ConvertTo-ADSyncToolsAadDistinguishedNameĪzure AD Connect now uses the V2 endpoint for import and export.ConvertFrom-ADSyncToolsAadDistinguishedName. ![]() These eighteen cmdlets have been added or updated: Microsoft has revamped the ADSyncTools Windows PowerShell module with several new and improved cmdlets. New and improved Windows PowerShell Cmdlets If for a user the password is set to User must change password at next logon then this status is synchronized to Azure AD, and when the user attempts to sign in in Azure AD they will be prompted to reset their password. Passwords will now be reevaluated when the password last set value is changed, regardless of whether the password itself is changed. The parameter SkipAdminSdHolders is changed to IncludeAdminSdHolders for the Cmdlets in the ADSyncConfig.psm1 Windows PowerShell module. Microsoft no longer applies permissions on the AdminSDHolder object in Active Directory, following Windows security guidance. ![]() Azure AD Connect provides importing of the on-premises service principal object into Azure AD. To use the Azure AD Kerberos Feature, admins need to register an on-premises service principal name into Azure AD. The Azure AD Kerberos Feature is now supported for the MSAL library. Microsoft has removed the older ADAL library, which will be retired in 2022. ![]() This release uses the MSAL library for authentication. You no longer need the Global Administrator role for this. With this release, you can use a user with the user role “Hybrid Identity Administrator” to authenticate when you install Azure AD Connect. TLS 1.2 must be enabled on the server for the installation or Azure AD Connect to succeed. Microsoft has added two new Cmdlets to the ADSyncTools Windows PowerShell module to enable or retrieve TLS 1.2 settings from the Windows Server.Īdmins can use these cmdlets to retrieve the TLS 1.2 enablement status, or set it as needed. If TLS 1.2 is not enabled on the server admins will see an error message when attempting to install Azure AD Connect and the installation will not continue until you have enabled TLS 1.2.Īdmins can use the new Set-ADSyncToolsTls12 Windows PowerShell Cmdlet to enable TLS 1.2 on the Windows Server installation. If admins have enabled their Windows Server installations for TLS 1.2, Azure AD Connect will use this protocol. In this release, Microsoft enforces the use of TLS 1.2. Note that this version is part of Windows Server 2016 and newer. This release of Azure AD Connect requires PowerShell version 5.0 or newer to be installed on the Windows Server. ![]() Therefore, this release requires Windows Server 2016 or newer, due to the requirements of SQL Server 2019.Īdditionally, the Visual C++ runtime library has been upgraded to version 14 as a prerequisite for SQL Server 2019. Microsoft has upgraded the LocalDB components of SQL Server to SQL 2019. It is available for download, but not for automatic upgrade. Version 2.0.3.0 is the first release in the 2.x branch of Azure AD Connect. 0Īzure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. Yesterday, Microsoft released the first version in the 2.x branch of Azure AD Connect: v2.0.3. It’s time for a new version of Azure AD Connect to incorporate Microsoft’s lessons learned and distribute the fixes Microsoft made to the larger public.
0 Comments
Leave a Reply. |