-
Title
Azure application is not created or updated -
Description
When trying to add a Microsoft Azure AD Connector on a Windows Server as a standalone (Workgroup) or Windows Server Azure Edition the following error is returned.
-
Cause
This issue has been identified as a defect in Active Roles, and it has been tracked under defect ID #695712.
-
Resolution
WORKAROUND
1 - Run the following PowerShell script on the server where the Sync Service is installed;
$cert = New-SelfSignedCertificate `
-Subject "CN=Active Roles Sync Service Azure AD Connector" `
-CertStoreLocation "Cert:\LocalMachine\My" `
-KeyAlgorithm RSA `
-KeyLength 2048 `
-HashAlgorithm SHA256 `
-KeyExportPolicy Exportable `
-KeyUsage DigitalSignature, KeyEncipherment `
-NotAfter (Get-Date).AddYears(10)2 - Export the certificate generated;
3 - Upload the exported certificate into the Microsoft Azure App created by the wizard. Log into Microsoft Azure portal | Microsoft Entra | App Registrations | All Applications | Active Roles Sync Service Azure AD Connector | Manage | Certificates & Secrets
4 - Copy the thumbprint of the certificate exported, Application (client) ID and Directory (tenant) ID;
5 - Paste those details into the Manual configuration on the connector wizard;
6 - Click test connection and finish once the successful message is shown;
STATUS
Our Active Roles Product Team is reviewing this defect for potential resolution in a future product release.
-
Change Request
695712