Ensuring you upgrade Azure AD Connect to the latest version is an important part of your security posture. But not only will it fix known vulnerabilities within the code, but it may also provide you with a wealth of new features to help you improve your infrastructure. In this post, we are going to walk through upgrading Azure AD Connect to the latest version.
Which version of Azure AD Connect am I running?
Knowing which version you are running is important as it will help you understand if you need to upgrade Azure AD Connect. Luckily it is easy to find out this information. For this, we are going to use PowerShell! I will also advocate the use of PowerShell, it is a powerful tool that always impresses future employers.
(Get-ADSyncGlobalSettings).Parameters | select Name,Value
If you wish to learn some other great PowerShell commands you can use to manage Azure AD Connect, check out our post here: The Azure AD Connect Powershell Commands You Should Know.
What is the latest version of Azure AD Connect?
Like with all Microsoft software, Azure AD Connect is constantly being updated by a team of staff at Microsoft to keep it secure and provide end-users with the best possible experience. You can view the latest version of Azure AD Connect at the following link: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history.
The above link will provide you with important information on Azure AD Connect such as its compatibility with different Windows operating system versions and also release notes for each version. It is important you do read the release notes for each version as you can also guarantee an obscure bug may or may not affect your production system.
Where can I download the latest version of Azure AD Connect?
As you are installing software downloading from the internet to your production systems, it is vital that you only download Azure AD Connect from the single official download source. That is the Microsoft website. You can download the latest version at this link: https://www.microsoft.com/en-us/download/details.aspx?id=47594. On there you will be given details on the current version you are downloading, system requirements for the server you will be installing on and installation instructions also.
How to upgrade Azure AD Connect
There are 2 methods of upgrading Azure AD Connect I want you to be interested in.
Auto Upgrade – This feature, when turned on, will automatically upgrade Azure AD Connect to the latest version after running an eligibility check on your system. I highly recommend this feature is turned OFF. You can check the status of this feature with the following command.
Get-ADSyncAutoUpgrade
If you find that AD Sync Auto Upgrade is enabled in your environment, you can turn it off with the following command.
Set-ADSyncAutoUpgrade -AutoUpgradeState Disabled
In-place Upgrade – This is the preferred upgrade procedure as it simply involves downloading the latest version and running the install over the top of the previous version manually. This means you can do all the due diligence prior to the upgrade yourself.
Once you have downloaded the latest version, simply run the downloaded file and you will be presented with the following screen.
Simply click upgrade and sign in with your Azure AD credentials. Then on the last page click configure and it will handle everything else for you. Once you have completed the upgrade and full synchronisation will be run immediately after. If you wish to defer the full sync after the upgrade you can uncheck the box on the final screen which states Start the synchronisation process when the configuration completes.