Azure AD Connect v1.3.20.0 offers the next level of identity synchronization

Last week, Microsoft released the long impending release of Azure AD Connect version on the Azure AD Connect Version Release History page. Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory.



The highlights for this release are two new Generally Available features: Exchange Mail Public Folders and the Unified Groups Writeback feature.

This release is not yet made available for Auto Upgrades of Azure AD Connect, but new installations and manual upgrades can be performed using the release


What’s New

  • Add support for Domain Refresh
  • Exchange Mail Public Folders feature goes GA
  • Improve wizard error handling for service failures
  • Added warning link for old UI on connector properties page.
  • The Unified Groups Writeback feature is now GA
  • Improved SSPR error message when the DC is missing an LDAP control
  • Added diagnostics for DCOM registry errors during install
  • Improved tracing of PHS RPC errors
  • Allow EA creds from a child domain
  • Allow database name to be entered during install (default name ADSync)
  • Upgrade to ADAL 3.19.8 to pick up a WS-Trust fix for Ping and add support for new Azure instances
  • Modify Group Sync Rules to flow samAccountName, DomainNetbios and DomainFQDN to cloud – needed for claims
  • Modified Default Sync Rule Handling – read more here.
  • Added a new agent running as a windows service. This agent, named “Admin Agent”, enables deeper remote diagnostics of the Azure AD Connect server to help Microsoft Engineers troubleshoot when you open a support case. This agent is not installed and enabled by default. For more information on how to install and enable the agent see What is the Azure AD Connect Admin Agent?.
  • Updated the End User License Agreement (EULA)
  • Added auto upgrade support for deployments that use AD FS as their login type. This also removed the requirement of updating the AD FS Azure AD Relying Party Trust as part of the upgrade process.
  • Added an Azure AD trust management task that provides two options: analyze/update trust and reset trust.
  • Changed the AD FS Azure AD Relying Party trust behavior so that it always uses the -SupportMultipleDomain switch (includes trust and Azure AD domain updates).
  • Changed the install new AD FS farm behavior so that it requires a .pfx certificate by removing the option of using a pre-installed certificate.
  • Updated the install new AD FS farm workflow so that it only allows deploying 1 AD FS and 1 WAP server. All additional servers will be done after initial installation.


Whats Fixed

  • Fixed the SQL reconnect logic for ADSync service
  • Fixed to allow clean Install using an empty database in a SQL Server Always On Availability group
  • Fixed PowerShell Permissions script to refine Group Writeback permissions
  • Fixed VSS Errors with LocalDB
  • Fixed misleading error message when object type is not in scope
  • Corrected an issue where installation of Azure AD PowerShell on a server could potentially cause an assembly conflict with Azure AD Connect
  • Fixed PHS bug on Staging Server when Connector Credentials are updated in the old UI
  • Fixed some memory leaks
  • Miscellaneous Autoupgrade fixes
  • Miscellaneous fixes to Export and Unconfirmed Import Processing
  • Fixed a bug with handling a backslash in Domain and OU filtering
  • Fixed an issue where ADSync service takes more than 2 minutes to stop and causes a problem at upgrade time.


Version information

This is version of Azure AD Connect.
The first release in the 1.3 branch for Azure AD Connect was signed off on on March 25th, 2019.It was made available for download on April 24th, 2019



You can download Azure AD Connect here.
The download weighs 90,1 MB.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.