none
Azure Active Directory Connect error trying to federate wtih AD FS. Object reference not set to an instance of an object. RRS feed

  • Question

  • I've tried to configure this trust multiple times using Azure AD Connect Wizard and it fails ever time.  I tried pasting the output of the install log while trying Federate an Azure AD Domain but it was too long.

    Can the trust be created not using Azure AD Connect?

    Tuesday, January 15, 2019 10:39 PM

All replies

  • I cannot paste the entire log file so I'll put in the last part of it.

    [14:36:32.807] [  6] [INFO ] Found AAD trust with identifier: https://login.microsoftonline.com/extSTS.srf
    [14:36:32.807] [  6] [INFO ] Found AAD trust with identifier: urn:federation:MicrosoftOnline
    [14:36:32.807] [  6] [WARN ] MsolDomainExtensions.TryGetMicrosoftOnlineRelyingPartyTrust: Microsoft Online trust NOT found.
    [14:36:32.807] [  6] [WARN ] AadTrustUpdatePage: AAD relying party trust was not returned!
    [14:36:54.010] [  1] [INFO ] Page transition from "Azure AD trust" [AadTrustUpdatePageViewModel] to "Configure" [PerformConfigurationPageViewModel]
    [14:36:54.011] [  1] [INFO ] AadTrustUpdatePage.OnUnload(): UpdateAadTrust = False
    [14:36:54.015] [  1] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Start background task Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.BackgroundInitialize in Page:"Ready to configure"
    [14:36:54.015] [  1] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Started Background Task Id:9313
    [14:36:55.020] [ 18] [VERB ] PerformConfigurationPageViewModel:ExecuteAutoUpgradeCheck: context.WizardMode AddAzureDomain.
    [14:36:55.032] [ 18] [WARN ] DetermineAutoUpgradeState: AutoUpgrade entering SUSPENDED mode by default.
    [14:36:55.032] [ 18] [VERB ] PerformConfigurationPageViewModel:ExecuteAutoUpgradeCheck: autoUpgradeState set to Suspended.
    [14:36:55.034] [ 18] [INFO ] SetAutoUpgradeViaAdhealthRegistrykey: Updated SOFTWARE\Microsoft\ADHealthAgent\Sync\UpdateCheckEnabled registry value to 1
    [14:36:55.035] [ 18] [INFO ] Restarting Monitoring Agent service.
    [14:36:55.036] [ 18] [INFO ] ServiceControllerProvider: service AzureADConnectHealthSyncMonitor exists
    [14:36:55.038] [ 18] [INFO ] ServiceControllerProvider: processing StopService request for: AzureADConnectHealthSyncMonitor
    [14:36:55.038] [ 18] [VERB ] ServiceControllerProvider:     Initial service status: Running
    [14:36:55.038] [ 18] [VERB ] ServiceControllerProvider:     stopping service and waiting for completion.
    [14:36:55.290] [ 18] [INFO ] ServiceControllerProvider: StopService status: Stopped
    [14:36:55.290] [ 18] [INFO ] Stopped service AzureADConnectHealthSyncMonitor.
    [14:36:55.292] [ 18] [INFO ] ServiceControllerProvider: Processing StartService request for: AzureADConnectHealthSyncMonitor
    [14:36:55.292] [ 18] [VERB ] ServiceControllerProvider:     Initial service status: Stopped
    [14:36:55.292] [ 18] [VERB ] ServiceControllerProvider:     Starting service and waiting for completion.
    [14:36:55.592] [ 18] [VERB ] ServiceControllerProvider:     waiting to re-verify service is running...
    [14:37:00.593] [ 18] [INFO ] ServiceControllerProvider: verifying AzureADConnectHealthSyncMonitor is in state (Running)
    [14:37:00.593] [ 18] [INFO ] ServiceControllerProvider: current service status: Running
    [14:37:00.593] [ 18] [INFO ] ServiceControllerProvider: StartService status: Running
    [14:37:00.614] [ 18] [INFO ] SyncDataProvider:LoadSettings - loading context with persisted global settings.
    [14:37:00.888] [ 18] [INFO ] SourceAnchorAttributeConfigurationItem: MsDsConsistencyGuid is already actively in use as the source anchor for this tenant. Maintaining existing setting.
    [14:37:04.451] [  1] [INFO ] MicrosoftOnlinePersistedStateProvider.Save: saving the persisted state file
    [14:37:04.453] [  1] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: False
    [14:37:04.466] [  1] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: True
    [14:37:04.469] [  1] [INFO ] PersistAzureAffinity: Azure affinity was previously persisted as UsGov (2).
    [14:37:04.469] [  1] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Start background task Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.ExecuteADSyncConfiguration in Page:"Configuring"
    [14:37:04.469] [  1] [INFO ] ProgressWizardPageViewModel:StartProgressOperation Started Background Task Id:10841
    [14:37:04.470] [ 13] [INFO ] PerformConfigurationPageViewModel.ExecuteADSyncConfiguration: Preparing to configure sync engine (WizardMode=AddAzureDomain).
    [14:37:04.471] [ 13] [INFO ] PerformConfigurationPageViewModel.ExecuteSyncEngineInstallCore: Preparing to install sync engine (WizardMode=AddAzureDomain).
    [14:37:04.475] [ 13] [INFO ] InstallSyncEngineStage.ExecuteInstall called when Sync Engine is already installed.
    [14:37:04.478] [ 13] [INFO ] TestAadConnectivity: Test Connectivity to Azure Services under Sync Service Account.
    [14:37:04.535] [ 13] [INFO ] DiscoverServiceEndpoint [SecurityTokenService]: ServiceEndpoint=HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM, AdalAuthority=HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM, AdalResource=https://graph.windows.net.
    [14:37:04.535] [ 13] [INFO ] TestAadConnectivity: Attempting connection to SecurityTokenService service: HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM
    [14:37:04.741] [ 13] [INFO ] TestAadConnectivity: Connection successful to : SecurityTokenService
    [14:37:04.741] [ 13] [INFO ] DiscoverServiceEndpoint [AdminWebService]: ServiceEndpoint=https://adminwebservice.gov.us.microsoftonline.com/provisioningservice.svc, AdalAuthority=HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM, AdalResource=https://graph.windows.net.
    [14:37:04.741] [ 13] [INFO ] TestAadConnectivity: Attempting connection to AdminWebService service: https://adminwebservice.gov.us.microsoftonline.com/provisioningservice.svc
    [14:37:07.931] [ 13] [INFO ] TestAadConnectivity: Connection successful to : AdminWebService
    [14:37:07.931] [ 13] [INFO ] TestAadConnectivity: Set AzureServiceConnectivityStatus = Success
    [14:37:07.942] [ 13] [INFO ] MicrosoftOnlinePersistedStateProvider.Save: saving the persisted state file
    [14:37:07.942] [ 13] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: False
    [14:37:07.952] [ 13] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: True
    [14:37:07.956] [ 13] [INFO ] PerformConfigurationPageViewModel.StartInstallation: Preparing to configure sync engine.
    [14:37:07.963] [ 13] [VERB ] SyncDataProvider.EnableDirectorySyncFlag: Connecting to MSOL service.
    [14:37:07.963] [ 13] [INFO ] DiscoverServiceEndpoint [AzurePowerShell]: ServiceEndpoint=https://provisioningapi.gov.us.microsoftonline.com/provisioningwebservice.svc, AdalAuthority=HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM, AdalResource=https://graph.windows.net.
    [14:37:07.963] [ 13] [INFO ] AcquireServiceToken [AzurePowerShell]: acquiring service token.
    [14:37:07.963] [ 13] [INFO ] Authenticate-ADAL [Acquiring token]: STS endpoint (HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM), resource (https://graph.windows.net), userName (it.ts.azure@mcazgov.onmicrosoft.com).
    [14:37:07.963] [ 13] [INFO ] ADAL: 2019-01-15T22:37:07.9635262Z: fedec7e1-0edb-4003-9809-e8878863cca7 - LoggerBase.cs: ADAL PCL.Desktop with assembly version '3.19.6.14301', file version '3.19.50523.1839' and informational version '1ae77ee16c2204403e53d7e652ddc8f4d315cfb1' is running...
    [14:37:07.963] [ 13] [INFO ] ADAL: 2019-01-15T22:37:07.9635262Z: fedec7e1-0edb-4003-9809-e8878863cca7 - LoggerBase.cs: === Token Acquisition started:
        CacheType: null
        Authentication Target: User
        , Authority Host: login.microsoftonline.us
    [14:37:07.963] [ 13] [INFO ] ADAL: 2019-01-15T22:37:07.9635262Z: fedec7e1-0edb-4003-9809-e8878863cca7 - LoggerBase.cs: An item matching the requested resource was found in the cache
    [14:37:07.963] [ 13] [INFO ] ADAL: 2019-01-15T22:37:07.9635262Z: fedec7e1-0edb-4003-9809-e8878863cca7 - LoggerBase.cs: 58.8099185533333 minutes left until token in cache expires
    [14:37:07.963] [ 13] [INFO ] ADAL: 2019-01-15T22:37:07.9635262Z: fedec7e1-0edb-4003-9809-e8878863cca7 - LoggerBase.cs: A matching item (access token or refresh token or both) was found in the cache
    [14:37:07.964] [ 13] [INFO ] ADAL: 2019-01-15T22:37:07.9645267Z: fedec7e1-0edb-4003-9809-e8878863cca7 - LoggerBase.cs: === Token Acquisition finished successfully. An access token was returned: Expiration Time: 1/15/2019 11:35:56 PM +00:00
    [14:37:07.964] [ 13] [INFO ] Authenticate-ADAL: successfully acquired an access token.  TenantId=0c0989e5-5cb9-442f-af4f-3a43092b154a, ExpiresUTC=1/15/2019 11:35:56 PM +00:00, UserInfo=it.ts.azure@mcazgov.onmicrosoft.com, IdentityProvider=https://sts.windows.net/0c0989e5-5cb9-442f-af4f-3a43092b154a/.
    [14:37:07.964] [ 13] [INFO ] PowerShellHelper.ConnectMsolService: Connecting using an AccessToken. AzureEnvironment=2.
    [14:37:08.232] [ 13] [INFO ] PowershellHelper: DirectorySynchronizationEnabled=True
    [14:37:08.232] [ 13] [INFO ] PowershellHelper: DirectorySynchronizationStatus=Enabled
    [14:37:08.233] [ 13] [INFO ] PowershellHelper: lastDirectorySyncTime=1/15/2019 10:08:11 PM
    [14:37:08.257] [ 13] [VERB ] WorkflowEngine created
    [14:37:08.264] [ 13] [VERB ] Created task 1bb22eb7-4079-4316-87db-c436ea70c075 with name Add Azure Domain Root Task
    [14:37:08.270] [ 13] [VERB ] Created task 36460e9a-3032-4739-9d5a-c24fb4aa67a8 with name Create Federated AAD Trust
    [14:37:08.277] [ 13] [VERB ] Executing task Add Azure Domain Root Task
    [14:37:08.288] [ 17] [VERB ] Executing task Create Federated AAD Trust
    [14:37:08.290] [ 27] [INFO ] CreateFederatedAadTrustTask.Execute (FederationWithADFS): fail task on error = True
    [14:37:08.294] [ 27] [INFO ] CreateFederatedAADTrustTask.BeginAdfsTrustCreation: Primary ADFS server = MULTSDIS-SSO1.multsdis.us, RepairAllDomains = False
    [14:37:08.294] [ 27] [INFO ] CreateFederatedAADTrustTask.BeginAdfsTrustCreation: SelectedAzureDomain = multsdis.us
    [14:37:09.136] [ 27] [INFO ] MsolDomainExtensions.IsSupportMultipleDomainEnabled: Checking if multiple domain support is enabled.
    [14:37:09.136] [ 27] [INFO ] MsolDomainExtensions.TryGetMicrosoftOnlineRelyingPartyTrust: Looking for Microsoft Online trust with identifier [urn:federation:microsoftonline.us]
    [14:37:09.136] [ 27] [INFO ] MsolDomainExtensions: Running Get-AdfsRelyingPartyTrust
    [14:37:10.018] [ 27] [INFO ] Found AAD trust with identifier: https://login.microsoftonline.com/extSTS.srf
    [14:37:10.018] [ 27] [INFO ] Found AAD trust with identifier: urn:federation:MicrosoftOnline
    [14:37:10.018] [ 27] [WARN ] MsolDomainExtensions.TryGetMicrosoftOnlineRelyingPartyTrust: Microsoft Online trust NOT found.
    [14:37:10.018] [ 27] [INFO ] MsolDomainExtensions.IsSupportMultipleDomainEnabled: isEnabled = False
    [14:37:10.035] [ 27] [INFO ] CreateFederatedAADTrustTask.BeginAdfsTrustCreation: Getting all configured domains.
    [14:37:10.035] [ 27] [VERB ] MsolDomainExtensions.ConnectMsolService: Connecting to MSOL service.
    [14:37:10.035] [ 27] [INFO ] DiscoverServiceEndpoint [AzurePowerShell]: ServiceEndpoint=https://provisioningapi.gov.us.microsoftonline.com/provisioningwebservice.svc, AdalAuthority=HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM, AdalResource=https://graph.windows.net.
    [14:37:10.035] [ 27] [INFO ] AcquireServiceToken [AzurePowerShell]: acquiring service token.
    [14:37:10.035] [ 27] [INFO ] Authenticate-ADAL [Acquiring token]: STS endpoint (HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM), resource (https://graph.windows.net), userName (it.ts.azure@mcazgov.onmicrosoft.com).
    [14:37:10.035] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.0357724Z: 11133246-f5c4-4e91-b398-0daf97f1329e - LoggerBase.cs: ADAL PCL.Desktop with assembly version '3.19.6.14301', file version '3.19.50523.1839' and informational version '1ae77ee16c2204403e53d7e652ddc8f4d315cfb1' is running...
    [14:37:10.035] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.0357724Z: 11133246-f5c4-4e91-b398-0daf97f1329e - LoggerBase.cs: === Token Acquisition started:
        CacheType: null
        Authentication Target: User
        , Authority Host: login.microsoftonline.us
    [14:37:10.035] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.0357724Z: 11133246-f5c4-4e91-b398-0daf97f1329e - LoggerBase.cs: An item matching the requested resource was found in the cache
    [14:37:10.035] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.0357724Z: 11133246-f5c4-4e91-b398-0daf97f1329e - LoggerBase.cs: 58.7753811166667 minutes left until token in cache expires
    [14:37:10.035] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.0357724Z: 11133246-f5c4-4e91-b398-0daf97f1329e - LoggerBase.cs: A matching item (access token or refresh token or both) was found in the cache
    [14:37:10.036] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.0367425Z: 11133246-f5c4-4e91-b398-0daf97f1329e - LoggerBase.cs: === Token Acquisition finished successfully. An access token was returned: Expiration Time: 1/15/2019 11:35:56 PM +00:00
    [14:37:10.036] [ 27] [INFO ] Authenticate-ADAL: successfully acquired an access token.  TenantId=0c0989e5-5cb9-442f-af4f-3a43092b154a, ExpiresUTC=1/15/2019 11:35:56 PM +00:00, UserInfo=it.ts.azure@mcazgov.onmicrosoft.com, IdentityProvider=https://sts.windows.net/0c0989e5-5cb9-442f-af4f-3a43092b154a/.
    [14:37:10.036] [ 27] [INFO ] PowerShellHelper.ConnectMsolService: Connecting using an AccessToken. AzureEnvironment=2.
    [14:37:10.268] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = multsdis.us
    [14:37:10.349] [ 27] [INFO ] MsolDomainExtensions.DetermineHostName [MetadataExchangeUri]: multsdis-sso.multsdis.us.
    [14:37:10.349] [ 27] [INFO ] MsolDomainExtensions.VerifyMatchingHostName [multsdis-sso.multsdis.us]: <MATCH> MetadataExchangeUri - 'multsdis-sso.multsdis.us'.
    [14:37:10.349] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'multsdis.us' is federated with 'multsdis-sso.multsdis.us'.
    [14:37:10.349] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = multdir.us
    [14:37:10.427] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'multdir.us' has no federation settings.
    [14:37:10.427] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = mcazgov.mail.onmicrosoft.com
    [14:37:10.506] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'mcazgov.mail.onmicrosoft.com' has no federation settings.
    [14:37:10.506] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = mcazgov.onmicrosoft.com
    [14:37:10.588] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'mcazgov.onmicrosoft.com' has no federation settings.
    [14:37:10.590] [ 27] [INFO ] CreateFederatedAadTrustTask.TraceConfiguredAzureDomains: Federated AAD domains before configuration = multsdis.us
    [14:37:10.591] [ 27] [INFO ] CreateFederatedAadTrustTask.CheckRemoveAdfsRelyingPartyTrust: Checking if we need to remove the current trust.
    [14:37:10.591] [ 27] [INFO ]   - Support multiple domain enabled: False
    [14:37:10.591] [ 27] [INFO ]   - Root domain count: 1
    [14:37:10.591] [ 27] [INFO ]   - Selected domain not configured: False
    [14:37:10.591] [ 27] [INFO ]   - Remove current trust: False
    [14:37:10.591] [ 27] [VERB ] MsolDomainExtensions.ConnectMsolService: Connecting to MSOL service.
    [14:37:10.591] [ 27] [INFO ] DiscoverServiceEndpoint [AzurePowerShell]: ServiceEndpoint=https://provisioningapi.gov.us.microsoftonline.com/provisioningwebservice.svc, AdalAuthority=HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM, AdalResource=https://graph.windows.net.
    [14:37:10.591] [ 27] [INFO ] AcquireServiceToken [AzurePowerShell]: acquiring service token.
    [14:37:10.592] [ 27] [INFO ] Authenticate-ADAL [Acquiring token]: STS endpoint (HTTPS://LOGIN.MICROSOFTONLINE.US/MCAZGOV.ONMICROSOFT.COM), resource (https://graph.windows.net), userName (it.ts.azure@mcazgov.onmicrosoft.com).
    [14:37:10.592] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.5922875Z: 20987afc-5a36-41ad-ac89-7d41cfda7eaa - LoggerBase.cs: ADAL PCL.Desktop with assembly version '3.19.6.14301', file version '3.19.50523.1839' and informational version '1ae77ee16c2204403e53d7e652ddc8f4d315cfb1' is running...
    [14:37:10.592] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.5922875Z: 20987afc-5a36-41ad-ac89-7d41cfda7eaa - LoggerBase.cs: === Token Acquisition started:
        CacheType: null
        Authentication Target: User
        , Authority Host: login.microsoftonline.us
    [14:37:10.592] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.5922875Z: 20987afc-5a36-41ad-ac89-7d41cfda7eaa - LoggerBase.cs: An item matching the requested resource was found in the cache
    [14:37:10.592] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.5922875Z: 20987afc-5a36-41ad-ac89-7d41cfda7eaa - LoggerBase.cs: 58.766105865 minutes left until token in cache expires
    [14:37:10.592] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.5922875Z: 20987afc-5a36-41ad-ac89-7d41cfda7eaa - LoggerBase.cs: A matching item (access token or refresh token or both) was found in the cache
    [14:37:10.592] [ 27] [INFO ] ADAL: 2019-01-15T22:37:10.5922875Z: 20987afc-5a36-41ad-ac89-7d41cfda7eaa - LoggerBase.cs: === Token Acquisition finished successfully. An access token was returned: Expiration Time: 1/15/2019 11:35:56 PM +00:00
    [14:37:10.592] [ 27] [INFO ] Authenticate-ADAL: successfully acquired an access token.  TenantId=0c0989e5-5cb9-442f-af4f-3a43092b154a, ExpiresUTC=1/15/2019 11:35:56 PM +00:00, UserInfo=it.ts.azure@mcazgov.onmicrosoft.com, IdentityProvider=https://sts.windows.net/0c0989e5-5cb9-442f-af4f-3a43092b154a/.
    [14:37:10.592] [ 27] [INFO ] PowerShellHelper.ConnectMsolService: Connecting using an AccessToken. AzureEnvironment=2.
    [14:37:10.753] [ 27] [INFO ] CreateFederatedAadTrustTask.BeginAdfsTrustCreation: Setting ADFS context to MULTSDIS-SSO1.multsdis.us.
    [14:37:10.754] [ 27] [INFO ] MsolDomainExtensions.SetMsolAdfsContext: Setting ADFS context to MULTSDIS-SSO1.multsdis.us.
    [14:37:11.357] [ 27] [INFO ] MsolDomainExtensions.SetMsolAdfsContext: Finished setting ADFS context.
    [14:37:11.359] [ 27] [INFO ] CreateFederatedAadTrustTask.ConfigureSelectedDomain: Configuring selected domain = multsdis.us.
    [14:37:11.474] [ 27] [INFO ] CreateFederatedAadTrustTask.ConfigureSelectedDomain: selectedAzureDomain=multsdis.us. isRootDomain=True. supportMultipleDomainEnabled=False.
    [14:37:11.474] [ 27] [INFO ] CreateFederatedAadTrustTask.ConfigureSelectedDomain: Federating new domain for ADFS multsdis.us.
    [14:37:11.475] [ 27] [INFO ] CreateFederatedAadTrustTask: Before update, multsdis.us = Federated and Verified.
    [14:37:11.475] [ 27] [INFO ] MsolDomainExtensions: Running Update-MsolFederatedDomain for domain = multsdis.us
    [14:37:14.309] [ 27] [INFO ] CreateFederatedAadTrustTask: After update, multsdis.us = Federated and Verified.
    [14:37:14.389] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = multsdis.us
    [14:37:14.484] [ 27] [INFO ] MsolDomainExtensions.DetermineHostName [MetadataExchangeUri]: multsdis-sso.multsdis.us.
    [14:37:14.484] [ 27] [INFO ] MsolDomainExtensions.VerifyMatchingHostName [multsdis-sso.multsdis.us]: <MATCH> MetadataExchangeUri - 'multsdis-sso.multsdis.us'.
    [14:37:14.484] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'multsdis.us' is federated with 'multsdis-sso.multsdis.us'.
    [14:37:14.484] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = multdir.us
    [14:37:14.549] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'multdir.us' has no federation settings.
    [14:37:14.549] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = mcazgov.mail.onmicrosoft.com
    [14:37:14.615] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'mcazgov.mail.onmicrosoft.com' has no federation settings.
    [14:37:14.615] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Checking domain = mcazgov.onmicrosoft.com
    [14:37:14.694] [ 27] [INFO ] MsolDomainExtensions.GetAllConfiguredDomains: Domain 'mcazgov.onmicrosoft.com' has no federation settings.
    [14:37:14.694] [ 27] [INFO ] CreateFederatedAADTrustTask.BeginAdfsTrustCreation: Configuring claim rules.
    [14:37:15.533] [ 27] [INFO ] CreateFederatedAadTrustTask.ConfigureClaimRules: isUsingAlternateLoginId = False
    [14:37:15.534] [ 27] [INFO ] MsolDomainExtensions.TryGetMicrosoftOnlineRelyingPartyTrust: Looking for Microsoft Online trust with identifier [urn:federation:microsoftonline.us]
    [14:37:15.534] [ 27] [INFO ] MsolDomainExtensions: Running Get-AdfsRelyingPartyTrust
    [14:37:16.430] [ 27] [INFO ] Found AAD trust with identifier: https://login.microsoftonline.com/extSTS.srf
    [14:37:16.430] [ 27] [INFO ] Found AAD trust with identifier: urn:federation:MicrosoftOnline
    [14:37:16.430] [ 27] [WARN ] MsolDomainExtensions.TryGetMicrosoftOnlineRelyingPartyTrust: Microsoft Online trust NOT found.
    [14:37:16.463] [ 27] [INFO ] Task 'Create Federated AAD Trust' has finished execution
    [14:37:16.465] [ 17] [ERROR] Microsoft.Online.Deployment.PowerShell.PowerShellInvocationException: Unable to locate the Azure AD to AD FS relying party trust.
       at Microsoft.Online.Deployment.Types.Utility.MsolDomainExtensions.GetMicrosoftOnlineRelyingPartyTrustIdentifier(IPowerShell powerShell)
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.ConfigureClaimRules(IPowerShell powerShell, List`1 federatedDomains)
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.BeginAdfsTrustCreation()
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.Execute()
       at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
    Exception Data (Raw): Microsoft.Online.Deployment.Framework.Workflow.WorkflowTaskException: The task 'Create Federated AAD Trust' has failed. ---> Microsoft.Online.Deployment.PowerShell.PowerShellInvocationException: Unable to locate the Azure AD to AD FS relying party trust.
       at Microsoft.Online.Deployment.Types.Utility.MsolDomainExtensions.GetMicrosoftOnlineRelyingPartyTrustIdentifier(IPowerShell powerShell)
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.ConfigureClaimRules(IPowerShell powerShell, List`1 federatedDomains)
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.BeginAdfsTrustCreation()
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.Execute()
       at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
       --- End of inner exception stack trace ---
       at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTaskGroup.CheckTaskCompletion(Int32 currentTaskIndex)
    [14:37:16.466] [ 17] [VERB ] Cleanup: Starting cleanup for task 'Create Federated AAD Trust'
    [14:37:16.466] [ 17] [VERB ] Task 'Create Federated AAD Trust': No cleanup defined
    [14:37:16.467] [ 17] [INFO ] Task 'Add Azure Domain Root Task' has finished execution
    [14:37:16.484] [ 13] [ERROR] Unable to locate the Azure AD to AD FS relying party trust.
    Exception Data (Raw): Microsoft.Online.Deployment.PowerShell.PowerShellInvocationException: Unable to locate the Azure AD to AD FS relying party trust.
       at Microsoft.Online.Deployment.Types.Utility.MsolDomainExtensions.GetMicrosoftOnlineRelyingPartyTrustIdentifier(IPowerShell powerShell)
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.ConfigureClaimRules(IPowerShell powerShell, List`1 federatedDomains)
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.BeginAdfsTrustCreation()
       at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.Execute()
       at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()
    [14:37:16.487] [ 13] [INFO ] MicrosoftOnlinePersistedStateProvider.Save: saving the persisted state file
    [14:37:16.487] [ 13] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: False
    [14:37:16.497] [ 13] [INFO ] MicrosoftOnlinePersistedStateProvider.UpdateFileProtection: updating file protection from the persisted state file: C:\ProgramData\AADConnect\PersistedState.xml, isAddProtection: True
    [14:37:16.497] [ 13] [INFO ] ConfigureSyncEngineStage.StartADSyncConfiguration: AADConnectResult.Status=Failed
    [14:37:16.508] [  1] [ERROR] A terminating unhandled exception occurred.
    Exception Data (Raw): System.NullReferenceException: Object reference not set to an instance of an object.
       at Microsoft.Online.Deployment.OneADWizard.Utility.ExecutionFailureHelper.GetInfoForFailure(AADConnectResult aadConnectResult)
       at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.HandleWorkflowFailed()
       at Microsoft.Online.Deployment.OneADWizard.App.SafeInvokeAction(Action action)
    [14:37:16.525] [  1] [INFO ] Page transition from "Configure" [PerformConfigurationPageViewModel] to "Error" [ErrorPageViewModel]
    [14:37:16.534] [ 13] [ERROR] A terminating unhandled exception occurred.
    Exception Data (Raw): System.AggregateException: One or more errors occurred. ---> System.NullReferenceException: Object reference not set to an instance of an object.
       at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.FinishConfiguration()
       at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.ExecuteADSyncConfiguration(Object o)
       at System.Threading.Tasks.Task.Execute()
       --- End of inner exception stack trace ---
    ---> (Inner Exception #0) System.NullReferenceException: Object reference not set to an instance of an object.
       at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.FinishConfiguration()
       at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.PerformConfigurationPageViewModel.ExecuteADSyncConfiguration(Object o)
       at System.Threading.Tasks.Task.Execute()<---

    [14:37:16.572] [  1] [INFO ] Page transition from "Error" [ErrorPageViewModel] to "Error" [ErrorPageViewModel]
    [14:37:18.712] [  1] [INFO ] Opened log file at path C:\ProgramData\AADConnect\trace-20190115-143426.log

    Tuesday, January 15, 2019 10:42 PM
  • This is a known issue with version 1.1.561.0 of AD Connect.

    Resolution:

    https://blogs.technet.microsoft.com/iamsupport/2017/09/07/support-tip-aadconnect-object-reference-not-set-to-an-instance-of-an-object-when-adding-a-new-sync-rule/

    If you already have the latest version it is likely an issue with your relying party trust (which I can try to troubleshoot with you).


    Monday, February 4, 2019 9:13 PM
    Moderator
  • Please let me know if this helped and if you were able to resolve this and remember to "Mark as Answer" if this pointed you in the right direction.
    Wednesday, February 6, 2019 11:24 PM
    Moderator
  • Thank you for your response.

    It is unclear to me where to add the tag.  Could you help me understand?

    Also, I am currently running 1.2.70.0

    Thursday, February 7, 2019 6:30 PM
  • Hey dgibson1 - Are you still having issues?  Do you know where to add a tag for custom rules in AAD Synchronization Rules Editor?
    Tuesday, May 21, 2019 2:14 PM