Azure AD Connect 1.1.443.0 (March 2017) released

After several versions released during the last months of 2016, there has not been much news about Azure AD Connect. Although Azure AD Connect is still a cornerstone in the integration of on-premises identity platforms with Azure AD, the Identity Team are most certainly putting a major effort in preparing Azure AD pass-through authentication and Azure AD single sign-on for their final release – as well as getting the Azure AD Connect to play nicely with the new authentication options.
Both Azure AD pass-through authentication and Azure AD single sign-on has been in preview since December 2016.

Also, with the new Azure AD Connect v.1.1.443.0 release, we get a longer than usual series of fixes and improvements:

Fixed issues:

Azure AD Connect sync

  • Fixed an issue which causes Azure AD Connect wizard to fail if the display name of the Azure AD Connector does not contain the initial onmicrosoft.com domain assigned to the Azure AD tenant.
  • Fixed an issue which causes Azure AD Connect wizard to fail while making connection to SQL database when the password of the Sync Service Account contains special characters such as apostrophe, colon and space.
  • Fixed an issue which causes the error “The dimage has an anchor that is different than the image” to occur on an Azure AD Connect server in staging mode, after you have temporarily excluded an on-premises AD object from syncing and then included it again for syncing.
  • Fixed an issue which causes the error “The object located by DN is a phantom” to occur on an Azure AD Connect server in staging mode, after you have temporarily excluded an on-premises AD object from syncing and then included it again for syncing.

AD FS management

  • Fixed an issue where Azure AD Connect wizard does not update AD FS configuration and set the right claims on the relying party trust after Alternate Login ID is configured.
  • Fixed an issue where Azure AD Connect wizard is unable to correctly handle AD FS servers whose service accounts are configured using userPrincipalName format instead of sAMAccountName format.

Pass-through Authentication

  • Fixed an issue which causes Azure AD Connect wizard to fail if Pass Through Authentication is selected but registration of its connector fails.
  • Fixed an issue which causes Azure AD Connect wizard to bypass validation checks on sign-in method selected when Desktop SSO feature is enabled.

New features/improvements:

Azure AD Connect sync

  • Get-ADSyncScheduler cmdlet now returns a new Boolean property named SyncCycleInProgress. If the returned value is true, it means that there is a scheduled synchronization cycle in progress.
  • Destination folder for storing Azure AD Connect installation and setup logs has been moved from %localappdata%\AADConnect to %programdata%\AADConnect to improve accessibility to the log files.

AD FS management

  • Added support for updating AD FS Farm SSL Certificate.
  • Added support for managing AD FS 2016.
  • You can now specify existing gMSA (Group Managed Service Account) during AD FS installation.
  • You can now configure SHA-256 as the signature hash algorithm for Azure AD relying party trust.

Get the most recent Azure AD Connect here: https://www.microsoft.com/en-us/download/details.aspx?id=47594

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.