MSEndpointMgr

How to upgrade Azure Active Directory Synchronization tool to Azure Active Directory Connect

Today Microsoft announced that the successor to Azure Active Directory Synchronization tool, Azure Active Directory Connect (Azure AD Connect) is generally available. This new synchronization tool for hybrid environments between on-premise Active Directory and Azure Active Directory includes new features and express settings to setup a synchronization in just a few clicks. You can read more about the announcement made by Microsoft here:
https://blogs.technet.com/b/ad/archive/2015/06/24/azure-ad-connect-amp-connect-health-is-now-ga.aspx?linkId=15101770

New capabilities

Some of the new features that comes with Azure AD Connect is mentioned below (copied from the blog post above):

  • Enable your users to perform self-service password reset in the cloud with write-back to on-premise Active Directory
  • Enable provisioning from the cloud with user write back to on-premise Active Directory
  • Enable write back of Groups in Office 365 to on-premise distribution groups in a forest with Exchange

But what I really think is one the greatest feature is the ability to select a on-premise Active Directory group containing the user accounts that should be synchronized, instead of specifying an Organizational Unit or simply all of the user account. This capability makes it a lot easier to implement in complex environments where all users are not stored in a single OU. Of course you could define the OU and select the ones you wanted, but using a group to determine what user accounts gets synchronized makes more sense to me.

Download Azure AD Connect

You can download Azure AD Connect from Microsoft’s Download Center, on the following link:
https://www.microsoft.com/en-us/download/details.aspx?id=47594

Upgrade to Azure AD Connect

In this blog post I’ll go ahead and upgrade my existing Azure AD Synchronization tool to the new Azure AD Connect.
1. Begin with downloading Azure AD Connect from the link above.
2. Launch the AzureADConnect.msi on the server where you have the Azure AD Synchronization tool installed. Right after you allow the installation to proceed in the UAC prompt, the installation will begin (quite slick, you don’t even have to click Next!).
152_1
3. Once again you’re prompted by UAC to allow a program elevation, this time around it’s AzureADConnect.exe. You’ll see the splash screen for Azure AD Connect and after it has finished loading, the welcome wizard is displayed. Accept the license terms and click Continue.
152_2
4. As shown in the picture below, the wizard has detected that there’s a version of the Azure AD Synchronization tool installed that will be upgraded to Azure AD Connect. During this upgrade phase, synchronization will be temporary disabled until the installation has finished. Click Upgrade.
152_3
5. During the upgrade phase, the wizard will begin with installing required prerequisites, like a new a new version of the Azure PowerShell module and Visual C++ 2013 Redistributable.
152_4
6. Once the prerequisites installation has completed, you’re asked to enter the details for your Azure Active Directory Global Administrator service account used for synchronization purposes. Enter the credentials and click Next.
152_5
7. The wizard will now connect to Azure Active Directory to verify your credentials. If entered correctly, it will start to examine various task.
152_6
8. Once it has completed, you’re taken to the Configure page where you have to option to allow the synchronization to start once the configuration process has completed. Click Upgrade.
152_7
9. The upgrade process will now begin where the installation for example updates synchronization rules and connectors in additional to other tasks.
152_8
10. Once the upgrade is complete, click Exit.
152_9

Verify Upgrade

In the Start screen there’s now a new program called Azure AD Connect.
152_10
This software will let you perform various tasks, like viewing the current configuration of Azure AD Connect, like shown below:
152_11
152_13
In addition you can also:

  • Customize synchronization options
  • Configure staging mode

The Synchronization Service software still looks the same though:
152_13
For the version number of Azure AD Connect, it’s showing up as 1.0.8641.0:
152_14
I hope this helps, and great work Microsoft!

(2678)

Nickolaj Andersen

Chief Technical Architect and Enterprise Mobility MVP since 2016. Nickolaj has been in the IT industry for the past 10 years specializing in Enterprise Mobility and Security, Windows devices and deployments including automation. Awarded as PowerShell Hero in 2015 by the community for his script and tools contributions. Creator of ConfigMgr Prerequisites Tool, ConfigMgr OSD FrontEnd, ConfigMgr WebService to name a few. Frequent speaker at conferences such as Microsoft Ignite, NIC Conference and IT/Dev Connections including nordic user groups.

Add comment

Sponsors