We were trying to set up the User Profile Synchronization service application and created the synchronization connection.
Please refer to the blog posted by Harber on UPS- This is a very good article and you should read this to have a successful UPS service application configured.
This is the error reported in the event log.
Log Name: Application
Source: FIMSynchronizationService
Date: 9/23/2010 10:17:02 AM
Event ID: 6050
Task Category: (1)
Level: Error
Keywords: Classic
User: N/A
Computer: MOSSSERVER
Description:
The management agent "MOSSAD-MOSSSERVER Connection" failed on run profile "DS_DELTAIMPORT" because of connectivity issues.
Additional Information
Discovery Errors : "0"
Synchronization Errors : "0"
Metaverse Retry Errors : "0"
Export Errors : "0"
Warnings : "0"
Resolution:
Make sure that the Service Account you used to run the Forefront Identity Manager Synchronization Service(FIMSynchronizationService) has the Active Directory Secuiry Rights for “ Replicating Directory Changes”.
1.Open the Active Directory Users and Computers snap-in
2.On the View menu, click Advanced Features.
3.Right-click the domain object, such as “company.com”, and then click Properties.
4.On the Security tab, if the desired user account is not listed, click Add; if the desired user account is listed, proceed to step 7.
5.In the Select Users, Computers, or Groups dialog box, select the desired user account, and then click Add.
6.Click OK to return to the Properties dialog box.
7.Click the desired user account.
8.Click to select the Replicating Directory Changes check box from the list.
9.Click Apply, and then click OK.
10.Close the snap-in.
NOTE: Group “Domain Admins” already has the above right however if you are still seeing this issue add the service account explicitly to the AD Security
No comments:
Post a Comment