Be honest, how often do you check the software versions on your Azure AD connect server? I have to admit, Exchange is not an issue, this is updated regularly, but Azure AD Connect is a different story. At the moment of writing my Azure AD Connect version is running 220.127.116.11 (installed on December 31, 2019 so more than 6 months ago) while version 18.104.22.168 is already available for some time now (source: Azure AD Connect: Version release history). And although Azure AD Connect supports auto upgrade (Check with the Get-ADSyncAutoUpgrade cmdlet), not all updates of Azure AD Connect support auto upgrade and thus need to be upgraded manually.
It is important to have a look at the versions of Azure AD Connect, I was bit surprised (but can totally understand) to read the following on the Microsoft site:
“Starting on November 1st, 2020, we will begin implementing a deprecation process whereby versions of Azure AD Connect that were released more than 18 months ago will be deprecated. At that time we will begin this process by deprecating all releases of Azure AD Connect with version 22.214.171.124 (which was released on 4/24/2019) and older, and we will proceed to evaluate the deprecation of older versions of Azure AD Connect every time a new version releases.”
You can download the latest versions of Azure AD Connect from https://www.microsoft.com/en-us/download/details.aspx?id=47594. After starting the Azure AD Connect package, enter the global tenant admin credentials and follow the wizard.
The upgrade should be finished in a minute or two.
Starting with Azure AD Connect version 126.96.36.199 Microsoft implemented the Azure AD Connect sync V2 endpoint API (public preview) which will improve performance to Azure AD synchronization. You can enable the new endpoint using the following commands in a PowerShell window on the Azure AD Connect server (elevated permissions):
Set-ADSyncScheduler -SyncCycleEnabled $false Import-Module 'C:\Program Files\Microsoft Azure AD Sync\Extensions\AADConnector.psm1' Set-ADSyncAADConnectorExportApiVersion 2 Set-ADSyncAADConnectorImportApiVersion 2 set-ADSyncScheduler -SyncCycleEnabled $True
In the first screenshot you can also see the Azure AD Password Protection proxy. This was installed on December 17, 2019 and the version installed is 188.8.131.52. This is also the latest version, which you can check on Azure AD Password Protection agent version history.
The Azure AD Password Protection proxy also supports auto upgrade, you can check the settings using the Get-AzureADPasswordProtectionProxyConfiguration cmdlet on the Azure AD Connect server.
- Azure AD Connect: Version release history – https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history
- Azure AD Connect sync V2 endpoint API (public preview) – https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-endpoint-api-v2
- Plan and deploy on-premises Azure Active Directory Password Protection – https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy
- Azure AD Password Protection agent version history – https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-agent-versions