Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In October 2024, we released new versions 2.4.18.0 of Microsoft Entra Connect Sync. These versions contain a back-end service change that hardens our services and readies Connect Sync for the MSOnline PowerShell retirement in April 2025. All customers are required to upgrade to the minimum versions by April 30, 2025.
Important
All customers are required to upgrade to the minimum versions by April 30, 2025.
The deadline has been extended by three weeks from the earlier communicated date of April 7, 2025.
Expected impacts
Though the deadline has been extended, if you are not yet on a minimum supported version, you'll experience the following impacts after the original date:
- After April 7, 2025, configuration of Active Directory Federation Services (ADFS) scenarios through Microsoft Entra Connect wizard won't work.
- After April 7, 2025, configuration of PingFederate scenarios through the Microsoft Entra Connect wizard won't work.
- After April 30, 2025, all authentication requests to Microsoft Entra ID on the Microsoft Entra Connect wizard will fail. Some of the capabilities that will be impacted include schema refresh, configuration of staging mode and user sign-in changes.
For example, when calling the MSOnline PowerShell cmdlet Get-MsolUserRole, Microsoft Entra Connect wizard throws an error: "Access Denied. You do not have permissions to call this cmdlet"
What won't be impacted
- Your sync service will run as usual, and changes will continue to sync to Microsoft Entra.
- The ability to upgrade your Microsoft Entra Connect Sync instance. You can still perform the upgrade after April 30, 2025.
Note
If you're unable to upgrade by the deadline, you can still restore the impacted functionalities by upgrading to the latest version. You will, however, lose the ability to make changes on the Entra Connect Sync wizard that require user sign in with the Entra ID credentials during the time period between April 30, 2025 and when you upgrade.
Minimum versions
To avoid service impacts, customers should be on version by April 30, 2025.
- Customers in commercial clouds: 2.4.18.0 or any newer version (see version history)
- Customers in noncommercial clouds: 2.4.21.0 or any newer version (see version history)
To upgrade to the latest version.
Important
Make sure you familiarize yourself with the minimum requirements for the versions, including but not limited to:
To assist customers with the upgrade process, we perform autoupgrades for select releases, which can help streamline the upgrade process for you. If you would like to be autoupgraded, ensure you have the autoupgrade feature configured. For autoupgrade to work, ensure that you meet the minimum requirements for autoupgrade.
Workaround for enabling Staging mode post MSOnline retirement
Post the MSOnline retirement date, older versions of Microsoft Entra Connect can’t switch Staging mode via the wizard.
You can safely proceed with the in-place upgrade to fully restore Microsoft Entra Connect functionally, but in case you want to enable Staging mode prior to upgrade your server, the following workaround via PowerShell is available.
Note
The following cmdlet is not supported in PowerShell 7 and only works on older Microsoft Entra Connect versions that have MSOnline module dependencies.
Open a PowerShell session with "Run as administrator".
Run the following commands to import ADSyncTools module. If ADSyncTools is already present, this command updates it, otherwise it installs the latest version.
if (Get-Module -Name ADSyncTools -ListAvailable) {Update-Module -Name ADSyncTools} else {Install-Module -Name ADSyncTools} Import-Module ADSyncToolsTo enable staging mode, type:
Enable-ADSyncToolsStagingModeYou can now upgrade your server while in Staging mode. After the server has been upgraded you can switch staging mode as normally via the wizard and re-enable the sync scheduler.
Consider moving to Microsoft Entra Cloud Sync
If you're eligible, we recommend migrating from Microsoft Entra Connect Sync to Microsoft Entra Cloud Sync. Microsoft Entra Cloud Sync is the new sync client that works from the cloud and allows customers to set up and manage their sync preferences online. We recommend that you use Cloud Sync because we're introducing new features that improve the sync experiences through Cloud Sync. You can avoid future migrations by choosing Cloud Sync if that's the right option for you. Use the https://aka.ms/EvaluateSyncOptions to see if Cloud Sync is the right sync client for you.
See the video below to understand how Cloud sync provides value to your business.
For more information, see What is cloud sync?
Upgrading Microsoft Entra Connect Sync
If you aren't yet eligible to move to Cloud Sync, use this table for more information on upgrading.
| Title | Description |
|---|---|
| Upgrading from a previous version | Information on moving from one version of Microsoft Entra Connect to another |
| Information on deprecation | Information on using a deprecated or unsupported version of Microsoft Entra Connect (some information is applicable to versions that are impacted by a service change) |