Twelve days after the release of Azure AD Connect version 18.104.22.168, the first release in the 1.6 branch, Microsoft has released version 22.214.171.124, fixing a bug in the 126.96.36.199 release. What’s fixed This release fixes a bug in version 188.8.131.52 where, after upgrade to that release, the Azure AD Connect Health feature was not … Continue reading "Azure AD Connect version 184.108.40.206 fixes a bug in the previous release"
Version 220.127.116.11 of Azure AD Connect that was released just last week seems to have an issue with the Azure AD Connect Health agent. The situation You intend to synchronize objects from one or more on-premises Active Directory Domain Services implementations to an Azure AD tenant. You install Azure AD Connect version 18.104.22.168 to … Continue reading "Knowledgebase: Azure AD Connect Health Agents are not registered on Azure AD Connect installations running version 22.214.171.124"
In Azure AD Connect version 126.96.36.199, Microsoft introduced the Selective Password Hash Synchronization feature. Formerly, Azure AD Connect would apply Password Hash Synchronization to all objects in scope for synchronization. In Azure AD Connect version 188.8.131.52, and up, a subset of users can be specifically included or excluded to having their password hashes synchronized to … Continue reading "Four things you should know about Selective Password Hash Synchronization"
Setting up an AD FS Farm with Azure AD Connect is easy when you use Azure AD Connect. Its configuration wizard is able to configure all the required AD FS settings and Web Application Proxy settings on two domain-joined servers you point the wizard to. This begs the question: How do you extend the AD … Continue reading "Adding an AD FS Server to an existing Farm using Azure AD Connect"
When Active Directory on-premises and Azure AD work together, it’s called Hybrid Identity. Hybrid Identity is relatively easy to setup, when you use the Express Settings for Azure AD Connect. However, setting up Hybrid Identity with Active Directory Federation Services (AD FS) is not that hard either. I’ll show you how to achieve this goal … Continue reading "Setting up Hybrid Identity with AD FS through Azure AD Connect"
It’s time for a new version of Azure AD Connect to incorporate Microsoft’s lessons learned and distribute the fixes Microsoft made to the larger public. Last Friday, Microsoft released the first version in the 1.6 branch of Azure AD Connect: v184.108.40.206 Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and … Continue reading "Azure AD Connect version 220.127.116.11 defaults to the v2 endpoint and adds support for Selective Password Hash Synchronization"
Roughly a year ago, I wrote a blogpost on the ten things you need to know about Azure AD Connect Cloud Provisioning. At that time, the agent was in public preview. Today, I want to talk about the renamed product: Azure AD Connect Cloud Sync, because I feel there’s a couple of things you should … Continue reading "Ten things you should know about Azure AD Connect Cloud Sync"
Azure AD Connect Sync’s uses three separate accounts. Its AD Connector account is an account that has several permissions that warrant a closer look at how the account can be abused. Of course, we’ll need command lines to hunt for any misuse. About the AD Connector account Since Azure AD Connect version 18.104.22.168, the use … Continue reading "HOWTO: Hunt for abuse of Azure AD Connect’s AD Connector account"
If you are using an older version of Azure AD Connect, you might want to consider upgrading it. Yesterday, Microsoft published new information on changes to come. The Azure AD Connect product team is constantly making updates to Azure AD Connect Sync to ensure optimal security and performance of organizations’ synchronization processes. Therefore, Microsoft retires … Continue reading "Older versions of Azure AD Connect will be retired on February 29th, 2024"
One of the issues you might encounter, when you misconfigure the delegated permissions for Azure AD Connect’s Active Directory connector account is events in your Domain Controllers’ event viewers every hour with event ID 1699. The situation You are using Azure AD Connect with Password Hash Synchronization as either the sign-in method to Azure AD … Continue reading "KnowledgeBase: You experience EventID 1699 on Domain Controllers targeted by Azure AD Connect"