You are currently offline, waiting for your internet to reconnect

"LDAP injection characters were found in the user alias" error when you try to run the Azure Active Directory Sync tool

PROBLEM
When you try to run the Microsoft Azure Active Directory Sync tool, you receive an email message that resembles the following:
Hello user@<DomainName>.com,

See Directory Synchronization Errors for more information about the errors listed in this e-mail message.

The Directory Synchronization batch run was completed on <Date Month Year Time.>

The following objects encountered errors during synchronization.

Alias Error Description Object GUIDResearch/Development LDAP injection characters were found in the user alias. Change the user alias in the on-premises Active Directory. CN={788ef08b-cf9b-4aec-ac10-5995226a88b7}
CAUSE
This issue may occur if an on-premises user object includes one of the following characters in its primary SMTP email address:
  • Asterisk (*)
  • Braces ({ })
  • Slash mark (/)
  • Opening single curly quotation mark (`)
  • Percent (%)
  • Equal sign (=)
  • Vertical bar (|)
  • Question mark (?)
  • Exclamation mark (!)
  • Period (.) if it's the first or last character or if it appears two or more times consecutively
SOLUTION
To resolve this issue, change the on-premises user's primary SMTP address by removing the character that's causing the issue. After the character is removed, directory synchronization will use the string in the new primary SMTP proxy address to create the user's user principal name (UPN) and primary SMTP address.

Still need help? Go to the Office 365 Community website or the Azure Active Directory Forums website.
Properties

Article ID: 2425774 - Last Review: 10/13/2015 16:57:00 - Revision: 38.0

Microsoft Azure Cloud Services, Microsoft Azure Active Directory, Microsoft Office 365, Microsoft Intune, CRM Online via Office 365 E Plans, Microsoft Azure Recovery Services, Office 365 Identity Management

  • o365 o365a o365e o365m o365022013 KB2425774
Feedback
if?DI=4050&did=1&t=">eateElement('meta');m.name='ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src="http://c1.microsoft.com/c.gif?">