Windows

Azure AD Connect 1.1.880.0 Now Supports Windows Server Essentials 2019 and Can Backup Azure AD trust in AD FS

On August 1st 2018, Microsoft released version V1.1.880.0 of Microsoft Azure Active Directory Connect. Azure AD Connect basically makes it convenient for connecting Office 365 and Azure AD.

The integration of local directories with Microsoft’s Azure AD serves various purposes. It is particularly designed to allow convenience for users by provision of a common identity to access local and cloud resources. With this latest integration organizations and users can also take benefit of:

  • Businesses can now provide users with a common hybrid identity for cloud-based or local services through leverage of Windows Server Active Directory and then connecting it to Azure Active Directory.
  • Administrators can also provide conditional access to users with user and device identity, application resources, multi-factor authentication and network location.
  • With this new integration, users are enabled to share their identity from accounts in Office 365 to Azure AD, third party applications and SaaS applications.
  • It can assist developers in building applications which share a common identity model and can allow integration of applications with on-premises Azure or Active Directory for cloud-based applications.

New Features and Improvements in V1.1.880.0

According to the version history provided on Microsoft’s official page, the following new improvements and features are included in this version:

  • Ping Federate integration is now generally available.
  • Azure AD trust can be backed up now in AD FS each time an update is made. Moreover, it is stored in a separate file for convenient storage when required.
  • Troubleshoot changing primary email address and hiding of account from global address list is made possible.
  • Latest SQL Server 2012 Native Client is now included.
  • When you switch user sign-in to Password Hash Synchronization or Pass-through Authentication in the “Change user sign-in” task, the Seamless Single Sign-On checkbox is enabled by default.
  • Windows Server Essentials 2019 is now supported.
  • The Azure AD Connect Health agent got updated to the latest version 3.1.7.0.
  • In case of any possible changes in default sync rules during an upgrade, the admin will be notified through a warning before the rules are overwritten. The user can thus take corrective action by stopping the upgrade process and resume sometime later.
  • FIPS compliance issue is better handled in the latest version.
  • UI is updated to improve federation tasks in wizard.
  • All federation additional tasks are grouped under a single sub-menu in the latest update for convenience.

Issues Fixed

In the latest update, some issues and bugs have also been fixed:

  • AAD Connect Server showed high CPU usage after upgrading to .Net 4.7.2, now fixed.
  • Error message showing an auto-resolved SQL deadlock issue no longer shown
  • Several accessibility problems for Sync Service Manager and Sync Rules Editor now solved
  • Fixed problem which created issues while the user went forward/backward in wizard
  • Error prevention now possible while incorrect multi thread handing in wizard
  • Permissions for STK and NGC keys (msDS-KeyCredentialLink attribute on User/Device objects for WHfB) now correctly set
  • ‘Set-ADSyncRestrictedPermissions’ now called correctly
  • Support added for permission granting on Group Writeback in AADConnect’s installation wizard
  • When changing sign in method from Password Hash Sync to AD FS, Password Hash Sync now disabled.
  • Added verification for IPv6 addresses in AD FS configuration
  • Updated the notification message to inform that an existing configuration exists
  • Provides a better error message and a link to the appropriate documentation

The full change log can be read here

Close