This, week, the Azure AD Connect team made the following announcement on the Azure AD Connect: Version release history page:

Starting on November 1st, 2020, we will begin implementing a deprecation process whereby versions of Azure AD Connect that were released more than 18 months ago will be deprecated. At that time we will begin this process by deprecating all releases of Azure AD Connect with version 1.3.20.0 (which was released on 4/24/2019) and older, and we will proceed to evaluate the deprecation of older versions of Azure AD Connect every time a new version releases.

You need to make sure you are running a recent version of Azure AD Connect to receive an optimal support experience.

If you run a deprecated version of Azure AD Connect you may not have the latest security fixes, performance improvements, troubleshooting and diagnostic tools and service enhancements, and if you require support we may not be able to provide you with the level of service your organization needs.

If you have enabled Azure AD Connect for sync you will soon automatically begin receiving Health notifications that warn you about upcoming deprecations when you are running one of the older versions.

Please refer to this article to learn more about how to upgrade Azure AD Connect to the latest version.

Let’s dissect this news:

Optimal support experience

Two and a half years ago, Microsoft deprecated old versions of Azure AD Connect, Azure AD Sync and DirSync. This deprecation cycle is nothing new. It needs to happen to allow the team to focus on a handful of releases, instead of the nearly forty releases that have been released in the meantime.

The optimal support experience means that Microsoft can reproduce an error or vulnerability you or your organization may experience and provide an answer, workaround, mitigation or a solution. Obviously having to maintain a lot of versions of Azure AD Connect takes time. With a lot of supported versions, a product team is bogged down and resources cannot be spent towards new versions and quality control. This hinders adoption of the product. Within Microsoft this might lead to a situation where the product team loses resourced, because with low adoption perhaps it’s not something that organizations need…

Automatic Upgrades

When talking about the support experience, I feel it’s also important to talk about the Automatic Upgrades feature in Azure AD Connect. Automatic Upgrades for Azure AD Connect are only supported in supported configurations. Many configurations have been enabled for automatic upgrades in recent versions of Azure AD Connect, although a couple of configuration scenarios are not supported. Running Azure AD Connect with a Microsoft SQL Server (cluster) back-end is probably the biggest blocker at this moment for many organizations.

The big take-away of Automatic Upgrades is that they only work for supported configurations. This means that on unsupported platforms and for no longer supported Azure AD Connect versions, enabling Automatic Upgrades to remedy the situation is not part of the solution; you’re in an unsupported configuration.

Running an unsupported Azure AD Connect version, means staying on that unsupported version, until you perform a swing migration to a new Azure AD Connect version following the steps in our release management process for Azure AD Connect.

Azure AD Connect Health

Luckily, Azure AD Connect Health will send you notifications when running an unsupported version of Azure AD Connect, right?

Well… yes. If you have at least one Azure AD Premium P1 subscription license assigned to an Azure AD account with Global administrator privileges. That’s a big ‘if’,

Azure AD Connect releases

Microsoft has recently decided on a new release numbering scheme. Before October 2018, new versions were minor releases in the 1.1.x.0 branch of releases. In FY 2019, the team introduced new functionality every 5-6 months in an initial release of a major version (versions 1.2.65.0, 1.3.20.0 and 1.4.18.0) and then remediating problems organizations have with minor releases in the same branch.

When Microsoft continues this numbering scheme, we can expect a new version of Azure AD Connect this spring (probably a version 1.5.x.0), and another version in fall (perhaps a version 1.6.x.0).

I interpret the word ‘releases’ in the above statement as versions that have been released for download, but it doesn’t really matter; the product team is already showing leniency:

1. When version 1.6.x.0 is released in the November 2020 timeframe, version 1.3.20.0 should be deprecated immediately, because it is older than 18 months (it was released on April 24th, 2019). However, the latest build in this branch (v1.3.21.0) was released on May 14th, 2019. It was a security release.
2. Azure AD Connect versions 1.2.x.0 is deprecated, because its latest release, released for download on December 18th, 2018, was version 1.2.70.0. On November 1st, 2020, it’ll be almost 2 years old.
3. Azure AD Connect versions in the 1.1.8xx.0 branch becomes unsupported. Its first release (v1.1.819.0) was released on May 14th, 2018 and its last version (v1.1.882.0) was released on September 7th, 2018. It’ll be over 2 years (almost 26 months) old on November 1st, 2020.
4. The latest release in the 1.1.7xx.0 branch of Azure AD Connect and all releases before that become unsupported. Version 1.1.751.0 was released on April 4th, 2018.

Concluding

As a consultant, I’m happy that the Azure AD Connect team is drawing a line in the sand. I thinks its being proactive to announce an 18-month support timeframe for the tool that is used by almost every organization to synchronize objects and their attributes to Azure AD.

I feel it’ll be interesting to see what the definition of a release is to the Azure AD Connect team (first version of a branch released for download, last version in a branch released for download, last version of a branch). This will make the difference in May 2021 for the support of version 1.4.x.0.

As always, I’m interested in new versions of Azure AD Connect and the problems they solve for my customers.