Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Background
After installing the Directory Synchronization Appliance, Forefront Identity Manager Synchronization Service would not start.
Troubleshooting Actions
- Attempted to start the Forefront Identity Manager Synchronization Service manually, but it would fail immediately. The Forefront Identity Manager Synchronization Service would not timeout; it would just fail immediately.
- Reviewed file and registry permissions
- Reviewed Event Log Information (Application and System Event Log)
- Examined the account that the Forefront Identity Manager Synchronization Service was running under
- In the Directory Synchronization Appliance installation, this account is created during the installation
- Tried restarting the machine
- Re-Executed the Directory Synchronization Appliance configuration wizard
- Obtained a Process Monitor (ProcMon) trace while attempting to start the Forefront Identity Manager Synchronization Service.
- Compared the trace side-by-side for a baseline Directory Synchronization Appliance
- In reviewing the Process Monitor (ProcMon) trace side-by-side with a baseline trace, we were able to determine where the process began to diverge from the baseline ("known good") configuration.
- Identified the following DLL: C:\Windows\System32\AMInit64.dll
| miiserver.exe | RegOpenKey | HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows | Forefront Identity Manager Synchronization Service |
| miiserver.exe | RegQueryValue | HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs | Forefront Identity Manager Synchronization Service |
| miiserver.exe | RegQueryValue | HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\RequireSignedAppInit_DLLs | Forefront Identity Manager Synchronization Service |
| miiserver.exe | RegQueryValue | HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CreateFile | C:\Program Files\Windows Azure Active Directory Sync\SYNCBUS\Synchronization Service\Bin\AMINIT64.DLL | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CreateFile | C:\Windows\System32\AMInit64.dll | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CloseFile | C:\Windows\System32\AMInit64.dll | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CreateFile | C:\Windows\System32\AMInit64.dll | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CreateFileMapping | C:\Windows\System32\AMInit64.dll | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CreateFileMapping | C:\Windows\System32\AMInit64.dll | Forefront Identity Manager Synchronization Service |
| miiserver.exe | CloseFile | C:\Windows\System32\AMInit64.dll | Forefront Identity Manager Synchronization Service |
| miiserver.exe | RegOpenKey | HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide | Forefront Identity Manager Synchronization Service |
Cause
A quick search found that this DLL ( C:\Windows\System32\AMInit64.dll ) belongs to a 3rd Party Anti-Virus or Monitoring Software.
Resolution
- Utilized a SysInternals Tool called AutoRuns (https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx).
- AutoRuns allowed us to test deselecting this DLL to disable it. Once we unchecked the DLL, we were able to successfully start the Forefront Identity Manager Synchronization Service
- By utilizing AutoRuns, we were able to show the conflicting software that was preventing the Forefront Identity Manager Synchronization Service from starting successfully.