Error when you try to run the Azure Active Directory Sync tool: "LDAP injection characters were found in the user alias"

Article translations Article translations
Article ID: 2425774 - View products that this article applies to.
Expand all | Collapse all

PROBLEM

When you try to run the Microsoft Azure Active Directory Sync tool, you receive an email message that resembles the following:
Hello user@<DomainName>.com,

See Directory Synchronization Errors for more information about the errors listed in this e-mail message.

The Directory Synchronization batch run was completed on <Date Month Year Time.>

The following objects encountered errors during synchronization.

Alias Error Description Object GUIDResearch/Development LDAP injection characters were found in the user alias. Change the user alias in the on-premises Active Directory. CN={788ef08b-cf9b-4aec-ac10-5995226a88b7}

CAUSE

This issue can occur if an on-premises user object includes one of the following characters in its primary SMTP email address:
  • Asterisk (*)
  • Braces ({ })
  • Slash mark (/)
  • Opening single curly quotation mark (`)
  • Percent (%)
  • Equal sign (=)
  • Vertical bar (|)
  • Question mark (?)
  • Exclamation mark (!)
  • Period (.)

SOLUTION

To resolve this issue, change the on-premises user's primary SMTP address by removing the character that's causing the issue. After the character is removed, directory synchronization will use the string in the new primary SMTP proxy address to create the user's user principal name (UPN) and primary SMTP address.

Still need help? Go to the Office 365 Community website or the Azure Active Directory Forums website.

Properties

Article ID: 2425774 - Last Review: July 9, 2014 - Revision: 34.0
Applies to
  • Microsoft Azure
  • Microsoft Office 365
  • Windows Intune
  • CRM Online via Office 365 E Plans
  • Microsoft Azure Recovery Services
  • Office 365 Identity Management
Keywords: 
o365 o365a o365e o365m o365022013 KB2425774

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com