Recently a client was having issues with AD user accounts not synchronizing into Azure AD. When kicking off a sync through the Synchronization Service Manager things appeared to be operating normally. However, when attempting to trigger a sync through PowerShell it threw a very obtuse message:
PS C:\> Import-Module adsync
PS C:\> Get-ADSyncScheduler
Get-ADSyncScheduler : System.ArgumentNullException: Value cannot be null. Parameter name: token
PS C:\> Start-ADSyncSyncCycle -PolicyType Initial
Start-ADSyncSyncCycle : System.Management.Automation.CmdletInvocationException: System.ArgumentNullException: Value cannot be null. Parameter name: token
After checking in the event log to see if I could find any helpful indicators of the failure, I found a 906 event in the ADFS logs:
Sure enough the password expired for the service account used by AD Connect. The password was reset and the cmdlet to sync worked and user accounts showed up in AAD!