When trying to enable Seamless Single Sign-On(SSSO) while the Authentication enabled with Password Hash Sync Authentication(PHS).
When trying to enable the Seamless Single Sign-on using the AADConnect Configuration Wizard. The configuration failed with the error message: “An Error occurred while locating computer account“
It gives the same error when we try to enable using the PowerShell.
Resolution for this Azure AD Connect Issue:
In the error message, we could see a problem in finding the computer account AZUREEADSSOACC, which is why we cannot enable Seamless Single Signon(SSSO).
But Computer accounts is available in the Computer OU. But somehow the AADConnect Configuration Wizard is not able to recognize it. Since it is not able to find the AZUREEADSSOACC Computer Account, It is not allowing us to enable SSSO
To get this fixed, delete the Computer Account AZUREEADSSOACC from the Computer OU which allows AADConnect Wizard to recreate the Computer Account and enables to SSSO..
The Solution: Delete the Computer Account and retry to enable the Password Hash Sync with Seamless Single Sign-on
Step 1: Go to the DSA.msc and delete the computer account AZUREEADSSOACC
Step 2: Open PowerShell and Import Azure AADConnect PowerShell Module and run the command Enable-AzureADSSOForest
You can see it gets enabled without any error message. Once it is enabled, Run the command to validate the Status.
Get-AzureADSSOStatus | ConvertFrom-Json
You can see Domain mentioned under the Domains enabled with Seamless Single Sign-on(SSSO)