Follow

Troubleshooting Workspace synctool

 

While installing the Workspace365 Synctool you might run in to some error code in the log files.

 

Requirements:

Microsoft SQL Server Compact 4.0
https://www.microsoft.com/en-US/download/details.aspx?id=17876
Microsoft Online Services Sign-In Assistant
https://www.microsoft.com/en-us/download/details.aspx?id=28177
Install PowerShell 5.0
Install module in PowerShell 5.0:
"install-module Azure"
"install-module AzureRm"
An active Azure subscription is required.

 

Check the Error/General Logs for more information of what problem you are facing.
  • Go to the Sync tool Files 
  • Click on Logs

 

 

"API Endpoint or resource id was not found"

018-08-16 16:42:00.689 ActiveDirectoryToWorkspaceSyncTool.ActiveDirectory.NotificationService - Error during W365 notification
 ActiveDirectoryToWorkspaceSyncTool.ActiveDirectory.NotificationService.A(:0) (null)
 NDAW.AdSyncApi.Client.Exceptions.NotFoundException: API Endpoint or resource id was not found

The error explains that some information that was put in is invalid.
This issue could be solved by checking the following:

Back to top

 

 

"Server refused to authenticate client, check if API is enabled and authentication token is correct"

 NotificationService - Error during W365 notification
NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(:0) (null)
NDAW.AdSyncApi.Client.Exceptions.AuthenticationException: Server refused to authenticate client, check if API is enabled and authentication token is correct

The error explains that there is no connection between the Synctool and Workspace.
This issue could be solved by checking the following:

The Workspace site URL

Just the site name without any attribute behind the "/". Example:"https://portal.workspace365.net"

API Token

Make sure the right API authentication token is set and "Enable sync from Active Directory" is turned on.

mceclip0.png

Environment name

The environment name has to be set, this can be found after the /.
Example: portal.workspace365.net/"john"

Back to top

 

 

"Firstname and Lastname are required"

NDAW.AdSyncApi.Client.Exceptions.ServerValidationException: Server
validation failed: FirstName:This field is required, LastName:This field is requiredTh

The error explains that the workspace synctool is trying to synchronize a user without a first and last name assigned to them in azure. Fix this by making sure all users have a first and last name assigned to them.

Back to top

 

 

"The remote server returned an error: (400) Bad Request."

ActiveDirectoryToWorkspaceSyncTool.AzureAD.Exceptions.AzureAdParsedDataServiceException - Exception parsing failed
ActiveDirectoryToWorkspaceSyncTool.AzureAD.Exceptions.AzureAdParsedDataServiceException.Parse(:0) (null)
System.Net.WebException: The remote server returned an error: (400) Bad Request.
at System.Net.WebClient.DownloadDataInternal(Uri address, WebRequest& request)
at System.Net.WebClient.DownloadData(Uri address)
at ActiveDirectoryToWorkspaceSyncTool.AzureAD.GraphQuery.AzureAdGraphQuery.A()
2020-06-10 09:53:08.562 AzureAdParsedDataServiceException - Exception parsing failed 
 NDAW.AzureActiveDirectorySync.AzureAD.Exceptions.AzureAdParsedDataServiceException.Parse(:0) (null)
 System.Net.WebException: The remote server returned an error: (400) Bad Request.

This happens when the Azure AD token that is stored in the sync database is not working (anymore). Probably because the sync token is expired OR you have copied the sync folder from customer A (already configured) to customer B. 

  • Always start a clean configuration for each customer
    • On the sync tool VM/client place a blank sync tool configuration from where you can start the configuration for each customer.

Resolution:

  • You can try to clear the cache (if its a new configuration).
  • Delete the database from the database folder.

 

Back to top

 

 

"System.TimeoutException: Failed to make the request within '00:01:40'."

 2020-07-03 07:00:10.020 NotificationService - Error during W365 notification 
NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(:0) (null)
System.TimeoutException: Failed to make the request within '00:01:40'.
at NDAW.AzureActiveDirectorySync.AzureAD.AzureAdDataService.<MakeRequestWithTimeoutAsync>d__20`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NDAW.AzureActiveDirectorySync.AzureAD.AzureAdDataService.MakeRequestWithTimeout[TResult](Func`2 request)
at NDAW.AzureActiveDirectorySync.AzureAD.AzureAdDataService.GetUserProfilePhoto(String userId)
at NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.ProcessProfilePicture(String activeDirectoryUserId, String email)
at NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(String userPrincipalName, CreateOrUpdateUserParameters createOrUpdateUserParameters)

Since the Azure AD Synctool version 3.0 we make use of the Microsoft Graph instead of the Azure AD Graph. This error is happening when you did update the sync tool application, but didn't update the permissions on the Azure AD App registration. Please read once more step 7

 

 Back to top

 

Sync tool old version, new application

Do you have a old version of the Sync tool, versions below 3.0? And the new way of creating the applications? The Sync tool wont work. You need to update the Sync tool to version 3.0. 

 To check the Sync tool version go to:

  • Open de Synctool files
  • Right click on the Configuration tool
  • Click on Properties
  • Click on Details
  • File Version ...

 

mceclip2.png

If the File Version is lower then 3.0 click on the following link : Updating The sync tool

Follow the steps of the article.

 Back to top

API server failed with internal error

This happens when "Your workspace site url" contains illegal characters, e.g. spaces. Please make sure to remove these illegal characters. 

2020-08-27 11:47:42.886 NotificationService - Error during W365 notification 
NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(:0) (null)
NDAW.AdSyncApi.Client.Exceptions.ServerException: API server failed with internal error
at NDAW.AdSyncApi.Client.Implementation.ActiveDirectorySyncApiClient.HandleErrors(HttpResponseMessage response)
at NDAW.AdSyncApi.Client.Implementation.ActiveDirectorySyncApiClient.CreateOrUpdateUser(CreateOrUpdateUserParameters parameters)
at NDAW.AzureActiveDirectorySync.ActiveDirectory.NotificationService.CreateOrUpdateUserNotification(String userPrincipalName, CreateOrUpdateUserParameters createOrUpdateUserParameters)

  Back to top

"Test connection failed! Please check AAD configuration settings!"

mceclip0.png

Make sure the app registration information (tenant ID, object ID, etc.) is filled in correctly. If the same error remains, please delete and re-create the client app registration, explained in "Step 2. Create client application in Azure for the AD Synctool". 

Back to top