How to Resolve: An internal problem has occurred.

If the Microsoft Entra Connect (Azure AD Connect) wizard fails to install, the following errors may occur:

An internal problem has occurred. It appears that you are resuming a scenario that was not completed previously during installation. Please uninstall and try again. No registered products found. The synchronization service scheduler is suspended until this setup wizard is closed. Learn more about ‘Scheduler and installation wizard.

To resolve these issues, follow these steps:

  1. Run this PowerShell script to enable TLS 1.2:

If (-Not (Test-Path ‘HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319’)) { New-Item ‘HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319’ -Force | Out-Null } New-ItemProperty -Path ‘HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319’ -Name ‘SystemDefaultTlsVersions’ -Value ‘1’ -PropertyType ‘DWord’ -Force | Out-Null New-ItemProperty -Path ‘HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -PropertyType ‘DWord’ -Force | Out-Null If (-Not (Test-Path ‘HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319’)) { New-Item ‘HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319’ -Force | Out-Null } New-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319’ -Name ‘SystemDefaultTlsVersions’ -Value ‘1’ -PropertyType ‘DWord’ -Force | Out-Null New-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -PropertyType ‘DWord’ -Force | Out-Null If (-Not (Test-Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server’)) { New-Item ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server’ -Force | Out-Null } New-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server’ -Name ‘Enabled’ -Value ‘1’ -PropertyType ‘DWord’ -Force | Out-Null New-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server’ -Name ‘DisabledByDefault’ -Value ‘0’ -PropertyType ‘DWord’ -Force | Out-Null If (-Not (Test-Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client’)) { New-Item ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client’ -Force | Out-Null } New-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client’ -Name ‘Enabled’ -Value ‘1’ -PropertyType ‘DWord’ -Force | Out-Null New-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client’ -Name ‘DisabledByDefault’ -Value ‘0’ -PropertyType ‘DWord’ -Force | Out-Null Write-Host ‘TLS 1.2 has been enabled. You must restart the Windows Server for the changes to take affect.’ -ForegroundColor Cyan

  1. Then, reboot the machine.

  2. If the wizard continues to display an error, run these PowerShell commands:

Set-ADSyncScheduler -SyncCycleEnabled $true Start-ADSyncSyncCycle -PolicyType Delta