Friday, May 27, 2016

AAD Connect service failed to start with "Error 1069: The service did not start due to logon failure"

AAD Connect has been installed on a Domain Controller. After some time "Microsoft Azure AD Sync" service has stopped.

and failed to start with following error “Error 1069: The service did not start due to logon failure“.

AAD Connect was removed manually and reinstalled. This time, after restarting the server, AAD Connect functioned normally. However, after some time had passed, the same errors occurred again.

You may have "Group Policy Object" that has predefined set of accounts in "Log on as a service" group policy and applies to Domain Controller. 
In my case it was "Default Domain Controllers Policy" however you may have the same issue for "Default Domain Policy" or other group policy that applies to regular member server.
  • Find “Log on as a service” group policy setting is found under Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment.
  • Add "AAD_..." account or service account that you may defined during AAD Connect deployment to the list of allowed account to "Log on as a service" list.
  • Run "gpupdate /force" from the Command Prompt
  • Restart "Microsoft Azure AD Sync" service


  1. The effectiveness of IEEE Project Domains depends very much on the situation in which they are applied. In order to further improve IEEE Final Year Project Domains practices we need to explicitly describe and utilise our knowledge about software domains of software engineering Final Year Project Domains for CSE technologies. This paper suggests a modelling formalism for supporting systematic reuse of software engineering technologies during planning of software projects and improvement programmes in Final Year Project Centers in Chennai.

    Software management seeks for decision support to identify technologies like JavaScript that meet best the goals and characteristics of a software project or improvement programme. JavaScript Training in Chennai Accessible experiences and repositories that effectively guide that technology selection are still lacking.

    Aim of technology domain analysis is to describe the class of context situations (e.g., kinds of JavaScript software projects) in which a software engineering technology JavaScript Training in Chennai can be applied successfully

  2. This one got me pretty good. My issue was related to a domain group policy that defined the "Log On as a Service" right which prevented me from changing my local security policy. Once I disabled the group policy setting for "Log On as a Service", did a GPUPDATE /FORCE, ADSync service started and worked as intended.