Unable to remove Sync Servers
When removing a Sync Server from the Sync Scopes list, you may encounter the following error:
The selected server(s) cannot be removed from the sync scope because they are being used in one or more sync points. Remove the references to the servers from the sync points first
Edit each sync point under the sync scope and confirm that the server to be removed is not listed as either the primary or secondary sync server. If it is, hit the triple dot next to the server name and change the selection to either another sync server or (none). Then return to the sync servers tab and again attempt to remove the server.
If the entry you are attempting to remove appears as [UNKNOWN] followed by a SID and the message ‘Exception of type ‘Specopssoft.ActiveDirectory.ScpNotFoundException was thrown’ this presents a known issue where the server was deleted from Active Directory prior to being removed from the Specops configuration. You may also see errors in the Application event log on your domain controllers when this happens:
Log Name: Application Source: Specops Password Sync Notifier Service Event ID: 359 Description: Expected to find exactly 1 server with sid '<SID>' but 0 was found.
In this situation we must manually remove the entry from the configuration in Active Directory.
In ADSIEdit or Active Directory User and Computers with Advanced Features enabled, navigate to the System/Specops/Password Sync/SyncScopes container. Beneath this container there will be a container corresponding to each sync scope.
Right-click on each Sync Scope and select Properties
Navigate to the Attribute Editor tab and double-click on the proxyAddresses attribute to edit it. Select the value with the SID corresponding to the UKNOWN error in the admin tools and click remove, then click OK, apply, OK again to the changes.
Relaunch the Password Sync admin tools (or press F5 to refresh) — the UNKNOWN entry should now be gone.