Azure Active Directory Connect with Multiple Source Forests: The specified domain does not exist or cannot be contacted

Configuring a multi forest sync solution for a single Office 365 tenant is pretty straightforward, but there are a few small tiny gotcha’s:

1. DNS resolution is critical, adding a few host file entries won’t do the trick, use a (conditional) forwarder to a DC for each forest
2. Ensure the proper firewall ports are open
3. Ensure you type your login in the netbios format and include the suffix, e.g.: LIEBEN.NU\Admin, using LIEBEN\Admin will fail

If you don’t, you’ll probably run into this error:

[ERROR] Caught exception while validating the domain credentials and retrieving domain FQDN of the specified user XXXX.XXX\Admin.
Exception Data (Raw): System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException: The specified domain does not exist or cannot be contacted.
   at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context)
   at Microsoft.Online.Deployment.Framework.Providers.ActiveDirectoryProvider.ValidateUserCredentials(String domainName, String username, SecureString password, String& domainFqdn)
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.ConfigSyncDirectoriesPageViewModel.ValidateADDirectoryConnection(DirectoryConnectionViewModel connection)

Leave a Reply

Be the First to Comment!

Notify of
avatar
wpDiscuz