- Overview
- 0 Users and 0 Groups Synchronized / AADUserDirectory - Error getting response Forbidden and/or AADUserDirectory - Failed getting all users details
- There was an error contacting Azure using the details provided. Please check all values are correct and try again & ERROR AADUserDirectory - No access token received from url.
- Still have questions?
Troubleshooting Azure AD Sync Issues
Contents
- Overview
- 0 Users and 0 Groups Synchronized / AADUserDirectory - Error getting response Forbidden and/or AADUserDirectory - Failed getting all users details
- There was an error contacting Azure using the details provided. Please check all values are correct and try again & ERROR AADUserDirectory - No access token received from url.
- Still have questions?
Importing users & groups from Azure Active Directory is becoming a more and more popular method of managing users in PaperCut NG/MF as IT admins continue to shift their IT processes to the cloud.
So you’ve configured the Application Registration in Azure and the PaperCut Sync Source - Congratulations! Let’s take a look at some common problems when hitting the Synchronize Now button.
In this article we will cover two common issues;
- 0 Users and 0 Groups Synchronized
- There was an error contacting Azure using the details provided. Please check all values are correct and try again
0 Users and 0 Groups Synchronized / AADUserDirectory - Error getting response Forbidden and/or AADUserDirectory - Failed getting all users details
So you’ve pressed Synchronize Now but you have no users or groups from your Azur Active Directory & the sync result in the User synchronization box shows no errors. In the server.log you’re getting the error: AADUserDirectory - Error getting response Forbidden (User synchronization)
In the server.log, you will see the two below errors.
AADUserDirectory - Error getting response Forbidden
and/or AADUserDirectory - Failed getting all users details
This error is down to the API Permissions on the Azure Application Registration. The correct configuration for these permissions is outlined here: Step 2: Give your application permissions to read users and groups
Often Azure admins set and select ‘Microsoft Graph -> ‘Application Permissions’ instead of ‘Microsoft Graph -> ‘Delegated Permissions’ for User.Read.
- As per Step 2, make sure the permissions are correctly set;
Once correctly set, attempt the sync again.
There was an error contacting Azure using the details provided. Please check all values are correct and try again & ERROR AADUserDirectory - No access token received from url.
When applying Azure Sync credentials (Tenant ID, App ID, Client Secret Value), or when hitting the Synchronize Now button, you may be presented with the below message in the PaperCut Admin interface.
Along with the above application-level error, you may also see the below error posted in the server.log file; ERROR AADUserDirectory - No access token received from url: https://login.microsoftonline.com/\{Tenant ID here\...
We see this error because Azure is rejecting the values that have been set for Tenant ID, or App ID, or the Client Secret Value. Please ensure that these three values are correct and correspond with the Tenant and Application Registration you are attempting to connect to in Azure.
Still have questions?
If you’re still experiencing sync issues even after following the above steps, enable debug mode and reach-out to your PaperCut support provider.
You’re also welcome to head-over to our Support Portal for further assistance.
Categories: Authentication , Troubleshooting Articles ,
Keywords: NG-only , MF-only , sync , AD , Azure Active Directory , Standard , synchronization , user , group , directory , source , fail , details , membership
Last updated March 15, 2024
Comments