This article lists the versions and features of Azure Active Directory Connect Provisioning Agent that have been released. The Azure AD team regularly updates the Provisioning Agent with new features and functionality.
Microsoft provides direct support for the latest agent version and one version before.
You can download the latest version of the agent using this link.
November 2nd, 2021 - released for download
New features and improvements
- Cmdlet to configure Password Writeback
August 20th, 2021 - released for download
- We fixed a bug where, when a domain is renamed, Password Hash Sync would fail with an error indicating "a specified cast is not valid" in the Event log. This is a regression from earlier builds.
August 8th, 2021 - released for download
Note
This is a security update release of Azure AD Connect. This release addresses a vulnerability as documented in this CVE. For more information about this vulnerability please refer to the CVE.
- GMSA Cmdlets to set/reset permission
- GMSA folder permission bug fix (originally, the issue resulted in bootstrap issues)
- Bug fix for handling multiple changes to a single value reference attribute (e.g. manager)
- Bug fix for failure in Initial Enumeration, plus enhanced tracing of the failure
- Optimize group membership updates to a Scoping Group. With this, customers now can sync a group of up to 50K members using group scoping filter.
- Support retrieving a single object by DN with Scoping used by Provisioning On Demand to obey Scoping logic
January 20, 2021: Released for download
- Improvement to GMSA experience including support for pre-custom created GMSA Account
- PowerShell cmdlets support for GMSA setup
- CLI support for agent install (silent installation)
- Additional diagnostics for agent source quarantine issues
- Bug fixes that include reducing of memory usage of OU scoping filters, running PHS only for in-scope users, handling of nested objects in OU when using OU scoping etc.
- Prevent quarantine when scoping group is out of scope
- when scoping filters are configured - PHS job now only operates for in-scope users
- Agent would sometime stop responding during upgrade
- Initial Sync for objects in nested OUs when using OU scoping
- Make the Repair-AADCloudSyncToolsAccount more robust
- Reduce large memory usage of OU scoping filters
- Admin role check fails if the role members contain a security group
- Fix GMSA folder permission issue which prevents Agent Cert renewal
November 23, 2020: Released for download
- Support for gMSA
- Support for groups up to size less than 1500 members during incremental or delta sync cycle. This is applicable when using group scoping filter
- Support for large groups with member size up to 15K
- Initial sync improvements
- Advanced verbose logging
- Introduction of AADCloudSyncTools PowerShell module
- Fixed limitations to allow agent to be installed in non-English server
- Support for PHS filtering only for objects in scope (Originally, we were syncing password hashes for all objects)
- Fixed the memory leak issue in the agent
- Improved provisioning logs
- Support for configuring LDAP connection timeout
- Support for configuring referral chasing
December 4, 2019: Released for download
- Includes support for Azure AD Connect cloud sync to synchronize user, contact and group data from on-premises Active Directory to Azure AD
September 9, 2019: Released for auto update
- Ability to configure additional tracing and logging for debugging Provisioning Agent issues
- Ability to fetch only those Azure AD attributes that are configured in the mapping to improve performance of sync
- Fixed a bug wherein the agent went into an unresponsive state if there were issues with Azure AD connection failures
- Fixed a bug that caused issues when binary data was read from Azure Active Directory
- Fixed a bug wherein the agent failed to renew trust with the cloud hybrid identity service
January 23, 2019: Released for download
- Revamped the Provisioning Agent and connector architecture for better performance, stability, and reliability
- Simplified the Provisioning Agent configuration using UI-driven installation wizard