You dont have javascript enabled! Please enable it! (Solution) Azure File Sync – Server Registration – Error 0x80092004 - CHARBEL NEMNOM - MVP | MCT | CCSP | CISM - Cloud & CyberSecurity

(Solution) Azure File Sync – Server Registration – Error 0x80092004

3 Min. Read

Azure File Sync

Azure File Sync helps you save on storage capacity by centralizing your data and then installing a sync agent on Windows Server on-premises or in Azure (IaaS VM) to provide fast local access to your files in Azure. Your local server and Azure are constantly syncing, so you have one centralized location for your files with multi-site access powered by fast local caches and cloud tiering.

I was recently upgrading the Azure file sync agent on one of my servers. When I attempted to register the server with the Storage Sync Service by signing into Azure, I received the following error.

Cannot find object or property. (Exception from HRESULT: 0x80092004)

The issue

I recently had a problem where I could not get the Azure File Sync (AFS) agent to register with Azure. The issue I had is the following:

After I launched the server registration UI wizard, and “Sign in” with my account to Azure successfully.

I selected my Azure subscription, the resource group, and the desired Storage Sync Service as shown in the figure below.

Azure File Sync-Server Registration

After I clicked Register, the UI threw an error with the following message:

Cannot find object or property. (Exception from HRESULT: 0x80092004)

Azure File Sync-Choose a Storage Sync Service

Troubleshooting

After digging in the logs, I found the following error message under the ‘System’ event logs – Event ID: 36871

A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

This error message appeared twice at the same time.

A fatal error occurred while creating a TLS client credential

This gave me an indication there is something wrong with TLS. TLS is a secure protocol for communication, and TLS 1.2 support has recently been made a mandate across Microsoft products. What that means is that wherever a product leverages TLS, TLS 1.2 should be supported. You can read more about Transport Layer Security (TLS) here.

And last year, the Azure File Sync team announced that they were removing support for TLS 1.0 and 1.1 in August 2020. All supported Azure File Sync agent versions already use TLS 1.2 by default. And Azure File Sync service regions added after May 1, 2020, will only support TLS 1.2 and they’ll remove TLS 1.0 and 1.1 support from existing Azure regions in August 2020. In my case, I deployed a new Azure File Sync service and we are in 2021.

A quick look to verify if TLS 1.2 is enabled on this server, I ran the following PowerShell command:

Get-Item 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client'
Get-Item 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server'

We can see that TLS 1.2 is enabled on this server as shown in the figure below (Enabled: 1). The Azure File Sync agent should work as documented by Microsoft here.

Verify if TLS 1.2 is enabled with PowerShell

So what is the issue?

Resolution

I reached out to the AFS team and they investigated this issue. The Error 0x80092004 is equal to CRYPT_E_NOT_FOUND.

It’s more than likely, that the registry is referencing a certificate that no longer exists on this server.

To resolve this issue open a PowerShell console in admin mode and run the following two commands:

Remove-ItemProperty HKLM:\SOFTWARE\Microsoft\Azure\StorageSync\ServerSetting -Name ServerSetting.Server=Localhost -Force
Import-Module "C:\Program Files\Azure\StorageSyncAgent\StorageSync.Management.ServerCmdlets.dll"
Reset-StorageSyncServer

The first command will remove the Server settings from the registry and the second command will perform an offline-only removal of the server’s trust relationship with the Storage Sync Service and all server endpoints. The changes will not be communicated to the AFS service. This server is not registered with the sync service and does not have any resources in the cloud, so it’s safe to perform offline removal.

Enter [Y] to confirm. The default is Yes!

Reset Azure File Sync agent

Last but not least, open File Explorer, and then go to the Storage Sync Agent installation directory (the default location is C:\Program Files\Azure\StorageSyncAgent).

Run ServerRegistration.exe, and complete the wizard to register the server with a Storage Sync Service.

The registration should successfully be completed now without any error as shown in the figure below.

Register Azure File Sync with Azure

Hope this helps someone out there!

Thanks to Jeff in the AFS team for his help in getting to the bottom of this.

Summary

Azure File Sync extends on-premises file servers into Azure by providing cloud benefits while maintaining performance and compatibility with your existing applications and infrastructure. Azure Files and Azure File Sync give you the ability to share files without the need to deploy the underlying server infrastructure which provides several benefits when building an Azure-based PaaS application.

Do you want to learn more about Azure Storage including Azure Blobs and Azure File Shares? Make sure to check my recently published online course here: Azure Storage Essential Training.

__
Thank you for reading my blog.

If you have any questions or feedback, please leave a comment.

-Charbel Nemnom-

Photo of author
About the Author
Charbel Nemnom
Charbel Nemnom is a Senior Cloud Architect with 21+ years of IT experience. As a Swiss Certified Information Security Manager (ISM), CCSP, CISM, Microsoft MVP, and MCT, he excels in optimizing mission-critical enterprise systems. His extensive practical knowledge spans complex system design, network architecture, business continuity, and cloud security, establishing him as an authoritative and trustworthy expert in the field. Charbel frequently writes about Cloud, Cybersecurity, and IT Certifications.
Previous

Enable Azure Backup on VMs using Azure Policy

Deploy and Assign Azure Policy via Azure DevOps Pipelines

Next

2 thoughts on “(Solution) Azure File Sync – Server Registration – Error 0x80092004”

Leave a comment...

  1. Hi,
    Wanted to say thank you. I’ve been chasing this issue for a couple of days now, including opening a support case with MS.

    This resolved the issue the space of 2 mins!

  2. Hello Alok, thank you for the comment and feedback, much appreciated!
    I am happy to hear that it helps resolve your issue.

Let us know what you think, or ask a question...