Troubleshooting Workspace synctool
While installing the Workspace365 Synctool you might run in to some error code in the log files.
- Requirements
- API Endpoint or resource id was not found
- Server refused to authenticate client, check if API is enabled and authentication token is correct
- Firstname and Lastname are required
- The remote server returned an error: (400) Bad Request
- System.TimeoutException: Failed to make the request within '00:01:40'.
- Sync tool old version, new application
- API server failed with internal error
- Test connection failed! Please check AAD configuration settings!
Requirements:
Microsoft Online Services Sign-In Assistant
https://www.microsoft.com/en-us/download/details.aspx?id=28177
Install PowerShell 5.0
Install module in PowerShell 5.0:
"install-module Azure"
"install-module AzureRm"
An active Azure subscription is required.
- Go to the Sync tool Files
- Click on Logs
"API Endpoint or resource id was not found"
018-08-16 16:42:00.689 ActiveDirectoryToWorkspaceSyncTool.ActiveDirectory.NotificationService - Error during W365 notification
ActiveDirectoryToWorkspaceSyncTool.ActiveDirectory.NotificationService.A(:0) (null)
NDAW.AdSyncApi.Client.Exceptions.NotFoundException: API Endpoint or resource id was not found
The error explains that some information that was put in is invalid.
This issue could be solved by checking the following:
"Server refused to authenticate client, check if API is enabled and authentication token is correct"
NotificationService - Error during W365 notification
NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(:0) (null)
NDAW.AdSyncApi.Client.Exceptions.AuthenticationException: Server refused to authenticate client, check if API is enabled and authentication token is correct
The error explains that there is no connection between the Synctool and Workspace.
This issue could be solved by checking the following:
The Workspace site URL
API Token
Environment name
The environment name has to be set, this can be found after the /.
Example: portal.workspace365.net/"john"
"Firstname and Lastname are required"
NDAW.AdSyncApi.Client.Exceptions.ServerValidationException: Server
validation failed: FirstName:This field is required, LastName:This field is requiredTh
The error explains that the workspace synctool is trying to synchronize a user without a first and last name assigned to them in azure. Fix this by making sure all users have a first and last name assigned to them.
"The remote server returned an error: (400) Bad Request."
ActiveDirectoryToWorkspaceSyncTool.AzureAD.Exceptions.AzureAdParsedDataServiceException - Exception parsing failed
ActiveDirectoryToWorkspaceSyncTool.AzureAD.Exceptions.AzureAdParsedDataServiceException.Parse(:0) (null)
System.Net.WebException: The remote server returned an error: (400) Bad Request.
at System.Net.WebClient.DownloadDataInternal(Uri address, WebRequest& request)
at System.Net.WebClient.DownloadData(Uri address)
at ActiveDirectoryToWorkspaceSyncTool.AzureAD.GraphQuery.AzureAdGraphQuery.A()
2020-06-10 09:53:08.562 AzureAdParsedDataServiceException - Exception parsing failed
NDAW.AzureActiveDirectorySync.AzureAD.Exceptions.AzureAdParsedDataServiceException.Parse(:0) (null)
System.Net.WebException: The remote server returned an error: (400) Bad Request.
This happens when the Azure AD token that is stored in the sync database is not working (anymore). Probably because the sync token is expired OR you have copied the sync folder from customer A (already configured) to customer B.
- Always start a clean configuration for each customer
- On the sync tool VM/client place a blank sync tool configuration from where you can start the configuration for each customer.
Resolution:
- You can try to clear the cache (if its a new configuration).
- Delete the database from the database folder.
"System.TimeoutException: Failed to make the request within '00:01:40'."
2020-07-03 07:00:10.020 NotificationService - Error during W365 notification
NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(:0) (null)
System.TimeoutException: Failed to make the request within '00:01:40'.
at NDAW.AzureActiveDirectorySync.AzureAD.AzureAdDataService.<MakeRequestWithTimeoutAsync>d__20`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NDAW.AzureActiveDirectorySync.AzureAD.AzureAdDataService.MakeRequestWithTimeout[TResult](Func`2 request)
at NDAW.AzureActiveDirectorySync.AzureAD.AzureAdDataService.GetUserProfilePhoto(String userId)
at NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.ProcessProfilePicture(String activeDirectoryUserId, String email)
at NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(String userPrincipalName, CreateOrUpdateUserParameters createOrUpdateUserParameters)
Since the Azure AD Synctool version 3.0 we make use of the Microsoft Graph instead of the Azure AD Graph. This error is happening when you did update the sync tool application, but didn't update the permissions on the Azure AD App registration. Please read once more step 7
Sync tool old version, new application
Do you have a old version of the Sync tool, versions below 3.0? And the new way of creating the applications? The Sync tool wont work. You need to update the Sync tool to version 3.0.
To check the Sync tool version go to:
- Open de Synctool files
- Right click on the Configuration tool
- Click on Properties
- Click on Details
- File Version ...
If the File Version is lower then 3.0 click on the following link : Updating The sync tool
Follow the steps of the article.
API server failed with internal error
This happens when "Your workspace site url" contains illegal characters, e.g. spaces. Please make sure to remove these illegal characters. The workspace site url is the root url from the workspace, thus environment name excluded.
2020-08-27 11:47:42.886 NotificationService - Error during W365 notification
NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(:0) (null)
NDAW.AdSyncApi.Client.Exceptions.ServerException: API server failed with internal error
at NDAW.AdSyncApi.Client.Implementation.ActiveDirectorySyncApiClient.HandleErrors(HttpResponseMessage response)
at NDAW.AdSyncApi.Client.Implementation.ActiveDirectorySyncApiClient.CreateOrUpdateUser(CreateOrUpdateUserParameters parameters)
at NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(String userPrincipalName, CreateOrUpdateUserParameters createOrUpdateUserParameters)
"Test connection failed! Please check AAD configuration settings!"
Make sure the app registration information (tenant ID, object ID, etc.) is filled in correctly. If the same error remains, please delete and re-create the client app registration, explained in "Step 2. Create client application in Azure for the AD Synctool".