Today I received an e-mail from a new customer. They hade received an e-mail from MSOnlineServicesTeam@MicrosoftOnline.com
On Friday, 02 March 2018 01:28:41 GMT, Azure Active Directory did not register a synchronization attempt from the Identity synchronization tool in the last 24 hours for.
I logged on to the server that hade Azure AD Connect installed and looked in to the Event Viewer System log
The first error I saw Event ID: 36874
Log Name: System
Date: 2018-03-02 14:03:48
Event ID: 36874
Task Category: None
An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
I then started the Synchronization Service Manager and it also showed me errors.
A couple of weeks ago I received an E-mail from Microsoft that they required TLS 1.2 from March 1 2018 to access Office 365 services.
As outlined in the article “Preparing for the mandatory use of TLS 1.2 in Office 365”, this is going to present a problem if your organization is still using Windows 7/Vista clients. Why?
Because on March 1, 2018, Microsoft Office 365 will be disabling support for TLS 1.0 and 1.1. This means that, starting on March 1, 2018, all client-server and browser-server combinations must use TLS 1.2 or later protocol versions to be able to connect without issues to Office 365 services. This may require certain client-server and browser-server combinations to be updated.
Read more here:
The problem with the articles is that in one it says March 1 and the other says October 31 2018 The E-mail I received said 1 March.
What date is the correct?
Was to update the Azure AD Connect version to a new version that supports TLS 1.2
There are a couple of things to think about when you update
- Check your configuration and document it. My upgrade failed so I had to uninstall and do a new install.
- Check what OU you are syncing
- Check if you have any custom settings in the Synchcronization Rules Editor
- During the upgrade the sync service will be stopped so any new created accounts or password changes will not be synced during the upgrade.