Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID and through the Microsoft 365 Message Center, Microsoft communicated the following planned, new and changed functionality for Entra ID for December 2023:
Decommissioning of Group Writeback V2 in Entra Connect Sync
Service category: Provisioning
Product capability: Entra Connect Sync
The public preview of Group Writeback V2 in Entra Connect Sync will no longer be available after June 30, 2024. After this date, Entra Connect Sync will no longer support provisioning cloud security groups to Active Directory.
Another similar functionality is offered in Entra Cloud Sync, called Group Provision to AD, that maybe used instead of Group Writeback V2 for provisioning cloud security groups to Active Directory. Enhanced functionality in Entra Cloud Sync, along with other new features, are being developed.
Organizations who use the preview Group Writeback V2 feature in Entra Connect Sync should switch their configuration from Connect Sync to Cloud Sync. Organizations may choose to:
- Move all their hybrid sync to Entra Cloud Sync (if it supports their needs), or
- Have Entra Cloud Sync run side-by-side and move only cloud security group provisioning to Active Directory onto Entra Cloud Sync.
Organizations who provision Microsoft 365 groups to Active Directory may continue using Group Writeback v1 for this capability.
Configurable redemption order for B2B collaboration Public Preview
Service category: Business to Business (B2B) collaboration
Product capability: External ID
With configurable redemption, admins can customize the order of identity providers that guest users can sign in with when they accept an invitation. This lets organizations override the default configuration order set by Microsoft and use your organization's. This can be used to help with scenarios like prioritizing a SAML/WS-fed federation above an Entra ID verified domain, disabling certain identity providers as an option during redemption, or even only using something like email one-time pass-code as a redemption option.
Edits to Dynamic Group Rule Builder General Availability
Service category: Group Management
Product capability: Directory
The dynamic group rule builder has been updated to no longer include the 'contains' and 'notContains' operators, as they're less performant. If needed, admins can still create dynamic group rules with those operators by typing directly into the text box.