Thursday, 19 February 2015

Azure Active Directory Sync Tool “A constraint violation occurred.” during Active Directory Sync with Office 365

When you try to run the first sync of your on-premise Active Directory to the Office 365 Azure AD instance you are halted by the error “A constraint violation occurred”, and you can either Cancel the sync or Retry. Performing a Retry does not resolve the issue.

As the Azure Active Directory Sync Tool is actually Forefront Identity Manager 2010 under the covers I thought I would look to see if that was operating correctly. The miisclient.exe is the interface you can use to see and edit the FIM 2010 configurations, it can be found at C:\Program Files\Windows Azure Active Directory Sync/SYNCBUS\Synchronisation Service/UIShell

When I tried to launch miisclient.exe the following error appeared “Unable to connect to the Synchronisation Service”, it was noted this could be related to a service or group membership. As I had seen this issue before with a traditional instance of Forefront Identity Manager I knew this was because the user account I was using was not a member of the FIMSyncAdmins group.

I opened up ADUC and checked the FIMSyncAdmins group and my user account was in there, so I logged out and then in again and rerun the sync job and it worked perfectly.