Share via

Azure Cloud Sync Upgrade Questions

DrawingLettuce 0 Reputation points
2024-07-29T22:30:31.44+00:00

I'm attempting to upgrade and\or migrate from Azure AD Connect version 1.4.38.0 but I'm confused about the the procedure or even what I should be installing. Currently, 1.4.38.0, lives on a server which is targeted for retirement. I understand that Entra Connect Sync 1.x versions are unsupported and the Microsoft kb states that "synchronization does not function", however, according to my Azure Cloud Sync blade, my sync status is healthy.

If I check my Cloud Sync>configurations Audit logs, I can see that the sync is initiated by "Azure AD Cloud Sync". Periodically (roughly once per week), the logs show failures which suggest I check the "Azure AD Connect Provisioning Agent". I can confirm the "Azure AD Connect Provisioning Agent" is running. The server "Azure AD Connect Provisioning Agent" version is 1.1.1373.0

My goal is to add an agent to another server or move the the sync agent to a new server in preparation for retiring the old server. I believe we could use Cloud Sync although Entra Connect may be a better experience for my end users. Currently, our pc's are azure ad joined but access network shares on servers which are AD joined. Typically, this involves authenticating once and caching the ad creds on each pc so that users can access the network shares. If we were to move to a Hybrid join, each pc would be connected to both AD and Azure AD, which would provide a smoother SSO experience. However, Entra Connect would be required and may require more complex config.

Thoughts?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,132 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Navya 12,325 Reputation points Microsoft Vendor
    2024-07-31T06:35:52.87+00:00

    Hi @DrawingLettuce

    Thank you for posting this in Microsoft Q&A.

    Yes, All Microsoft Entra Connect Sync 1.x versions are unsupported, and synchronization does not function. Versions of Microsoft Entra Connect Sync 2.x retire 12 months from the date that a newer version is released.

    Continuous enhancements are made to Microsoft Entra Connect, including security fixes, bug resolutions, and improvements in serviceability, performance, and scalability. Ensuring your servers are updated with the latest releases of Microsoft Entra Connect is crucial. So, I suggested instead of upgrading to the latest version of Microsoft Entra Connect, use cloud sync. Azure AD Cloud Sync is the next generation of sync tools to provision users and groups from AD into Azure AD. It features a lightweight agent and is fully managed from the cloud, and it upgrades to newer versions automatically, so you never have to worry about upgrading again.

    Regarding your goal of moving to a Hybrid join, it's important to note that Entra Connect would be required for this. Entra Connect provides a smoother SSO experience for users who need to access network shares on AD-joined servers. In this situation, I would recommend opting for Entra Connect.

    To add an agent to another server or move the sync agent to a new server

    You should upgrade the existing current EntraConnect version to the latest for your server version.

    For your reference: Microsoft Entra Connect: Version release history

    A similar inquiry on the Microsoft Q&A platform may be useful for migrating Azure AD Connect to a new server: https://learn.microsoft.com/en-us/answers/questions/1287797/how-to-migrate-azure-ad-connect-to-a-new-server

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.