Office 365 directory synchronisation failing for a couple of users (permission-issue)

When I deployed directory synchronisation for our Office 365 (Exchange online) migration I noticed that a couple of users did not sync. 

The synchronisation service manager shows the users failing synchronisation. Here’s what it looks like. It’s the same for both users.

There’s 1 warning and 2 errors in the event viewer which I’ve pasted below.

Can anyone shed some light on this please?

————————————

Log Name:      Application
Source:        FIMSynchronizationService
Event ID:      6100
Task Category: Management Agent Run Profile
Level:         Warning
Keywords:      Classic
User:          N/A
Description:
The management agent “SourceAD” step execution completed on run profile “Export” with errors.

Additional Information
Discovery Errors       : “0”
Synchronization Errors : “0”
Metaverse Retry Errors : “0”
Export Errors          : “2”
Warnings               : “0”
User Action
View the management agent run history for details.

—————————————-

Log Name:      Application
Source:        Directory Synchronization
Event ID:      0
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Description:
The Management Agent ‘System.Management.PropertyData’ reported  errors on execution.

————————-

Log Name:      Application
Source:        Directory Synchronization
Event ID:      0
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Description:
Executing export run profile on source MA failed for System.Management.PropertyData. Failed to export objects:
dn=”CN=<User1>,OU=<OU>,DC=<domain>,DC=local”,error-type=permission-issue,error-code=8344,
dn=”CN=<User2>,OU=<OU>,DC=<domain>,DC=local”,error-type=permission-issue,error-code=8344,

—————————-

Here’s the fix in my case:

Open Active directory Users and Computers, enable the Advanced features in the View settings and open up the user object that can’t sync. Go to the security tab and then into advanced, check to make sure the box is checked to inherit permissions.

Before you do that you might want to check what permissions are currently assigned and what they will be assigned after inherit permissions is enabled. After all there might be permissions that you do not wish the particular user to have.

That’s all for now.

Advertisements

2 thoughts on “Office 365 directory synchronisation failing for a couple of users (permission-issue)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s