Enter connection information for your on-premise directory or forests: Azure AD connect unable to connect directory, forest not available
Azure Active Directory (Azure AD) has been renamed as Microsoft Entra ID. It is an identity and access management solution from Microsoft that helps organizations secure and manage identities for hybrid and multicloud environments. In this article, we shall discuss the fix “Enter connection information for your on-premise directory or forests: Azure AD connect unable to connect directory, forest not available”. Please see How to access shared resources from two different domains, and Active Directory: How to Setup a Domain Controller.
Why was this error “Enter connection information for your on-premise directory or forest” Prompted?
This error was prompted when I wanted to install Azure AD connect on another server for high availability, should in case one of the servers the agent is running on fails, we can as well have access to our applications. But this was not possible due to domain related errors as I will be discussing below.
Let’s simulate the error! As you can see below, if everything is working correctly with the domain, the forest should appear by default. However, all you need to do is click on Add Directory, as shown below.
Also, see Azure Active Directory: Why do I need to deploy Azure AD? Here is Active Directory Forest – Trees and Domain and Sites, and how to install and configure Active Directory Domain Services on Windows Server 2022.
Fix Azure AD connect unable to connect directory
Let me manually input the domain name (forest) as shown below. Furthermore, This will fail because the root issue has not yet been fixed.
Now, you will be requested to enter your credentials.
Note: You cannot use your Enterprise or Domain administrator account for your AD Forest account. It is recommended to let Azure AD Connect or you can specify a synchronisation account with the correct permission.
Moreover, I will be using an existing account I have in AD. Click on “OK” as shown below
This will run and try to validate the forest credentials but will fail, as shown below. This is the error!
Without this, you cannot proceed as the option to continue is greyed out. This Error is as a result of the following domain issues below.
To fix this issue, simply remove the device from the domain and have it joined to the domain again.
Note: From experience, This might not be the desired fix for your own scenrio, but further troubleshooting you might be able to resolve this issue.
See the following articles below for similar fixes on how to remove the device and have it joined to the domain on how to join a computer (PC) to the Domain. Here is the fix to error: An Active Directory could not be contacted / Cannot find domain: Non-existent domain.
Also, see Windows Server post OS installation for more details. See the fix to “We can’t sign you with this credential because your domain isn’t available. Why Can’t I Connect with a 169.254 IP Address?”
I hope you found this blog post on on the fix “Enter connection information for your on-premise directory or forests: Azure AD connect unable to connect directory, forest not available” helpful. Please let me know in the comment session if you have any questions.
