As announced about a month ago (see https://t.co/OSCGCkdwMl), the new Azure Active Directory Connect (AAD Connect), the directory synchronization tool, is finally here.
You can get it from https://go.microsoft.com/fwlink/?LinkId=615771
The complete list of new feature and bug fixes as below:
New features and improvements
- Add support for Domain Refresh
- Exchange Mail Public Folders feature goes GA
- Improve wizard error handling for service failures
- Added warning link for old UI on connector properties page
- The Unified Groups Writeback feature is now GA
- Improved SSPR error message when the DC is missing an LDAP control
- Added diagnostics for DCOM registry errors during install
- Improved tracing of PHS RPC errors
- Allow EA creds from a child domain
- Allow database name to be entered during install (default name ADSync)
- Upgrade to ADAL 3.19.8 to pick up a WS-Trust fix for Ping and add support for new Azure instances
- Modify Group Sync Rules to flow samAccountName, DomainNetbios and DomainFQDN to cloud – needed for claims
- Modified Default Sync Rule Handling
- Added a new agent running as a windows service. This agent, named “Admin Agent”, enables deeper remote diagnostics of the Azure AD Connect server to help Microsoft Engineers troubleshoot when you open a support case. This agent is not installed and enabled by default. For more information on how to install and enable the agent see What is the Azure AD Connect Admin Agent?
- Updated the End User License Agreement (EULA)
- Added auto upgrade support for deployments that use AD FS as their login type. This also removed the requirement of updating the AD FS Azure AD Relying Party Trust as part of the upgrade process
- Added an Azure AD trust management task that provides two options: analyze/update trust and reset trust
- Changed the AD FS Azure AD Relying Party trust behavior so that it always uses the -SupportMultipleDomain switch (includes trust and Azure AD domain updates)
- Changed the install new AD FS farm behavior so that it requires a .pfx certificate by removing the option of using a pre-installed certificate
- Updated the install new AD FS farm workflow so that it only allows deploying 1 AD FS and 1 WAP server. All additional servers will be done after initial installation
Fixed issues
- Fix the SQL reconnect logic for ADSync service
- Fix to allow clean Install using an empty SQL AOA DB
- Fix PS Permissions script to refine GWB permissions
- Fix VSS Errors with LocalDB
- Fix misleading error message when object type is not in scope
- Corrected an issue where installation of Azure AD PowerShell on a server could potentially cause an assembly conflict with Azure AD Connect
- Fixed PHS bug on Staging Server when Connector Credentials are updated in the old UI
- Fixed some memory leaks
- Miscellaneous Autoupgrade fixes
- Miscellaneous fixes to Export and Unconfirmed Import Processing
- Fixed a bug with handling a backslash in Domain and OU filtering
- Fixed an issue where ADSync service takes more than 2 minutes to stop and causes a problem at upgrade time