Resolving TLS Errors when managing Office 365 in ADHQEDGEWATER, MARYLAND. AUGUST 10, 2022
Some users have reported issues when using ADHQ to communicate with Office 365. These issues are caused by a change Microsoft has made to require TLS 1.2 for connections to 365. Continue reading to learn more about this issue and to discover an easy workaround to make sure ADHQ continues to work in your environment.
TLS 1.2 is now being required by Microsoft for connecting to Office 365, and this requirement is slowly being rolled out to all 365 users. ADHQ reads your computer's registry to determine how to connect to 365, which may cause issues if your operating system is not configured to use TLS 1.2. The fix for this issue is to set a couple of registry entries that force your OS to use version 1.2 of TLS. For more detailed information on this topic, here is the link to a page that discusses it further:
Using outdated versions of TLS can cause errors in several different parts of the program, if your 365 tenant has been updated to block such connections. These errors may appear when testing 365 connection settings in the Options dialog, when running 365 reports, or when modifying 365 licenses in ADHQ tools. Look for error messages similar to the the following:
Office 365 Connection Failed
System.Exception: Authentication Error: Unexpected authentication failure.
Error updating user's Office 365 Licenses
To confirm that TLS is affecting ADHQ:
Log in to Azure and locate the user whose credentials you are using in ADHQ. Select the user, then click Sign-In logs in the left pane which will list all the log ins for that user. Look for a failed login attempt with text similar to the following:
To fix the issue you will need to add the following entries to your registry:
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001