You usually see errors similar to these in the connector logs:
ADSync RunDiff error: System.Runtime.InteropServices.COMException (0x80070005): Access is denied.\x0D\x0A\x0D\x0A at System.DirectoryServices.SearchResultCollection.ResultsEnumerator.MoveNext()\x0D\x0A at System.DirectoryServices.SearchResultCollection.get_InnerList()\x0D\x0A at System.DirectoryServices.SearchResultCollection.get_Count()\x0D\x0A at LDIFManager.RunDiff(St ringBuilder& sbIn, String sPath, String sDomain, String sFilter, Boolean bDropCookie, String& sError)
There are two scenarios that this issue might happen:
1) .NET 3.5.1 SP1 is not installed
2) User is missing replicate directory changes and read permissions.
To add the necessary Replicate Directory Changes and Read permissions, please follow these steps:
- Open the Active Directory Users and Computers snap-in
- On the View menu, click Advanced Features.
- Right-click the domain object, such as "company.com", and then click Properties.
- On the Security tab, if the desired user account (OpenDNS_Connector) is not listed, click Add; if the desired user account is listed, proceed to step 7.
- In the Select Users, Computers, or Groups dialog box, select the desired user account, and then click Add.
- Click OK to return to the Properties dialog box.
- Click the desired user account.
- Click to select the Replicating Directory Changes and Read check boxes from the list.
- Click Apply, and then click OK.
- Close the snap-in.
If the issue is related to .NET 3.5.1 SP1 not installed you should be able to download it from here: