Thursday 19 February 2015

Azure Active Directory Sync Tool “A constraint violation occurred.” during Active Directory Sync with Office 365

When you try to run the first sync of your on-premise Active Directory to the Office 365 Azure AD instance you are halted by the error “A constraint violation occurred”, and you can either Cancel the sync or Retry. Performing a Retry does not resolve the issue.

As the Azure Active Directory Sync Tool is actually Forefront Identity Manager 2010 under the covers I thought I would look to see if that was operating correctly. The miisclient.exe is the interface you can use to see and edit the FIM 2010 configurations, it can be found at C:\Program Files\Windows Azure Active Directory Sync/SYNCBUS\Synchronisation Service/UIShell

When I tried to launch miisclient.exe the following error appeared “Unable to connect to the Synchronisation Service”, it was noted this could be related to a service or group membership. As I had seen this issue before with a traditional instance of Forefront Identity Manager I knew this was because the user account I was using was not a member of the FIMSyncAdmins group.

I opened up ADUC and checked the FIMSyncAdmins group and my user account was in there, so I logged out and then in again and rerun the sync job and it worked perfectly.