We use cookies on this page to better serve you. You can find more information about cookies here.

Upgrade Azure AD Connect to Entra Connect Sync

Upgrade Azure AD Connect to Entra Connect Sync
by
Upgrade Azure AD Connect to Entra Connect Sync

With the upcoming retirement of the MSOnline PowerShell module, Microsoft created a new version of Azure AD Connect, which is now rebranded as Entra Connect Sync.

In this post, I will show step-by-step how to manually upgrade Microsoft Azure AD Connect to Microsoft Entra Connect Sync.

Prerequisites

  • Local admin rights on the Azure AD Connect Server.
  • Member of ADSyncAdmins.
  • Account with the Hybrid Identity Administrator or Global Administrator role.
  • IE Enhanced Security Configuration turned off.
  • .NET Framework 4.7.2 or higher

TLS 1.2

With the new version of Microsoft Entra Connect, TLS 1.2 is now mandatory. We will check if TLS 1.2 is enabled and enable it if needed.

Checking TLS 1.2

  • Connect to your Azure AD Connect server.
  • Open PowerShell ISE as administrator.

If your output looks like the image below, then you are all set.

TLS 1.2 is enabled.

If you get an output that says the value is not found, then you need to enable TLS 1.2.

TLS 1.2 is not enabled.

Enabling TLS 1.2

You will see an output similar to the image below.

  • Reboot the server so the changes take effect.

Auto Upgrade

Typically, the auto upgrade option for Azure AD Connect helps keep it up to date. However, I’ve seen multiple setups where Azure AD connect was only auto-upgraded to 2.3.6.0, which was released in February of 2024.

An important item about Azure AD Connect and Entra Connect Sync is that not every version is an auto-upgrade release. Version 2.4.129.0 is a version marked as an auto-upgrade release, but I haven’t seen any servers upgrade from 2.3.6.0 to 2.4.129.0, and if you check the event logs. There’s nothing about it, not even trying to auto-upgrade. It’s just radio silence.

Strangely, the auto-upgrade isn’t even triggering on one of the servers I looked at. I know auto upgrades work because that server has completed previous auto upgrades.

Manual Upgrade

Given that the auto-upgrade is not working, we will do a manual in-place upgrade.

Backup

Typically, manual upgrades work without any issues. However, it’s always good to have a backup. We will export our Azure AD Connect settings to a JSON file that we can use to rebuild everything on a new server if needed.

  • Open Azure AD Connect.
  • Click on Configure.
  • Select View or export current configuration and click on Next.
  • Click on Export Settings.
  • Select a location to save the exported settings.
  • Click Exit.

The exported JSON backup file will contain your Domain and OU filtering and sync rules.

Upgrading

  • Start the installer for the new version of Microsoft Entra Connect Sync.
  • Wait for Entra Connect Sync to finish installing.
  • Click on Upgrade to start the in-place upgrade process.
  • Provide an Entra ID Hybrid Identity Administrator or Global Administrator account and click Next.
  • Click Upgrade to start the upgrade.
  • Wait while everything is configured.
  • Now that everything is completed click Exit.

Summary

That’s all it takes to manually upgrade from Azure AD Connect to Entra Connect Sync.

If you want to read more about the in-place upgrade process from Azure AD Connect to Microsoft Entra Connect, here is the Microsoft documentation.

Related posts:

Azure AD Connect 2.0 Won’t Start Default ThumbnailAzure IP Downloader v1 Cloudflare Access IdP with Entra ID Entra Application Proxy
IT
Azure ADAzure AD ConnectEntra Connect SyncEntra IDHow ToMicrosoftUpdateUpgrade
PoE and LLDP
Previous post

Leave a comment

Your email address will not be published. Required fields are marked *

theDXT on GitHub
theDXT on X (Twitter)
theDXT on YouTube