Four issues have been identified with the below version of Azure AD Connect.
Please upgrade to Azure AD Connect 126.96.36.199 instead of version 188.8.131.52. More information
This week, Microsoft released a new version of Azure AD Connect.
While the previously reported releases for Azure AD Connect were minor versions in the 1.0.9x branch, this version, dubbed the February 2016 release, is from baureihe 1.1.1y.
This is the much anticipated big release of Azure AD Connect and it’s filled with quite some new features:
When you install Azure AD Connect and use the Default Settings, you can now benefit from the Automatic upgrade feature.
Just like Azure AD Connect Health was automatically enabled with the previous version of Azure AD Connect, the Automatic upgrade feature is enabled by default in the following situation:
- Express settings installation
- Using SQL Express LocalDB , which is what Express settings will always use
- The AD account is the default MSOL_ account created by Express settings
- Have less than 100,000 objects in the metaverse
MFA for the Global Admin account during first pass
Multi-factor Authentication (MFA) for accounts helps you keep them secure. Starting with this version you can use Azure Multi-factor Authentication (MFA) and Privileged Identity Management (PIM) for the Global Admin account that you specify during the installation wizard. Of course, you might need to open up some more outbound Internet traffic for the Windows Server running Azure AD Connect, to make this work in locked-down environments.
Domain and OU Filtering during first pass
While previous versions of Azure AD Connect allowed you to specify a group for which its direct members would synchronize between the on-premises Active Directory Domain Services environment(s) and Azure Active Directory, now you can optionally select Active Directory domains and Organizational Units (OUs) to synchronize (without needing to fiddle in the Sync Services management console):
This also allows connecting to forests where not all domains are available.
Change the user’s sign-in method at second passes
With Azure AD Connect versions prior to this version, there was no way to change the way users sign-in from Azure AD Connect after the initial installation and configuration. To achieve this with previous versions, you needed to delete the entire configuration and start from scratch or from a modified export.
Now, when you run Azure AD Connect again, and thus enter the Second Pass mode, you can change the sign-in behavior for synchronized user accounts.
Scheduler is now part of the sync engine
Azure AD Connect installations in the 1.0.9.x branch, used task scheduler (and a local account) to kick off the synchronization run profiles for users and attributes (other than passwords) every 3 hours.
Starting with this version, Azure AD Connect’s sync services control the schedule. By default Azure AD Sync Services will now sync every 30 minutes.
A neat feature of the new scheduler is that you can now use Windows PowerShell to kick-off synchronization manually. We say goodbye to DirectorySyncClientCmd.exe.
Additionally, three issues were fixed with version 184.108.40.206:
- The verify DNS domains page didn't always recognize the domains.
- Prompts for domain admin credentials when configuring Active Directory Federation Services (AD FS) .
- The on-premises AD accounts are not recognized by the installation wizard if located in a domain with a different DNS tree than the root domain.
Features out of preview
With version 1.1.1y of Azure AD Connect, the following two features of Azure AD Connect and Azure AD Sync Services are now out of preview:
This is version 220.127.116.11 of Azure AD Connect.
If you feel your organization experiences some of the issues fixed with this release, you can download and in-place upgrade your Azure AD Connect implementation.
Of course, before implementing any new major version of a tool you rely on, make sure you can restore a backup of the situation you're replacing.
Azure AD Connect 1.0.9131 is here
A new version of Azure AD Connect was released today
Ten things you should know about Azure AD Connect and Azure AD Sync Hashing Password hashes in Azure AD Connect and Sync per scenario