Mimecast Directory Sync Error – ERROR|Connection Error – Error opening file of directory data (using connection – Azure AD Directory Sync)

MIMECAST DIRECTORY SYNCHRONIZATION ERRORS
✅ Fix Errors between Azure Active Directory and Mimecast.

✅ Connection Error – Error opening file of directory data (using connection – Azure AD Directory Sync).

To Start the Directory Synchronization. Login on Mimecast Admin Portal and click on Administration -> Services and then click on Directory Synchronization.

Mimecast Directory Synchronization

Below Directory connector is created to Sync users from Azure Active Directory to Mimecast. If you already have a connector for Directory Sync then you can click on Sync Directory Data to start the sync process. Once you click on it you will either get a message Summary of Directory Sync or you will get error messages. In the next section you can see the error log information.

Mimecast Directory Synchronization Connector

Error Log after clicking on Sync Directory Data button. Below error log will show connection error when trying to sync the users. As mimecast will tries to Sync directories corresponding to each registered domain in mimecast therefore the error message will be shown for every domain. There will also be a link to Download full results of the error log, click on it to download a text file which shows the error log information in much more detail.

Mimecast Directory Synchronization Error
Mimecast Directory Sync Error Log
Click here to view full result output: Download full results

Summary of Directory Sync:

ERROR|Connection Error – Error opening file of directory data (using connection – Azure AD Directory Sync)
ERROR|Connection “Azure AD Directory Sync” not connected, unable to sync domain “cusa01a997.mimecast.connect” (using connection – Azure AD Directory Sync)
ERROR|Connection “Azure AD Directory Sync” not connected, unable to sync domain “techpress.net” (using connection – Azure AD Directory Sync)
ERROR|Connection “Azure AD Directory Sync” not connected, unable to sync domain “techpress.onmicrosoft.com” (using connection – Azure AD Directory Sync)
ERROR|Connection “Azure AD Directory Sync” not connected, unable to sync domain “journal.techpress.net” (using connection – Azure AD Directory Sync)
ERROR|Partial Sync. Processed 4 domain(s), 0 user(s), 0 group(s), 0 contact(s), 4 failed domain(s), 0 failed address(es), 0 failed group(s)
ERROR|Partial AD Sync for – TechPress

Now we know that mimecast directory sync is not working and collected the error log information. Let’s see how you can fix the error and make sure the permissions are correctly configured.

Solution / Fix for Connection Error – Error opening file of directory data

For Sync of Azure Active Directory users to Mimecast, below two steps needs to be completed:

  1. Create an Azure Active Directory Application.
  2. Create an Mimecast Directory Connector.

When Configurating an Azure Active Directory Permissions, make sure the API Permissions are set to below.

Azure Active Directory App API Permission Mimecast Directory Sync

When you try to provie Azure Active Directory Graph permission, you may find that Azure Active Directory Graph button under Microsoft APIs is greyed out with a message:

Azure Active Directory Graph will be deprecated in June 2022. We recommend using Microsoft Graph APIs for your application. If you are currently using Azure Active Directory Graph, please migrate to Microsoft Graph.  Learn more

Azure Active Directory Graph Deprecated

Workaround

To workaround this and provide Azure Active Directory Graph permissions, follow below steps:

  • Open Azure Active Directory Application from App registrations.
  • Click on API Permissions on the left hand side.
  • Click on + Add a permission.
  • Click on APIs my organization uses and search for Windows Azure Active Directory.
  • Select this application to provide the relevant permissions.
APIs my organization uses - Windows Azure Active Directory

Once you have provided the permissions, Login on Mimecast Admin Portal and Go to Administration -> Services -> Directory Synchronization. Click on Sync Directory Data. This time you should get the Summary of Directory Sync without any error messages on the screen.

Mimecast Directory Sync Summary of Directory Sync

Leave a Reply