Troubleshooting #FIM2010: The Office 365 MA Connector export cycle has stopped. Object with DN CN={1234567890AABBCCDDEEFFGGHGGFFEEDDCCBBAA987654321} failed validation for the following attributes: member.

 

Event Viewer

Log Name: Application
Source: Directory Synchronization
Date:
32/13/2015 4:48:55 AM
Event ID: 107
Task Category: None
Level:
Error
Keywords: Classic
User: N/A
Computer: <servername
/>.<domain />.<root />
Description:
The Office 365 MA Connector
export cycle has stopped. Object with DN
CN={1234567890AABBCCDDEEFFGGHGGFFEEDDCCBBAA987654321} failed validation
for the following attributes: member. Please refer to documentation for
information on object attribute validation.
Event Xml:
<Event
xmlns=”http://schemas.microsoft.com/win/2004/08/events/event”&gt;

<System>
<Provider Name=”Directory Synchronization” />
<EventID
Qualifiers=”0″>107</EventID>
<Level>2</Level>
<Task>0</Task>

<Keywords>0x80000000000000</Keywords>
<TimeCreated
SystemTime=”2015-13-32T03:48:55.000000000Z” />

<EventRecordID>994163</EventRecordID>
<Channel>Application</Channel>

<Computer><servername />.<domain />.<root /></Computer>
<Security />

</System>
<EventData>
<Data>The Office 365 MA Connector export
cycle has stopped. Object with DN
CN={1234567890AABBCCDDEEFFGGHGGFFEEDDCCBBAA987654321} failed validation
for the following attributes: member. Please refer to documentation for
information on object attribute validation.</Data>
</EventData>

</Event>

Root Cause

There is a technical limit of 15000 members, that the Office 365 management
agent can support.

Solutions

1. Keeping member numbers under 15000

  • Eg. splitting groups

2. Migrating your O365 connector to AADSync

 

Additional info

Prepare for directory synchronization:
https://msdn.microsoft.com/en-us/library/azure/jj151831.aspx

Note-to-self: Microsoft at Gartner Identity & Access Management Summit

You probably recall that, last year, there was quite some confusion regarding the availability of the MS products on the Magic Quadrant for Identity & Access, right? Well, here is some good news.

Source: http://blogs.technet.com/b/enterprisemobility/archive/2014/11/26/microsoft-at-gartner-identity-amp-access-management-summit.aspx

“December 2-4, 2014 Microsoft will be participating in the Gartner Identity & Access Management Summit in Las Vegas, NV as a Platinum sponsor.

Building on our recent momentum around Identity-as-a-Service and on-premises Identity & Access Management, Microsoft will be featuring our solutions at a booth staffed by Microsoft IAM professionals who will be providing an overview, demonstrations and answering questions.

Please join Microsoft Tuesday December 2, 2014 at 2:45PM at the conference for our dynamic presentation “Azure Active Directory Explained.”

Microsoft Azure Active Directory will be highlighted including analysis and deep information into our market-leading solution, roadmap and customer insights.

We will also be discussing the recently-released Microsoft Identity Manager Public Preview and will be providing technical demonstrations of our Identity & Access Management solutions.

Come join us at the Gartner Identity & Access Management Summit reception, presentation and booth to discuss Microsoft Azure Active Directory and Microsoft Identity Manager.”

As you have seen there was and there is a hopeful lot of activity on Microsoft Identity Management.
Alive and kicking. Better know it.

New Azure AD Sync (#AADSync) documentation set launched on #TNWiki

Markus just launched a fresh new set of documents on the new Azure AD Sync (AADSync) tool on TechNet Wiki.

You can find them at this short link: http://aka.ms/AADSync

 

Check them out and bookmark the short link.