Schemus Synchronization with Exchange Online connection failed: WAM error

search cancel

Schemus Synchronization with Exchange Online connection failed: WAM error

book

Article ID: 428763

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

This Article describes a situation when you are unable to Synchronize the Schemus synchronization tool with Exchange online. Error received - connection failed: WAM error

Environment

Email Security.cloud

Cause

This is likely due to changes introduced by Microsoft into the Exchange Online PowerShell module from version 3.7.0 which now uses Web Account Manager (WAM) during authentication. With WAM, amongst other issues, authentication fails when connecting to Exchange Online using credentials that differ from those used to login to Windows.

Resolution

Microsoft have some information here : https://learn.microsoft.com/en-us/troubleshoot/exchange/administration/wam-integration-issues

In particular, Microsoft recommend using certificate-based authentication. This will need an app registration and a locally generated self-signed certificate. Information on how to do this is described in this below knowledge article :

https://learn.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps

In Schemus, you would need to enter the Application (client ID), the organization and certificate thumbprint as given on the Azure portal.

Note : Exchange Online uses the organization name (e.g. schemus.onmicrosoft.com) and not the GUID. Also It may be possible to use an older version of the Exchange Online PowerShell module as a temporary workaround. However, It is likely to have an undesirable security implications.

Additional Information

How to Synchronize Microsoft ENTRA ID using Schemus tool : https://knowledge.broadcom.com/external/article?articleNumber=426035

Feedback

thumb_up Yes

thumb_down No