After you jump through the hoops to install Azure AD Connect on Windows Server 2008, you might encounter some strange behavior when you first start Azure AD Connect.
I know I did, and I worked with the product team to come to a solution. Of course, I’m sharing this solution here, before Microsoft fixes the documentation on it.
The situation
When you intend to install Azure AD Connect, the documentation on Azure AD Connect tells you:
The Azure AD Connect server must have .Net 4.5.1 or later and PowerShell 3.0 or later installed.
Now, since on Windows Server 2008 you can’t directly install PowerShell 3.0 and .Net Framework 4.5.1, this means you have to take a slightly longer route to create a Windows Server 2008 install capable of running Azure AD Connect, according to the documentation:
- Install Windows Server 2008 Standard with Service Pack 2
- Download and install .Net Framework 3.5 with Service Pack 1.
- Download and install Windows Management Framework Core (KB968930)
- Reboot
- Download and install .Net Framework 4.5.1
- Download and install the "Extended Protection for Authentication" patch (KB968389)
- Reboot
- Download and install Windows Management Framework 3.0 (KB2506146)
- Reboot
- Download Azure AD Connect
- Unblock Azure AD Connect (downloaded msi)
- Install Azure AD Connect
The issue
After you complete these steps, however, you’ll encounter the situation where Azure AD Connect hangs on the splash screen.
You do not receive an error.
You do not receive an event in the Application log of the Windows Server on which you installed Azure AD Connect.
However, when you look in the Azure AD Connect trace logs, located in the C:\Users\<administrator>\AppData\Local\AADConnect folder, you might see that it includes line mentioning:
Exception Data (Raw): System.Windows.Markup.XamlParseException: Provide value on 'System.Windows.Baml2006.TypeConverterMarkupExtension' threw an exception. —> System.IO.FileFormatException: The image decoder cannot decode the image. The image might be corrupted. —> System.Runtime.InteropServices.COMException: Exception from HRESULT: 0x88982F60
The cause
This behavior is because the Windows Graphics, Imaging, and XPS Library is missing.
The solution
Please stop the Azure AD Connect process through task manager.
Install KB971512 on the Windows Server installation before installing Azure AD Connect. You might install this update that includes the Windows Graphics, Imaging, and XPS Library independently, or as a part of Internet Explorer 9.
You can install this update before or after the steps outlined below. It can even be installed after you install Azure AD Connect to fix the issue.
Concluding
From a project management perspective, it might make sense to set up Azure AD Connect and take care of the necessities. Then, after the project, the systems management people can update the server to their wishes.
Related blogposts
Five reasons why you don’t want Azure AD Connect on Windows Server 2008
Installing Azure AD Connect on Windows Server 2008, 2008 R2 and 2012
Login