Azure AD Connect v2.0.9.0 fixes a Password Hash Synchronization bug

Yesterday, a mere week after the release of Azure AD Connect version 2.0.8.0, a security release for the 2.0 branch, Microsoft has released version 2.0.9.0, fixing a bug in the 2.0.3.0 en 2.0.8.0 releases.   What's fixed This release addresses an issue where, when syncing a large number of Password Hash Synchronization (PHS) transactions, the … Continue reading "Azure AD Connect v2.0.9.0 fixes a Password Hash Synchronization bug"

How to check if Azure AD has processed the hybrid authentication method change

Many organizations with Azure AD tenant are currently transitioning from federation to Pass-through Authentication (PTA) and/or authentication based on Password Hash Synchronization (PHS). The Staged Roll-out feature is a straight-forward way to perform this transition. Microsoft has described how to migrate from federation to cloud authentication in Azure Active Directory using this feature. Note: In … Continue reading "How to check if Azure AD has processed the hybrid authentication method change"

Version 1.1.582.0 of the Azure AD Connect Provisioning Agent prevents MitM attacks towards Domain Controllers (CVE-2021-36949)

This weekend, Microsoft released a new version of the Azure AD Connect Provisioning Agent. Version 1.1.582.0 addresses an authentication bypass vulnerability that is present in all previous versions of the agent. About the vulnerability An attacker can successfully perform a Meddle-in-the-Middle (MitM) attack between Windows Server installations running Azure AD Connect Provisioning Agents and Active … Continue reading "Version 1.1.582.0 of the Azure AD Connect Provisioning Agent prevents MitM attacks towards Domain Controllers (CVE-2021-36949)"

Two new Azure AD Connect versions were released to prevent MitM attacks towards Domain Controllers (CVE-2021-36949)

Today, Microsoft released two new Azure AD Connect version to address an authentication bypass vulnerability in Azure AD Connect.   About the vulnerability An attacker can successfully perform a Meddle-in-the-Middle (MitM) attack between Azure AD Connect server(s) and Active Directory Domain Controller(s). The attacker would merely need to possess domain user credentials to be able … Continue reading "Two new Azure AD Connect versions were released to prevent MitM attacks towards Domain Controllers (CVE-2021-36949)"

KnowledgeBase: In-placing upgrading Windows Server for an Azure AD Connect installation is not supported

With the release of Azure AD Connect v2, many Hybrid Identity admins find themselves with Windows Server 2012 and Windows Server 2012 R2 installations with Azure AD Connect v1 installations. As Azure AD Connect v2 does not support installation on these Operating Systems, Microsoft urges these admins to perform an Azure AD Connect swing migration. … Continue reading "KnowledgeBase: In-placing upgrading Windows Server for an Azure AD Connect installation is not supported"

Five Things You should know about Azure AD Connect version 2

Last week, Microsoft released the first version in the 2,0 branch of Azure AD Connect: v2.0.3.0. There are a couple of things that you should be aware of with this version. I’m sharing them with you in this blogpost. Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes … Continue reading "Five Things You should know about Azure AD Connect version 2"

Azure AD Connect version 2.0.3.0 is here

It’s time for a new version of Azure AD Connect to incorporate Microsoft’s lessons learned and distribute the fixes Microsoft made to the larger public. Yesterday, Microsoft released the first version in the 2.x branch of Azure AD Connect: v2.0.3.0 Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their … Continue reading "Azure AD Connect version 2.0.3.0 is here"

HOWTO: Determine if you can remove SQL Server Express after uninstalling Azure AD Connect

When you uninstall Azure AD Connect, you are presented with the below screen. This screen provides an option to uninstall the following supporting components: Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 Express LocalDB   Azure AD Connect comes with a SQL Server Express LocalDB installation … Continue reading "HOWTO: Determine if you can remove SQL Server Express after uninstalling Azure AD Connect"

KnowledgeBase: You cannot uninstall Azure AD Connect from Programs and Features

Sometimes, the configuration of Azure AD Connect goes wrong and stops. Azure AD Connect can end up in a state where you can no longer recover. Alas, in these cases uninstallation may also not be an option… or so it seems.   The situation Azure AD Connect is installed on a Windows Server installation, but … Continue reading "KnowledgeBase: You cannot uninstall Azure AD Connect from Programs and Features"

KnowledgeBase: You cannot manage the Desktop SSO feature with the Hybrid Identity Administrator role

On March 19th, 2021, Microsoft introduced Azure AD Connect version 1.6.2.4 to incorporate the lessons learned and distribute the fixes Microsoft made to the larger public. As part of its version release history, Microsoft added the following line to the release notes for this version: Azure AD Connect now supports the Hybrid Identity Administrator role … Continue reading "KnowledgeBase: You cannot manage the Desktop SSO feature with the Hybrid Identity Administrator role"