Azure AD Connect – You can now update ADFS certificate, change the Source Anchor and grant SendOnBehalf permissions

After installing the latest version of Azure AD Connect (1.1.553.0), you will have the ability to update use it to update your ADFS Certificate (if you use AAD Connect to configure ADFS) as well as the ability to change the Source Anchor without having to reinstalling.

Also a good news for Exchange Hybrid configuration, the cloudPublicDelegates attribute is getting written back to On Premises AD, allowing you to grant SendOnBehalf permission to On Premises mailboxes (the new rule is called “Out to AD – User Exchange Hybrid publicDelegates writeback”)

image

If you choose to change the Source Anchor, the wizard will automatically change it to use msDS-ConstitencyGUID; which is recommended.

imageimage

NOTE if you performed an upgrade of an existing instance, you may got a notification at the end of the upgrade process to tell you to run again the wizard to switch your Source Anchor

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.