Can AD object attributes be modified on Azure Active Directory when using DirSync for one way synchronization?

An organization with on premise AD is deploying Office 365. We plan to use DirSync to replicate (no passwords) internal users
with Azure AD for users to login and will use a third party FIM solution.
What I'm wondering is though this synchronization is one way (except a couple of fields - no passwords):
Can an authorized user change attributes of a synched AD object directly on Azure AD?
If yes, how would such a change be handled during the next synchronization operation?
Would the value be overwritten to the one in source of truth on premise AD
Would the value be ignored since there was no ‘change’ in the value at the source of truth on premise AD system?
Prompt responses would be much appreciated!
Thanks

Hi Mike, 
Thank you for your response. I understand that the master is the on-premise AD. Let me rephrase my question.
As part of object synchronization, An object X with its 50 attributes is synchronized to Azure AD. 
Is there any way for an administrator/other role to access and modify any attribute of the synchronized object on Azure AD directly. I understand
that re-synchronization schedule
is every 4 hours and at the time of such a synchronization the modified values (if any) will be overwritten restoring 'order'.

Similar Messages

  • Windows Azure Active Directory MA - Maximum number of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota.

    Trying to use WAAD with FIM 2010 R2 SP1 (4.1.3496.0) and during export several objects cause a warning/info with:
    Maximum number of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota.
    I looked, this appears hard coded into the MA, anyone know what causes this? My best guess is something like a large group membership? Does anyone know what the limits around the WAAD MA are?
    Here is the indepth error logged during the failure:
    ProvisioningServiceAdapter::ExecuteWithRetry: Action: Export, Attempt: 0, Exception: Microsoft.Online.Coexistence.ProvisionRetryException: Unable to communicate with the Windows Azure Active Directory service. Tracking ID: e94e6020-8434-4aa7-9a29-b2edf7fe6b2e
    See the event log for more details. ---> System.ServiceModel.CommunicationException: There was an error while trying to serialize parameter http://schemas.microsoft.com/online/aws/change/2010/01:syncObjects. The InnerException message was 'Maximum number
    of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota. '.  Please see InnerException for more details. ---> System.Runtime.Serialization.SerializationException:
    Maximum number of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota.
       at System.Runtime.Serialization.XmlObjectSerializerContext.IncrementItemCount(Int32 count)
       at WriteArrayOfstringToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , CollectionDataContract )
       at System.Runtime.Serialization.CollectionDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeAndVerifyType(DataContract dataContract, XmlWriterDelegator xmlWriter, Object obj, Boolean verifyKnownType, RuntimeTypeHandle declaredTypeHandle, Type declaredType)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeWithXsiType(XmlWriterDelegator xmlWriter, Object obj, RuntimeTypeHandle objectTypeHandle, Type objectType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle, Type
    declaredType)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerialize(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerializeReference(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
       at WriteSyncObjectGroupToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , ClassDataContract )
       at System.Runtime.Serialization.ClassDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeAndVerifyType(DataContract dataContract, XmlWriterDelegator xmlWriter, Object obj, Boolean verifyKnownType, RuntimeTypeHandle declaredTypeHandle, Type declaredType)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeWithXsiType(XmlWriterDelegator xmlWriter, Object obj, RuntimeTypeHandle objectTypeHandle, Type objectType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle, Type
    declaredType)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerialize(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
       at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerializeReference(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
       at WriteArrayOfSyncObjectToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , CollectionDataContract )
       at System.Runtime.Serialization.CollectionDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context)
       at System.Runtime.Serialization.DataContractSerializer.InternalWriteObjectContent(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver)
       at System.Runtime.Serialization.DataContractSerializer.InternalWriteObject(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver)
       at System.Runtime.Serialization.XmlObjectSerializer.WriteObjectHandleExceptions(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver)
       at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameterPart(XmlDictionaryWriter writer, PartInfo part, Object graph)
       --- End of inner exception stack trace ---
    Server stack trace:
       at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameterPart(XmlDictionaryWriter writer, PartInfo part, Object graph)
       at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameter(XmlDictionaryWriter writer, PartInfo part, Object graph)
       at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameters(XmlDictionaryWriter writer, PartInfo[] parts, Object[] parameters)
       at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeBody(XmlDictionaryWriter writer, MessageVersion version, String action, MessageDescription messageDescription, Object returnValue, Object[] parameters, Boolean
    isRequest)
       at System.ServiceModel.Dispatcher.OperationFormatter.OperationFormatterMessage.OperationFormatterBodyWriter.OnWriteBodyContents(XmlDictionaryWriter writer)
       at System.ServiceModel.Channels.Message.OnWriteMessage(XmlDictionaryWriter writer)
       at System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota)
       at System.ServiceModel.Channels.BinaryMessageEncoderFactory.BinaryMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset)
       at System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message)
       at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
       at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.Online.Coexistence.Schema.IProvisioningWebService.Provision(SyncObject[] syncObjects)
       at Microsoft.Online.Coexistence.ProvisionHelper.InvokeAwsAPI[T](Func`1 awsOperation, String opsLabel)
       --- End of inner exception stack trace ---
       at Microsoft.Online.Coexistence.ProvisionHelper.CommunicationExceptionHandler(CommunicationException ex)
       at Microsoft.Online.Coexistence.ProvisionHelper.InvokeAwsAPI[T](Func`1 awsOperation, String opsLabel)
       at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.<>c__DisplayClass1.<Export>b__0()
       at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ExecuteWithRetry(String actionName, Action action).

    Hi gdedshg,
    >>Maximum number of items that can be serialized or deserialized in an object graph is '65536'. Change the object graph or increase the MaxItemsInObjectGraph quota
    When meet the above exception, please try to do the following configuration:
    On the server side:
    Add the following to the server's config file:
    <behaviors>
    <serviceBehaviors>
    <behavior name="MyServiceBehavior">
    <dataContractSerializer
    maxItemsInObjectGraph="2147483647" />
    </behavior>
    </serviceBehaviors>
    </behaviors>
    And reference it in the service using the following code:
    <services>
    <service
    behaviorConfiguration="MyServiceBehavior"
    name="serviceName">……
    On the client side:
    Add the following: 
    <behaviors>
    <endpointBehaviors>
    <behavior name="MyClientbehavior">
    <dataContractSerializer
    maxItemsInObjectGraph="2147483647"/>
    </behavior>
    </endpointBehaviors>
    </behaviors>
     And reference it in the endpoint using the following code:
    <endpoint address="serviceAddress"
    behaviorConfiguration="MyClientbehavior"
    For more information, please try to refer to the following article:
    http://blog.aggregatedintelligence.com/2011/01/wcf-maxitemsinobjectgraph-error.html .
    Best Regards,
    Amy Peng
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • HT200241 Can Apple Configurator deploy and modify Apple TV iOS 6.0 settings? For instance, what if I wanted to submit a 'reset all settings' command, but not a 'factory restore'?

    Can Apple Configurator deploy and modify Apple TV iOS 6.0 settings? For instance, what if I wanted to submit a 'reset all settings' command, but not a 'factory restore'?

    Did you follow the instructions here:
    http://support.apple.com/kb/HT4367
    Pay attention to differences in power connection depending on whether or not you have AppleTV2 or AppleTV 3.
    Also some microUSB leads don't seem to work - try another if you can. Disconnect superfluous USB device/hubs too if possible.
    AC

  • AADSync and Azure Active Directory Device Registration Service

    Now I try to implement Azure Active Directory Device Registration Service with AADSync.
    According to step-by-step guide, it has to execute "Enable-MSOnlineObjectManagement" cmdlet.
    Step-by-Step Guide for On-premises Conditional Access using Azure Active Directory Device Registration Service
    https://msdn.microsoft.com/en-us/library/azure/dn788908.aspx
    Unfortunately, AADsync doestn't have "Enable-MSOnlineObjectManagement", and can't find similar cmdlet.
    I'm looking for cmdlet for device object synchronization.
     Does anyone know alternate cmdlet?

    Hi,
    Thanks for your post.
    You need to use the command import-module DirSync in PowerShell, then running the command "get-command -m Microsoft.Online.Conexistence.PS.config", you will find the cmdlet "Enable-MSOnlineObjectManagement"
    Regards.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Cannot install Windows Azure Active Directory Sync tool on Server 2012 w/ SQL Server 2012

    I went to change a user password on the server today and after changing the password I logged into the SQL server to run “Import-module dirsync” & “Start-onlinecoexistencesync” in powershell in order to sync the new password with Exchange Online. After
    waiting ten minutes I tried setting up the email on the user’s PC but the new password was not being accepted. I logged into Office 365 and I got the following warning.
    "Warning: Last synced more than 3 days ago | Troubleshoot"
    So I pressed troubleshoot and the site installed a tool on the server to try and find out what the issue was. After the tool ran it told me that the version of dirsync.exe was out of date and that I should download the new one and install it. So I downloaded
    the new dirsync.exe (version 7020 I believe) and tried installing it. I kept getting error after error, different ones to boot.
    First it told me I wasn’t part of the FIMSyncAdmins group (so I added myself), then it told me that it could not connect to MIIS server,  so I tried starting it and windows said that there was a problem with the sign on used by the service so I had
    to reset the password for the local user named “AAD_bfd1d6f0cef7” which was being used by that service. The service started successfully and when I went to install it told me I could not and if the problem persisted I should uninstall the old version and reinstall.
    Looking in the log file, before I even install the software I see the following Information...
    Level: Information
    Date: 2015-03-24 12:49:17 PM
    Source: Directory Synchronization
    Event ID: 0
    Task Category: None
    "The current configuration of the Windows Azure Active Directory Sync tool is invalid. Please reinstall the Windows Azure Active Directory Sync tool."
    So I tried to reinstall (i even manually uninstalled the old version and removed the folder in C:\Program Files\ called "Windows Azure Active Directory Sync") and on reinstall I get as far as "Installing Components" and then after a little
    while it errors out with the error "The install was unable to setup a required component. Check the event logs for more information. Please try the installation again and if the error persists, contact Technical Support. "
    Looking at the log file there are a bunch of new entries, created by the installer. There's over 300 new entries and I can not post them all here due to character count restriction. you can find the log file here...
    www.clarkfreightways.com/wp-content/uploads/2015/03/dirsync_log.txt
    Can anyone tell me what is going on, I've been looking through the log files and I can see errors but I'm not sure what to do to fix it.

    Greetings!
    Wanted to know if you've hosted the DirSync tool (latest version) on a VM? Also, if this is deployed in a Production or Lab environment? If it's a lab setup, you may
    try installing the DirSync on a new VM / Server (suspecting that it could be some machine related issues).
    Here's a Support KB helping with different errors:
    http://support.microsoft.com/en-us/kb/2684395
    If its a production environment, would suggest to raise a
    Technical Support Ticket for assisting further with break-fix.
    Thank you,
    Arvind 

  • Tutorial: Azure Active Directory integration with Igloo Software

    Click reply and tell us what you think:
    Tutorial: Azure Active Directory integration with Igloo Software
    Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

    Hello
    Can you be little clear, what you have tested with Airwatch MDM cloud?.. which scenarios?.. 
    1) Device Enrollment ?
    2) Access to Airwatch console?
    3) Access to Airwatch self service portal?
    By following the steps We do not get it working at all. by the way some of the steps in this tutorial are unclear and outdated;  
    I finally personally figured out how things should look like, and  make it work but only with Device Enrollment scenarios from the mobile devices itself. not from the pc and browsers or from the Access panel.

  • Windows Azure Active Directory Sync Setup

    Hi,
    Currently trying to install Windows Azure Active Directory Sync tool for use with Office 365.
    After five attempts to install the Sync Tool, I finally had some luck, now I am configuring the Sync tool and have been given the following error "A constraint violation occurred"
    In looking at the event logs this is the information I get:
    System.Management.Automation.CmdletInvocationException: A constraint violation occurred. ---> System.DirectoryServices.DirectoryServicesCOMException: A constraint violation occurred. at System.DirectoryServices.DirectoryEntry.CommitChanges() at Microsoft.Online.DirSync.Common.DirectoryServicesAdapter.DirectoryEntry.CommitChanges()
    at Microsoft.Online.Coexistence.PS.Config.EnableMSOnlineRichCoexistence.GrantWritePropertyPermission(SecurityIdentifier securityIdentifier, String groupDn) at Microsoft.Online.Coexistence.PS.Config.MSOnlineRichCoexistenceBase.GrantPermission(Action`2 grantPermissionAction)
    at Microsoft.Online.Coexistence.PS.Config.EnableMSOnlineRichCoexistence.InternalBeginProcessing() at Microsoft.Online.Coexistence.PS.Config.MSOnlineConfigCmdlet.BeginProcessing() at System.Management.Automation.Cmdlet.DoBeginProcessing() at System.Management.Automation.CommandProcessorBase.DoBegin()
    --- End of inner exception stack trace --- at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input) at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)
    Suggestions?
    Thanks

    Hi,
    According to your description, it seems that you have installed Azure Active Directory Sync tool successfully, right? What configuration have you done when you got that error message?
    Firstly, I recommend you to check the event logs for more detailed information about this issue.
    In general, it is recommended to install the Directory Sync tool on a member server rather than a Domain Controller. If you installed Azure Active Directory Sync Tool on a Domain Controller, please uncheck “Start Configuration Wizard now”
    checkbox and then log off and log in again to configure the Azure Active Directory Sync Tool Configuration Wizard. If you forget to follow the above process, the Configuration Wizard will return an error "Constraint Violation Error".
    Besides, please also check the permission of the system account. You can add it into the built-in Administrators group in your on-premise domain to see if the issue persists.
    More information:
    HowTo: Install the Windows Azure Active Directory Sync Tool
    Best regards,
    Susie

  • New Version of the Azure Active Directory Module and PowerShell 2.0

    Since the last upgrade of the Azure Active Directory Module for Windows PowerShell (64-bit version), we are no longer able to load it in an application targeting .NET Framework 3.5 SP1. The error message that we receive is:
    Could not load file or assembly 'file:///C:\Windows\system32\WindowsPowerShell\v1.0\Modules\MSOnline\Microsoft.Online.Administration.Automation.PSModule.dll' or one of its dependencies. This assembly is built by a runtime newer
    than the currently loaded runtime and cannot be loaded.
    Our application loads and uses the Azure AD PowerShell Module for Azure AD management. The previous version of the module available until September worked well, however, we cannot use the new version because it is built using the .NET Framework 4.0 runtime,
    and our application targets .NET Framework 3.5 SP1.
    The link for the old version of the module was removed, and since the EULA for the module restricts us from making the old version available on our web site, we need a solution that would enable us
    to load the module in our application because we cannot retarget the application to a newer Framework version. In particular,
    we need a link that our customers can use to download the old version of the module.
    Is there a URL to the old version of the Azure Active Directory Module that we can download the old version from? Can someone help?

    Hi Vladimir,
    Since I'm not familiar with AZure AD, to get the old version of Azure AD Module, I also recommend you can post in Azure AD forum for more effective support:
    http://social.msdn.microsoft.com/forums/azure/en-US/home?forum=WindowsAzureAD
    However, for the error you posted, as you said, this is related to .NET version.
    I found a similar error, which was solved by upgrading the Powershell version 3.0 on Server 2008 R2 sp1, which also need to update the .NET version on server.
    Active Directory Single sign-on Office 365 Powershell Error
    If there is anything else regarding the powershell, please feel free to post back.
    Best Regards,
    Anna Wang
    Anna, yep upgrading to version 3.0 simple solve the issue. But WMF 3.0 is not compatible with few things like
    SharePoint 2010, Exchange 2007 , SCCM etc.
    WMF 3.0 has the same .NET version so how about making a configuration file in version 2.0
    I am not really sure if Azure support this but its worth to make your configuration file to support .NET 4.0
    $PShome\PowerShell_ISE.CONFIG and $PSHOME\PowerShell.exe.config will be not existing.
    So you can make an entry in configuration to support .NET framework 4.0
    like shown below
    $config_text = @"
    <?xml version="1.0"?>
    <configuration>
    <startup useLegacyV2RuntimeActivationPolicy="true">
    <supportedRuntime version="v4.0.30319"/>
    <supportedRuntime version="v2.0.50727"/>
    </startup>
    </configuration>
    $config_text| Out-File $pshome\powershell.exe.config
    $config_text| Out-File $pshome\powershell_ise.exe.config
    Close PowerShell Console and open as administrator.
    Try loading the modules back and let me know.
    Regards Chen V [MCTS SharePoint 2010]

  • SBS 2008 - Microsoft Azure Active Directory Module for Windows PowerShell - is not supported by your version

    Hi,
    I was following the artigle (http://www.messageops.com/resources/office-365-documentation/ad-fs-with-office-365-step-by-step-guide/) but
    when try to install the 'Office 365 PowerShell Module' shows a msg saying that 'windows azure active directory module for windows powershell is not supported by your version'.
    And according to the blog (http://blogs.office.com/2014/04/15/synchronizing-your-directory-with-office-365-is-easy/) "DirSync can be
    installed on an existing domain controller"
    >>>> Any help is appreciated.
    * Similar issue: http://www.adaxes.com/forum/post7398.html

    Ok Vasil tks for reply, but this server is 64x. I dont get the point.
    Microsoft Windows [Version 6.0.6002]
    C:\Users\Administrator>set
    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=C:\Users\Administrator\AppData\Roaming
    CLIENTNAME=ANJOTEC_NOTE01
    CommonProgramFiles=C:\Program Files\Common Files
    CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
    COMPUTERNAME=COMPANYBR-SERVER
    ComSpec=C:\Windows\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Users\Administrator
    lib=C:\Program Files\SQLXML 4.0\bin\
    LOCALAPPDATA=C:\Users\Administrator\AppData\Local
    LOGONSERVER=\\COMPANYBR-SERVER
    NUMBER_OF_PROCESSORS=4
    OS=Windows_NT
    Path=C:\ProgramData\Oracle\Java\javapath;C:\Program Files\HP\NCU;C:\Windows\sys
    em32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\
    1.0\;C:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program File
    (x86)\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft SQL Serve
    \90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program F
    les (x86)\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files (x86)\Microsoft SQ
    Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft Vis
    al Studio 8\Common7\IDE\PrivateAssemblies\;C:\Program Files (x86)\ExchangeMapi\
    C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x
    6)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Rox
    o Shared\9.0\DLLShared\;C:\Program Files\Microsoft\Exchange Server\bin;C:\Progr
    m Files\Microsoft\Exchange Server\Scripts
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    PROCESSOR_ARCHITECTURE=AMD64
    PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=1e05
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files
    ProgramFiles(x86)=C:\Program Files (x86)
    PROMPT=$P$G
    PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
    PUBLIC=C:\Users\Public
    RoxioCentral=C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central
    3\
    SESSIONNAME=RDP-Tcp#0
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=C:\Users\Administrator\AppData\Local\Temp\2
    TMP=C:\Users\Administrator\AppData\Local\Temp\2
    USERDNSDOMAIN=COMPANYBR.LOCAL
    USERDOMAIN=COMPANYBR
    USERNAME=administrator
    USERPROFILE=C:\Users\Administrator
    windir=C:\Windows
    C:\Users\Administrator>

  • Getting AADSTS50020 error on microsoft login page when using Azure Active Directory Authentication

    We have implemented Azure Ad single sign on using auto generated code from Visual studio 2013 with organization account authentication and its working fine.
    The problem is when user is logged in in azure management portal with his live account and in other tab he try to open our app, then he directly gets below error on Microsoft login page.
    Additional technical information:
    Correlation ID: 78e13474-6f92-40ec-b463-91e36a6dae84
    Timestamp: 2015-04-14 12:27:20Z
    AADSTS50020:
    User account '[email protected]' from external
    identity provider 'live.com' is not supported for application
    'https://xxxxx.onmicrosoft.com/xxxx'. The account needs to
    be added as an external user in the tenant. Please sign out and sign in
    again with an Azure Active Directory user account.
    It works fine if I log out from management portal. Is there any way to resolve this issue without forcing user to log out from live account(management portal)?

    I assume you created a web application using VS2013 which uses the WS-Federation protocol.
    The behavior that you are seeing is expected Single-sign-on because you are logged in using the live account in the management portal.
    For WS-Federation, there is no current way for a caller to specify they want to force a fresh login, so the behavior is always the equivalent of LoginBehavior.Normal.
    The user will need to either sign-out or use an in-private session in the browse.
    If you switch to openID connect(sample at
    https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet) and use the “prompt=login” query paramerter in the sign in request, this will force a fresh login.

  • I have two users with different music on each itunes and i can only use one library, how do i use both for one iTouch?

    i have two users with different music on each itunes and i can only use one library, how do i use both for one iTouch?

    Chris, I believe this link may have the information you're looking for. Welcome to discussions!
    http://docs.info.apple.com/article.html?artnum=300432

  • Error while deleting Cash Journal (Numbering group 1001 can be used only for one CoCd and cash journal number)

    Hi,
        While i am try to delete Cash Journal system throws me error (Message No.:FCJ065: Numbering group 1001 can be used only for one Co. Code  and Cash Journal). Kindly provide me solution on that.
    Regards,
    Tarak

    Hi Tarak,
    You can use the config nodes in SPRO to set up number ranges for your cash journal documents.
    IMG Path> FI Global Settings>Bank Accounting>Business transactions>Cash Journal
    Define Number Range Intervals for cash Journal documents
    Define Numbering Groups
    Define Number Ranges for numbering groups
    After defining the number group here, you assign that in "Set up Cash Journal" Check if there is any clash anywhere in your configuration for different cash Journals.
    Regards,
    Kavita

  • Ai changed my email for my apple id, but i can't change my iCloud ccount because i can't remember my old password, and now i need to use iCloud for my new IPhone but it isn't working, how do i fix that?

    i changed my email for my apple id, but i can't change my iCloud  account because i can't remember my old password, and now i need to use iCloud for my new IPhone but it isn't working, how do i fix that?

    If the old ID is yours, and if your new ID was created by editing the details of this old ID (rather than being an entirely new ID), go to https://appleid.apple.com, click Manage my Apple ID and sign in with your current iCloud ID.  Click edit next to the primary email account, change it back to your old email address and save the change.  Then edit the name of the account to change it back to your old email address.  You can now use your current password to turn off Find My iDevice, even though it prompts you for the password for your old account ID. Then save any photo stream photos that you wish to keep to your camera roll.  When finished go to Settings>iCloud, tap Delete Account and choose Delete from My iDevice when prompted (your iCloud data will still be in iCloud).  Next, go back to https://appleid.apple.com and change your primary email address and iCloud ID name back to the way it was.  Now you can go to Settings>iCloud and sign in with your current iCloud ID and password.

  • Numbering Group G1 can be used only for one CoCd and cash journal number

    Hello,
    I was trying to create a cash journal when I got the error message:
    "Numbering Group G1 can be used only for one CoCd and cash journal number".
    Does anyone have an idea what could be wrong?
    Thank you,
    Bola

    Hi,
    Please check whether more than one number range is maintained in  transaction code FBCJC1. If yes, please keep only one as Cash Journal has only one number range. This is the internal number range for Cash Journal.
    If you want different number range for accounting documents then create new document types and assign number ranges to it.
    Regards,
    Tejas

  • How to authenticate Username and password in MVC using Azure Active Directory

    Need a sample application where in need to authenticate user entered logindetails using Azure Active directory.

    Hi,
    Kindly go through beneath article which helpful to understand the procedure.
    How to Authenticate Web Users with Azure Active Directory Access Control
    http://azure.microsoft.com/en-in/documentation/articles/active-directory-dotnet-how-to-use-access-control/
    Developing ASP.NET Apps with Windows Azure Active Directory
    http://www.asp.net/identity/overview/getting-started/developing-aspnet-apps-with-windows-azure-active-directory
    Adding Sign-On to Your Web Application Using Azure AD
    https://msdn.microsoft.com/en-us/library/azure/dn151790.aspx
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Maybe you are looking for

  • Hardware capability for FIM Reporting

    I am doing some capacity planning for a FIM 2010 R2 deployment and trying to understand the hardware requirements for the Reporting feature. Based on the diagarm below, it looks like the performance is primarily driven by two factors: System Center a

  • SCXI-1166 SPDT GP Relay, how to program in NISE and Teststand

    Hi, I have a SPDT GP relay and I wanted to know how the routes should be created.  For example, in NISE when you create a route you have two endpoints.  Endpoint1= Comx but what should Endpoint2=?.  Should it be: Endpoint2=ncx  or Endpoint2=nox Lets

  • Migration of Oracle9iAS Portal across DB's

    Hi: I tried to migrate my portal 3.0.9.8.3 repository that's in 9.0.1.4 database on Windows to an 9.0.1.4 database on Linux following the instruction in "Migration of Oracle9i Application Server Portal (Release 1) Across Databases" An Oracle White Pa

  • Accumalated depreciation amount error in reports

    Hi, There is an issue that I'm facing in regards to accumalated depreciation. Issue: Depreciation in one of our companies is posted only until March 2009(FY 2008). However, when we are trying to draw reports for any month beyond march 2009, it is giv

  • Can't install sql server express

    HElp!!! I'm trying to install any recent free sql server.. to practice with vs2012 and asp.net mvc.. and the install keeps failing.  THis is my personal desktop running 64bit Windows 7.  sql server express "said" it was installing but sql server does