Azure AD Connect – A new major version is available and there are few things you need to know

imageIf you are using Office 365 and/or Azure AD and have an on-premises Active Directory, you already know that you can synchronize your on-premises directory with Azure AD using Azure AD Connect.

As you may already be using Azure AD Connect, you (should) also know that you need to keep up with the Azure AD Connect version to take advantages of all new capabilities and be in an optimal configuration is case you need support.

Well, Microsoft has released a new major version of Azure AD Connect ( – available for download here

But before you jump upgrading your AAD Connect instance, here are few things you need to know as it may require more than just upgrading your AAD Connect instance:

  • This version is only available for download; it is not available for auto upgrade
  • The LocalDB components used by AAD Connect have been upgrade to SQL Server 2019
  • Due to this upgrade, the minimum server version becomes Windows Server 2016 (hence not available for auto upgrade and you may have to upgrade your OS)
  • TLS 1.2 has been enforced (see; which means if you did not had enabled TLS 1.2 on your server, you will get an error during the install/upgrade process and this will not continue until TLS 1.2 is enabled
  • You can use the new Set-ADSyncToolsTls12 cmdlets to enable TLS 1.2
  • There is no longer a need to use a global administrator to setup AAD Connect, you can now use the Hybrid Identity Administrator role; however if you enable the Self Service Password Reset you still need to use a global administrator account
  • PowerShell 5.0 or newer is required to install AAD Connect; don’t worry this is part of Windows Server 2016 or later
  • 2 new AD attributes are enabled for syncing:
    • employeeType
    • employeeHireDate
  • You can now check the AAD Connect version you have installed from the M365 administration portal (


Happy upgrade