Active Roles Sync Service Unknown error (0xc0000008) received when syncing objectSID to sidHistory
说明
Active Roles Sync Service is failing to sync the objectSID to sidHistory and is returning the following error.
"Failed! ActiveRoles.SyncService.Connectors.AdConnector.ExportSpecialAttributesModificationStrategy.ModifyObject System.ApplicationException: Cannot write sidHistory value for the following object: CN=USER,OU=Users,DC=domain,DC=com ---> System.ServiceModel.FaultException: Unknown error (0xc0000008)"
OR
"Failed to apply operation ActiveRoles.SyncService.Server.OperationAppliers.ApplyOperationHelper.ApplyOperation ActiveRoles.SyncService.Connectors.AdConnectorBase.AdConnectorBaseException: An error occurred while modifying the object 'User' ---> System.ServiceModel.FaultException: Unknown error (0xc0000008)"
原因
Mismatching certificate enforced between Active Roles Synchronization Service server and Capture Agent in the target Domain Controller.
解决办法
WORKAROUND Make sure the same certificate is being enforced via Group Policy Object between the servers.