How to to create the service connection point in the forest where computers exist to allow devices sync to Azure

Use below scrip to create a service connection point so that device sync can be enabled for Azure.

$verifiedDomain = “contoso.com”    # Replace this with any of your verified domain names in Azure AD

$tenantID = “72f988bf-86f1-41af-91ab-2d7cd011db47”    # Replace this with you tenant ID

$configNC = “CN=Configuration,DC=corp,DC=contoso,DC=com”    # Replace this with your AD configuration naming context (use Get-ADRootDSE to get this value)

$de = New-Object System.DirectoryServices.DirectoryEntry

$de.Path = “LDAP://CN=Services,” + $configNC

$deDRC = $de.Children.Add(“CN=Device Registration Configuration”, “container”)

$deDRC.CommitChanges()

$deSCP = $deDRC.Children.Add(“CN=62a0ff2e-97b9-4513-943f-0d221bd30080”, “serviceConnectionPoint”)

$deSCP.Properties[“keywords”].Add(“azureADName:” + $verifiedDomain)

$deSCP.Properties[“keywords”].Add(“azureADId:” + $tenantID)

$deSCP.CommitChanges()

Error: No-Start-Connection in AD Connect Export Sync

Getting this error while exporting the objects in AD Connect. You will also see the below result in Sync service.

image

 

Resolution:- To resolve this issue go to Connectors, go to the properties of the connector giving the above error, select “Connect to Active Directory Forest” option and provide the credentials to connect. Once this is successful then sync will start again.