The remote name could not be resolved: ‘nexus.microsoftonline-p.com’

Bij het opzetten van een Azure AD Connect configuratie met een bestaande ADFS server kreeg ik de volgende foutmelding:

[15:02:17.121] [ 21] [ERROR] An error occurred while executing the ‘Update-MsolFederatedDomain’ command. The remote name could not be resolved: ‘nexus.microsoftonline-p.com’
Exception Data (Raw): Microsoft.Online.Deployment.PowerShell.PowerShellInvocationException: An error occurred while executing the ‘Update-MsolFederatedDomain’ command. The remote name could not be resolved: ‘nexus.microsoftonline-p.com’ —> System.Management.Automation.RemoteException: The remote name could not be resolved: ‘nexus.microsoftonline-p.com’
at System.Management.Automation.PowerShell.CoreInvokeRemoteHelper[TInput,TOutput](PSDataCollection`1 input, PSDataCollection`1 output, PSInvocationSettings settings)
at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput](PSDataCollection`1 input, PSDataCollection`1 output, PSInvocationSettings settings)
at System.Management.Automation.PowerShell.CoreInvoke[TOutput](IEnumerable input, PSDataCollection`1 output, PSInvocationSettings settings)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.Invoke(Command command, Collection`1& results)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.<>c__DisplayClass46_0.<InvokeCommand>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.InvokeCommand(Command command, Collection`1& commandResults)
at Microsoft.Online.Identity.Federation.Powershell.GenevaCommands.CreateRelyingPartyTrust(Boolean isMultiDomain)
at Microsoft.Online.Identity.Federation.Powershell.GenevaCommands.SetupWindowsLiveTrust(Boolean isMultiDomain)
at Microsoft.Online.Identity.Federation.Powershell.UpdateFederatedDomainCommand.UpdateDomain()
at Microsoft.Online.Identity.Federation.Powershell.UpdateFederatedDomainCommand.DoProcessing()
at Microsoft.Online.Identity.Federation.Powershell.BaseCommand.ProcessRecord()
— End of inner exception stack trace —
at Microsoft.Online.Deployment.PowerShell.PowerShellHelper.InvokeAndThrow(IPowerShell powerShell, Command command, Boolean throwExceptionOnError)
at Microsoft.Online.Deployment.Types.Utility.MsolDomainExtensions.UpdateMsolFederatedDomain(IPowerShell powerShell, String domainName, Boolean enableSupportMultipleDomain)
at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.ConfigureMsolDomain(IPowerShell powerShell, MsolDomain domain, Boolean enableSupportMultipleDomain)
at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.ConfigureSelectedDomain(IPowerShell powerShell, String domainName, String primaryAdfsHostName)
at Microsoft.Online.Deployment.PSModule.Tasks.AAD.CreateFederatedAADTrustTask`1.Execute()
at Microsoft.Online.Deployment.Framework.Workflow.WorkflowTask.ExecuteWrapper()

De oorzaak bleek in de .Net configuratie te zitten. In de omgeving wordt gebruik gemaakt van een proxy server. Het blijkt dat je niet alleen de .Net configuratie van de Azure AD Connect server moet aanpassen, maar ook van de ADFS servers.

Open op zowel de ADFS als op de Azure AD Connect servers in notepad.exe de volgende config file C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config

Vervang hier aan het einde van de file de volgende regel

</configuration>

In:

<system.net>
<defaultProxy>
<proxy usesystemdefault=”true” proxyaddress=”http://proxyserver.domain:port” bypassonlocal=”true”/>
</defaultProxy>
</system.net>
</configuration>

Verander vervolgens de onderdelen proxyserver, domain, port door je eigen waarde.

Geef een reactie