Azure AD Sync Error: Unable to update this object
Issue:
Some times in the AzureAdSync Error notification email you will find the following error:
Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:someone@somethig.com]
No matter how you search in your local Active Directory -- You won't find the duplicates of the ProxyAddresses. even IdFix Tool will not detect this user.
Cause:
Actually all proxyaddresses are perfectly correct and they are not repeated anywhere, the problem is – the country code is set to “0” (Yes a Zero). Somehow the error which the azuresync is showing is wrong. You can verify this by browsing into the user in Active Directory à open user à attribute editor tab à country code.
A blunt powershell script or a batch update of AD using some third-party tools may have caused the country code to be set as Zero.
Resolution:
The resolution is very simple and quick, although I took days to figure it out. Since you are not aware of your country code (ISO 3166) I would advise just browse to the users in the Active Directory snap in à open user à Go to address Tab à Select country name in the country drop down menu and click apply.
You can directly edit this country code, for example if you live in US the country code will be “840”
Note: Remember this fix will only apply to the scenario where the azure log says all proxyaddresses are duplicate and you found from Active Directory that none of them are duplicated in any other AD object. But this will not decommission anything even you try this for a different kind of issue or cause any harm to your AD or Azure (since you are only playing with country!).