SBS 2008 - Microsoft Azure Active Directory Module for Windows PowerShell - is not supported by your version

Similar Messages

• New Version of the Azure Active Directory Module and PowerShell 2.0

  Since the last upgrade of the Azure Active Directory Module for Windows PowerShell (64-bit version), we are no longer able to load it in an application targeting .NET Framework 3.5 SP1. The error message that we receive is:
  Could not load file or assembly 'file:///C:\Windows\system32\WindowsPowerShell\v1.0\Modules\MSOnline\Microsoft.Online.Administration.Automation.PSModule.dll' or one of its dependencies. This assembly is built by a runtime newer
  than the currently loaded runtime and cannot be loaded.
  Our application loads and uses the Azure AD PowerShell Module for Azure AD management. The previous version of the module available until September worked well, however, we cannot use the new version because it is built using the .NET Framework 4.0 runtime,
  and our application targets .NET Framework 3.5 SP1.
  The link for the old version of the module was removed, and since the EULA for the module restricts us from making the old version available on our web site, we need a solution that would enable us
  to load the module in our application because we cannot retarget the application to a newer Framework version. In particular,
  we need a link that our customers can use to download the old version of the module.
  Is there a URL to the old version of the Azure Active Directory Module that we can download the old version from? Can someone help?

  Hi Vladimir,
  Since I'm not familiar with AZure AD, to get the old version of Azure AD Module, I also recommend you can post in Azure AD forum for more effective support:
  http://social.msdn.microsoft.com/forums/azure/en-US/home?forum=WindowsAzureAD
  However, for the error you posted, as you said, this is related to .NET version.
  I found a similar error, which was solved by upgrading the Powershell version 3.0 on Server 2008 R2 sp1, which also need to update the .NET version on server.
  Active Directory Single sign-on Office 365 Powershell Error
  If there is anything else regarding the powershell, please feel free to post back.
  Best Regards,
  Anna Wang
  Anna, yep upgrading to version 3.0 simple solve the issue. But WMF 3.0 is not compatible with few things like
  SharePoint 2010, Exchange 2007 , SCCM etc.
  WMF 3.0 has the same .NET version so how about making a configuration file in version 2.0
  I am not really sure if Azure support this but its worth to make your configuration file to support .NET 4.0
  $PShome\PowerShell_ISE.CONFIG and $PSHOME\PowerShell.exe.config will be not existing.
  So you can make an entry in configuration to support .NET framework 4.0
  like shown below
  $config_text = @"
  <?xml version="1.0"?>
  <configuration>
  <startup useLegacyV2RuntimeActivationPolicy="true">
  <supportedRuntime version="v4.0.30319"/>
  <supportedRuntime version="v2.0.50727"/>
  </startup>
  </configuration>
  $config_text| Out-File $pshome\powershell.exe.config
  $config_text| Out-File $pshome\powershell_ise.exe.config
  Close PowerShell Console and open as administrator.
  Try loading the modules back and let me know.
  Regards Chen V [MCTS SharePoint 2010]

• How to purchase Azure Active Directory Premium?

  How do you purchase Azure Active Directory Premium?
  I have had a trial, which has expired. I get an email saying to go to the Intune (?) portal:
  Follow these easy steps to purchase a subscription: 
  1)   Sign in to the Microsoft Intune Account Portal, with your User ID
  2)   On the Admin page, on the left pane, under Subscriptions, click Manage.
  3)   Find Microsoft Azure Active Directory Premium trial, and click on it.
  4)   On the Subscription details page click Buy now.
  5)   Follow the steps in the purchasing wizard to complete the purchase process.
  There is no trial subscription and no way to purchase. There has been some discussion that you require an Enterprise Agreement to purchase it:
  http://azure.microsoft.com/en-us/pricing/details/active-directory/

  Hi, 
  If you login to portal.office.com with your username and password and then click on 'Purchase Services' on the left hand side you should be able to go ahead and directly purchase AAD Premium. http://www.edutech.me.uk/active-directory/azure-ad-premium-now-available-via-direct-purchase/
  Thanks, 
  James.

• Getting AADSTS50020 error on microsoft login page when using Azure Active Directory Authentication

  We have implemented Azure Ad single sign on using auto generated code from Visual studio 2013 with organization account authentication and its working fine.
  The problem is when user is logged in in azure management portal with his live account and in other tab he try to open our app, then he directly gets below error on Microsoft login page.
  Additional technical information:
  Correlation ID: 78e13474-6f92-40ec-b463-91e36a6dae84
  Timestamp: 2015-04-14 12:27:20Z
  AADSTS50020:
  User account '[email protected]' from external
  identity provider 'live.com' is not supported for application
  'https://xxxxx.onmicrosoft.com/xxxx'. The account needs to
  be added as an external user in the tenant. Please sign out and sign in
  again with an Azure Active Directory user account.
  It works fine if I log out from management portal. Is there any way to resolve this issue without forcing user to log out from live account(management portal)?

  I assume you created a web application using VS2013 which uses the WS-Federation protocol.
  The behavior that you are seeing is expected Single-sign-on because you are logged in using the live account in the management portal.
  For WS-Federation, there is no current way for a caller to specify they want to force a fresh login, so the behavior is always the equivalent of LoginBehavior.Normal.
  The user will need to either sign-out or use an in-private session in the browse.
  If you switch to openID connect(sample at
  https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet) and use the “prompt=login” query paramerter in the sign in request, this will force a fresh login.

• Cannot install Windows Azure Active Directory Sync tool on Server 2012 w/ SQL Server 2012

  I went to change a user password on the server today and after changing the password I logged into the SQL server to run “Import-module dirsync” & “Start-onlinecoexistencesync” in powershell in order to sync the new password with Exchange Online. After
  waiting ten minutes I tried setting up the email on the user’s PC but the new password was not being accepted. I logged into Office 365 and I got the following warning.
  "Warning: Last synced more than 3 days ago | Troubleshoot"
  So I pressed troubleshoot and the site installed a tool on the server to try and find out what the issue was. After the tool ran it told me that the version of dirsync.exe was out of date and that I should download the new one and install it. So I downloaded
  the new dirsync.exe (version 7020 I believe) and tried installing it. I kept getting error after error, different ones to boot.
  First it told me I wasn’t part of the FIMSyncAdmins group (so I added myself), then it told me that it could not connect to MIIS server,  so I tried starting it and windows said that there was a problem with the sign on used by the service so I had
  to reset the password for the local user named “AAD_bfd1d6f0cef7” which was being used by that service. The service started successfully and when I went to install it told me I could not and if the problem persisted I should uninstall the old version and reinstall.
  Looking in the log file, before I even install the software I see the following Information...
  Level: Information
  Date: 2015-03-24 12:49:17 PM
  Source: Directory Synchronization
  Event ID: 0
  Task Category: None
  "The current configuration of the Windows Azure Active Directory Sync tool is invalid. Please reinstall the Windows Azure Active Directory Sync tool."
  So I tried to reinstall (i even manually uninstalled the old version and removed the folder in C:\Program Files\ called "Windows Azure Active Directory Sync") and on reinstall I get as far as "Installing Components" and then after a little
  while it errors out with the error "The install was unable to setup a required component. Check the event logs for more information. Please try the installation again and if the error persists, contact Technical Support. "
  Looking at the log file there are a bunch of new entries, created by the installer. There's over 300 new entries and I can not post them all here due to character count restriction. you can find the log file here...
  www.clarkfreightways.com/wp-content/uploads/2015/03/dirsync_log.txt
  Can anyone tell me what is going on, I've been looking through the log files and I can see errors but I'm not sure what to do to fix it.

  Greetings!
  Wanted to know if you've hosted the DirSync tool (latest version) on a VM? Also, if this is deployed in a Production or Lab environment? If it's a lab setup, you may
  try installing the DirSync on a new VM / Server (suspecting that it could be some machine related issues).
  Here's a Support KB helping with different errors:
  http://support.microsoft.com/en-us/kb/2684395
  If its a production environment, would suggest to raise a
  Technical Support Ticket for assisting further with break-fix.
  Thank you,
  Arvind 

• AADSync and Azure Active Directory Device Registration Service

  Now I try to implement Azure Active Directory Device Registration Service with AADSync.
  According to step-by-step guide, it has to execute "Enable-MSOnlineObjectManagement" cmdlet.
  Step-by-Step Guide for On-premises Conditional Access using Azure Active Directory Device Registration Service
  https://msdn.microsoft.com/en-us/library/azure/dn788908.aspx
  Unfortunately, AADsync doestn't have "Enable-MSOnlineObjectManagement", and can't find similar cmdlet.
  I'm looking for cmdlet for device object synchronization.
   Does anyone know alternate cmdlet?

  Hi,
  Thanks for your post.
  You need to use the command import-module DirSync in PowerShell, then running the command "get-command -m Microsoft.Online.Conexistence.PS.config", you will find the cmdlet "Enable-MSOnlineObjectManagement"
  Regards.
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to authenticate Username and password in MVC using Azure Active Directory

  Need a sample application where in need to authenticate user entered logindetails using Azure Active directory.

  Hi,
  Kindly go through beneath article which helpful to understand the procedure.
  How to Authenticate Web Users with Azure Active Directory Access Control
  http://azure.microsoft.com/en-in/documentation/articles/active-directory-dotnet-how-to-use-access-control/
  Developing ASP.NET Apps with Windows Azure Active Directory
  http://www.asp.net/identity/overview/getting-started/developing-aspnet-apps-with-windows-azure-active-directory
  Adding Sign-On to Your Web Application Using Azure AD
  https://msdn.microsoft.com/en-us/library/azure/dn151790.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Windows Azure Active Directory Sync Setup

  Hi,
  Currently trying to install Windows Azure Active Directory Sync tool for use with Office 365.
  After five attempts to install the Sync Tool, I finally had some luck, now I am configuring the Sync tool and have been given the following error "A constraint violation occurred"
  In looking at the event logs this is the information I get:
  System.Management.Automation.CmdletInvocationException: A constraint violation occurred. ---> System.DirectoryServices.DirectoryServicesCOMException: A constraint violation occurred. at System.DirectoryServices.DirectoryEntry.CommitChanges() at Microsoft.Online.DirSync.Common.DirectoryServicesAdapter.DirectoryEntry.CommitChanges()
  at Microsoft.Online.Coexistence.PS.Config.EnableMSOnlineRichCoexistence.GrantWritePropertyPermission(SecurityIdentifier securityIdentifier, String groupDn) at Microsoft.Online.Coexistence.PS.Config.MSOnlineRichCoexistenceBase.GrantPermission(Action`2 grantPermissionAction)
  at Microsoft.Online.Coexistence.PS.Config.EnableMSOnlineRichCoexistence.InternalBeginProcessing() at Microsoft.Online.Coexistence.PS.Config.MSOnlineConfigCmdlet.BeginProcessing() at System.Management.Automation.Cmdlet.DoBeginProcessing() at System.Management.Automation.CommandProcessorBase.DoBegin()
  --- End of inner exception stack trace --- at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input) at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)
  Suggestions?
  Thanks

  Hi,
  According to your description, it seems that you have installed Azure Active Directory Sync tool successfully, right? What configuration have you done when you got that error message?
  Firstly, I recommend you to check the event logs for more detailed information about this issue.
  In general, it is recommended to install the Directory Sync tool on a member server rather than a Domain Controller. If you installed Azure Active Directory Sync Tool on a Domain Controller, please uncheck “Start Configuration Wizard now”
  checkbox and then log off and log in again to configure the Azure Active Directory Sync Tool Configuration Wizard. If you forget to follow the above process, the Configuration Wizard will return an error "Constraint Violation Error".
  Besides, please also check the permission of the system account. You can add it into the built-in Administrators group in your on-premise domain to see if the issue persists.
  More information:
  HowTo: Install the Windows Azure Active Directory Sync Tool
  Best regards,
  Susie

• Windows Azure Active Directory MA - Maximum number of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota.

  Trying to use WAAD with FIM 2010 R2 SP1 (4.1.3496.0) and during export several objects cause a warning/info with:
  Maximum number of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota.
  I looked, this appears hard coded into the MA, anyone know what causes this? My best guess is something like a large group membership? Does anyone know what the limits around the WAAD MA are?
  Here is the indepth error logged during the failure:
  ProvisioningServiceAdapter::ExecuteWithRetry: Action: Export, Attempt: 0, Exception: Microsoft.Online.Coexistence.ProvisionRetryException: Unable to communicate with the Windows Azure Active Directory service. Tracking ID: e94e6020-8434-4aa7-9a29-b2edf7fe6b2e
  See the event log for more details. ---> System.ServiceModel.CommunicationException: There was an error while trying to serialize parameter http://schemas.microsoft.com/online/aws/change/2010/01:syncObjects. The InnerException message was 'Maximum number
  of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota. '.  Please see InnerException for more details. ---> System.Runtime.Serialization.SerializationException:
  Maximum number of items that can be serialized or deserialized in an object graph is '500000'. Change the object graph or increase the MaxItemsInObjectGraph quota.
     at System.Runtime.Serialization.XmlObjectSerializerContext.IncrementItemCount(Int32 count)
     at WriteArrayOfstringToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , CollectionDataContract )
     at System.Runtime.Serialization.CollectionDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeAndVerifyType(DataContract dataContract, XmlWriterDelegator xmlWriter, Object obj, Boolean verifyKnownType, RuntimeTypeHandle declaredTypeHandle, Type declaredType)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeWithXsiType(XmlWriterDelegator xmlWriter, Object obj, RuntimeTypeHandle objectTypeHandle, Type objectType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle, Type
  declaredType)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerialize(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerializeReference(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
     at WriteSyncObjectGroupToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , ClassDataContract )
     at System.Runtime.Serialization.ClassDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeAndVerifyType(DataContract dataContract, XmlWriterDelegator xmlWriter, Object obj, Boolean verifyKnownType, RuntimeTypeHandle declaredTypeHandle, Type declaredType)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeWithXsiType(XmlWriterDelegator xmlWriter, Object obj, RuntimeTypeHandle objectTypeHandle, Type objectType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle, Type
  declaredType)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerialize(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
     at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerializeReference(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle)
     at WriteArrayOfSyncObjectToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , CollectionDataContract )
     at System.Runtime.Serialization.CollectionDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context)
     at System.Runtime.Serialization.DataContractSerializer.InternalWriteObjectContent(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver)
     at System.Runtime.Serialization.DataContractSerializer.InternalWriteObject(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver)
     at System.Runtime.Serialization.XmlObjectSerializer.WriteObjectHandleExceptions(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver)
     at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameterPart(XmlDictionaryWriter writer, PartInfo part, Object graph)
     --- End of inner exception stack trace ---
  Server stack trace:
     at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameterPart(XmlDictionaryWriter writer, PartInfo part, Object graph)
     at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameter(XmlDictionaryWriter writer, PartInfo part, Object graph)
     at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeParameters(XmlDictionaryWriter writer, PartInfo[] parts, Object[] parameters)
     at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.SerializeBody(XmlDictionaryWriter writer, MessageVersion version, String action, MessageDescription messageDescription, Object returnValue, Object[] parameters, Boolean
  isRequest)
     at System.ServiceModel.Dispatcher.OperationFormatter.OperationFormatterMessage.OperationFormatterBodyWriter.OnWriteBodyContents(XmlDictionaryWriter writer)
     at System.ServiceModel.Channels.Message.OnWriteMessage(XmlDictionaryWriter writer)
     at System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota)
     at System.ServiceModel.Channels.BinaryMessageEncoderFactory.BinaryMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset)
     at System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message)
     at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
     at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
     at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
  Exception rethrown at [0]:
     at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
     at Microsoft.Online.Coexistence.Schema.IProvisioningWebService.Provision(SyncObject[] syncObjects)
     at Microsoft.Online.Coexistence.ProvisionHelper.InvokeAwsAPI[T](Func`1 awsOperation, String opsLabel)
     --- End of inner exception stack trace ---
     at Microsoft.Online.Coexistence.ProvisionHelper.CommunicationExceptionHandler(CommunicationException ex)
     at Microsoft.Online.Coexistence.ProvisionHelper.InvokeAwsAPI[T](Func`1 awsOperation, String opsLabel)
     at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.<>c__DisplayClass1.<Export>b__0()
     at Microsoft.Azure.ActiveDirectory.Connector.ProvisioningServiceAdapter.ExecuteWithRetry(String actionName, Action action).

  Hi gdedshg,
  >>Maximum number of items that can be serialized or deserialized in an object graph is '65536'. Change the object graph or increase the MaxItemsInObjectGraph quota
  When meet the above exception, please try to do the following configuration:
  On the server side:
  Add the following to the server's config file:
  <behaviors>
  <serviceBehaviors>
  <behavior name="MyServiceBehavior">
  <dataContractSerializer
  maxItemsInObjectGraph="2147483647" />
  </behavior>
  </serviceBehaviors>
  </behaviors>
  And reference it in the service using the following code:
  <services>
  <service
  behaviorConfiguration="MyServiceBehavior"
  name="serviceName">……
  On the client side:
  Add the following: 
  <behaviors>
  <endpointBehaviors>
  <behavior name="MyClientbehavior">
  <dataContractSerializer
  maxItemsInObjectGraph="2147483647"/>
  </behavior>
  </endpointBehaviors>
  </behaviors>
   And reference it in the endpoint using the following code:
  <endpoint address="serviceAddress"
  behaviorConfiguration="MyClientbehavior"
  For more information, please try to refer to the following article:
  http://blog.aggregatedintelligence.com/2011/01/wcf-maxitemsinobjectgraph-error.html .
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Exchange and EOP and "Windows Azure Active Directory Sync tool".

  Hi,
  Since we are using our on-premises Exchange server and Microsoft EOP only for spam filter, and
  we are not using the EOP created domain "XXXX.onmicrosoft.com" for anything.
  Technically speaking, do we require
  "Windows Azure Active Directory Sync tool" to be installed and synchronizing all our AD to the EOP!
  Thanks,

  The Windows Azure Active Directory Sync Tool allows you to filter mail in EOP for nonexistent recipients.  This is a pretty useful antispam feature that you'll be forgoing if you choose not to deploy the tool.
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Tutorial: Azure Active Directory integration with Igloo Software

  Click reply and tell us what you think:
  Tutorial: Azure Active Directory integration with Igloo Software
  Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

  Hello
  Can you be little clear, what you have tested with Airwatch MDM cloud?.. which scenarios?.. 
  1) Device Enrollment ?
  2) Access to Airwatch console?
  3) Access to Airwatch self service portal?
  By following the steps We do not get it working at all. by the way some of the steps in this tutorial are unclear and outdated;  
  I finally personally figured out how things should look like, and  make it work but only with Device Enrollment scenarios from the mobile devices itself. not from the pc and browsers or from the Access panel.

• Powershell script to Scan Active Directory Attributes for Country and Department ,Then add to Sales Group then add to Distribution list based on Region

  Hey Scripting Guys,
  I have been in and out of Powershell last few years, not that great at it tbh !!! I'm looking for advice on how I can as in Title, Create a Powershell script to Scan Active Directory Attributes for Country and Department ,Then add to Group then add to Distribution
  list based on Region/Country
  I was thinking along the lines of get-aduser -LDAPFilter "(department=SALES France) and adding a where clause for country.
  Any help would be great.
  Dec

  So I have tried a few variations but get errors on both 
  get-aduser -LDAPFilter "(&(department=SALES)(c=us))" | Add-ADPrincipalGroupMembership -MemberOf "testgroup"
  get-aduser -LDAPFilter "(&(department=SALES)(c=fr))" | Add-ADGroupMember -identity "testgroup"
  Add-ADPrincipalGroupMembership : Object reference not set to an instance of an
  object.
  At line:1 char:86
  + get-aduser -LDAPFilter "(&(department=SALES)(c=fr))" | Add-ADPrincipalGroupMe
  mbership <<<< -MemberOf "testgroup"
  + CategoryInfo : NotSpecified: (:) [Add-ADPrincipalGroupMembershi
  p], NullReferenceException
  + FullyQualifiedErrorId : Object reference not set to an instance of an ob
  ject.,Microsoft.ActiveDirectory.Management.Commands.AddADPrincipalGroupMem
  bership

• Pre-populate adapter for setting the Active Directory OU for a user

  Hi All
  I created a pre-populate adapter that set the Active Directory OU for a user...
  In the end the status of the resource is still showing "provisioning"..
  It must be "Provsioned"..did I miss something ?
  The logs speak as below :-
  08:01:12,678 INFO [STDOUT] Running Create User
  08:01:12,678 INFO [STDOUT] Before appending Root Context:OU=Human Resources,
  08:01:12,678 INFO [STDOUT] tcUtilLDAPController.java : hierString : OU=Human Resources,dc=mydomain,dc=com
  08:01:13,553 ERROR [ACTIVEDIRECTORYCONTROLLER] Problem creating object: javax.naming.OperationNotSupportedException: [LD
  AP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
  ]; remaining name 'cn=ASYMONDS'
  08:03:18,756 INFO [[xlWebApp]] action: LogonAction: User 'XELSYSADM' logged on in session 8116CBC0FA1481D06A207A1941B9
  E096
  08:22:31,256 ERROR [WEBAPP] Class/Method: ProvisionedResourcesForUserAction/confirmEnableSelection encounter some proble
  ms: No checkbox was checked.

  Just verify the OU value is correctly populated , first try doing the provisioning by manually giving OU and everything .
  Is it successful ?
  Then we can check if something wrong going with pre pop.
  Thanks
  Suren

• SBS 2008 PREMIUM - Migration to Office 365 (E3)

  Hi,
  I have two customers running 'Windows Server SBS 2008 Premium' and wondering to migrate their environment to 'Office 365', since this is an old version of Windows cannot run the AD FS tool (as my previous post
  https://social.technet.microsoft.com/Forums/exchange/en-US/4b5d7942-f9a6-4138-9ba8-596a35e36754/sbs-2008-microsoft-azure-active-directory-module-for-windows-powershell-is-not-supported-by-your?forum=WindowsAzureAD) they will create a new environment with
  Windows Server 2012 R2.
  Looking at 'https://www.skykick.com/products/small-business-migrations' isn't clear about Active Directory
  migration or sync.
  Can someone share thoughts and review if my plan is correct to use this tool?
  - install a new server and AD domain;
  - install SSL and AD FS tool in a way to integrate it with Office 365 Servers
  - migrate computers from old DOMAIN (SBS 2008) to the new one (W2k12)
  - use this tool to migrate contents from old infrastructure
  Any help is appreciated.
  tks,
  Renato P

  Hi ,
  Thank you for posting your issue in the forum.
  I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
  Thank you for your understanding and support.
  Best Regards,
  Andy Qi
  Andy Qi
  TechNet Community Support

• After Active Directory System Discovery, some computers have Operating_System_Name_and0 as only the version number

  Good morning,
  We've been experiencing some odd behavior with discovery.  After Active Directory System Discovery, some computers have Operating_System_Name_and0 as only the version number; for example, " 6.1" (note the space before the 6) vs.
  "Microsoft Windows NT Workstation 6.1" (although, not limited to Windows 7 workstations).
  Here are two seemingly identical machine records in Active Directory WCBWIN7VDI10 and WCBWIN7VDI11.
  After discovery
  select Name0, Operating_System_Name_and0 from v_r_system where Name0 LIKE 'WCBWIN7VDI1[0,1]'
  yields
  Name0 Operating_System_Name_and0
  WCBWIN7VDI10  6.1
  WCBWIN7VDI11 Microsoft Windows NT Workstation 6.1
  For discovery on a new domain yesterday we have the following distribution:
  select count (*) as [count], convert (nvarchar, Creation_Date0, 110) as [creation date], Operating_System_Name_and0
  from v_r_system where Full_Domain_Name0 like 'aaa.bbb.ccc'
  group by Operating_System_Name_and0, convert (nvarchar, Creation_Date0, 110)
  order by Operating_System_Name_and0
  count
  creation   date
  Operating_System_Name_and0
  274
  12-01-2014
  3
  12-01-2014
   5.0
  23
  12-01-2014
   5.1
  124
  12-01-2014
   5.2
  20
  12-01-2014
   6.0
  5109
  12-01-2014
   6.1
  6
  12-01-2014
   6.2
  4
  12-01-2014
   6.3
  1
  12-01-2014
  CentOS 6.0
  13
  12-01-2014
  Microsoft   Windows NT Server
  54
  12-01-2014
  Microsoft   Windows NT Server 5.2
  9
  12-01-2014
  Microsoft   Windows NT Server 6.0
  120
  12-01-2014
  Microsoft   Windows NT Server 6.1
  2
  12-01-2014
  Microsoft   Windows NT Server 6.2
  7
  12-01-2014
  Microsoft   Windows NT Server 6.3
  6
  12-01-2014
  Microsoft   Windows NT Workstation 5.1
  3501
  12-01-2014
  Microsoft   Windows NT Workstation 6.1
  1
  12-02-2014
  Microsoft   Windows NT Workstation 6.1
  5
  12-01-2014
  Microsoft   Windows NT Workstation 6.2
  1
  12-01-2014
  Microsoft   Windows NT Workstation 6.3
  2
  12-01-2014
  SLES 11
  6
  12-01-2014
  Windows   Embedded Standard 6.1
  Anybody know why this occurs?  We typically build our server vs. workstation collections with this.
  Thanks,
  Terence Durning

  Hi Terence,
  What is the value in Active Directory for the computer account?
  Do you have the same behavior if you run this query? 
  SELECT DISTINCT Operating_System_Name_and0 FROM v_R_System ORDER BY 1
  You are talking about a space before 6.1. Do I see also a space for all Microsoft Windows like "Microsoft   Windows NT Workstation 6.3" ? 
  Nick Pilon - Blog: System Center Dudes