Upgrading Azure AD Connect depends on your current setup and goals. Follow these steps to ensure a smooth upgrade process while considering key dependencies.
Step 1: Check Operating System Requirements
Azure AD Connect V2.0 (and later) relies on SQL Server 2019 LocalDB, which is compatible only with Windows Server 2016 or newer.
- If your current version is 1.5.45.0 (or later) and runs on Windows Server 2016 (or newer), you can directly upgrade to the latest version of Azure AD Connect.
- Ensure your system meets these requirements before proceeding.
Step 2: Verify Auto-Upgrade Status
Azure AD Connect includes an auto-upgrade feature that keeps your software updated automatically.
To check if this feature is enabled, run the following command in PowerShell on your Azure AD Connect server:
Step 3: Decide on the Upgrade Method
There are two main approaches to upgrading Azure AD Connect:
- In-Place Upgrade
- Swing Migration
Each method has specific benefits and risks.
How to Perform an In-Place Upgrade
An in-place upgrade allows you to upgrade Azure AD Connect directly on the existing server.
Considerations Before Proceeding:
- Older Azure AD Connect versions often indicate outdated operating systems.
- Azure AD Connect V2.0 (and later) requires Windows Server 2016 or newer.
Risks:
- A failed in-place upgrade can disrupt Azure AD synchronization.
- Custom settings may revert to defaults, so document any configuration changes before starting the process.
Recommendation:
Unless you have a robust backup and recovery plan, a swing migration is often a safer option.
>> Just download the latest version of AD Connect.
>> Install the same and wait till it finish.
>> Do not enable the Sync in the installation.
>> Once the installation finished check the version, If it is upgraded.
>> Open PowerShell and start the sync.
How to Perform a Swing Migration of Azure AD Connect
A swing migration involves setting up a new Azure AD Connect server while maintaining your existing environment as a fallback.
Benefits:
- Clean installation on a new, up-to-date operating system.
- Minimal risk, as the existing setup remains intact during the process.
Steps for Swing Migration:
Export and Document Settings
Export configuration settings from the current Azure AD Connect setup to ensure continuity.
Install the New Azure AD Connect Server
Set up Azure AD Connect on a new server that meets the system requirements.
Apply Exported Configuration
Import the exported configuration file to replicate settings.Enable Staging Mode
Activate staging mode on the new server to test synchronization without impacting the existing server.
Verify Settings
Test the configuration on the new server and ensure all settings are correct.Switch Roles
- Enable staging mode on the old server.
- Disable staging mode on the new server to make it the primary synchronization server.
Test Synchronization
Perform a few changes in your on-premises Active Directory (AD) and verify that synchronization works as expected on the new server.Decommission the Old Server
Once synchronization is confirmed, uninstall Azure AD Connect from the old server or retire it.
Final Notes
A swing migration is the preferred method for most scenarios, offering a safer and more reliable upgrade process. Whether you choose an in-place upgrade or a swing migration, ensure all steps are carefully planned and documented to avoid disruptions.
By following these steps, you can successfully upgrade to the latest version of Azure AD Connect while maintaining a seamless synchronization process.
Leave a Reply