If this stops working, often it’s due to Microsoft updates of various sorts, cloud or LAN server or both. The first thing to try usually fixes it, unless your AD sync tool is very out of date; if it is very out of date, update first!
- Run Azure AD Connect
- Choose Customize Synchronization Options, click Next
- Sign in with Azure administrative creds
- Run through the wizard, choose your settings carefully carefully.
Done!
Here’s a great set of steps for these:
http://blog.jocha.se/tech/azure-ad-sync-event-error-6126-and-6127
The short of it is:
- Bring up the Syncronization Service Manager (“Synchronization Service” in Windows search),
- Click on Connectors,
- Click on “Active Directory Domain Services”,
- Click Run in the right pane, choose Full Synchronization, click OK, and wait for completion to be reported (it’s fairly obvious),
- Click Run in the right pane, choose Full Import, click OK, and wait for completion to be reported,
- Click Windows Azure Active Directory,
- and do the same two Runs as for the other line item.
