaced with port 15173.
This issue has been identified as a product defect and assigned the Defect ID 311713.
WORKAROUND
When specifying the Connection Point in the GPO, ensure port 15173 is defined, which will override the default of 808.
Example:
STATUS
Waiting for fix in a future release of Active Roles.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center