What is Azure AD Connect version 2.0? - Microsoft Portal (2023)

  • article

Azure AD Connect was released a few years ago. Since then, several components used by Azure AD Connect have been scheduled for retirement and upgrades to newer versions. Trying to update all of these components separately takes time and planning.


Instead of upgrading to the latest version of Azure AD Connect, check if cloud sync is right for you. For more information, seeSync users to Azure AD

To remedy this, we've combined as many of these new components as possible into one new version, so you only need to update once. This version is Azure AD Connect V2. This release is a new version of the same software used to achieve hybrid identity goals, built with the latest core components.

What are the main changes?

SQL Server 2019 local database

Previous versions of Azure AD Connect shipped with SQL Server 2012 LocalDB. Version 2.0 comes with SQL Server 2019 LocalDB, which promises increased stability and performance and fixes several security bugs. SQL Server 2012 will end extended support in July 2022. For more information, seeMicrosoft SQL 2019.

MSAL authentication library

Previous versions of Azure AD Connect shipped with the ADAL authentication library. This library will be retired after December 2022. V2 ships with the newer MSAL library. For more information, seeOverview of the MSAL library.

Visual C++ Redist 14

SQL Server 2019 requires Visual C++ Redist 14 runtime, so we are updating the C++ runtime library to use this version. This redistributable will be installed with Azure AD Connect V2, so you don't need to take any action to update the C++ runtime.

Security Protocol 1.2

TLS1.0 and TLS 1.1 are protocols that are considered unsafe and are being retired by Microsoft. This version of Azure AD Connect will only support TLS 1.2. All versions of Windows Server supported by Azure AD Connect V2 already use TLS 1.2 by default. If your server doesn't support TLS 1.2, you'll need to enable it before you can deploy Azure AD Connect V2. For more information, seeTLS 1.2 implementation for Azure AD Connect.

All binaries signed with SHA2

We noticed that some components have binaries signed with SHA1. We no longer support SHA1 for downloadable binaries and are updating all binaries to be SHA2 signed. Digital signatures are used to ensure that updates come directly from Microsoft and have not been tampered with during delivery. Due to the weakness of the SHA-1 algorithm, and to comply with industry standards, we have changed the way we sign Windows updates to use the more secure SHA-2 algorithm. "

You don't have to take any action.

Windows Server 2012 and Windows Server 2012 R2 are no longer supported

SQL Server 2019 requires Windows Server 2016 or later as the server operating system. Because Azure AD Connect v2 includes SQL Server 2019 components, we no longer support older versions of Windows Server.

This version cannot be installed on older versions of Windows Server. We recommend that you upgrade your Azure AD Connect server to Windows Server 2019, which is the latest version of the Windows Server operating system.

TenarticleDescribes upgrading to Windows Server 2019 from older versions of Windows Server.

PowerShell 5.0

This release of Azure AD Connect includes several cmdlets that require PowerShell 5.0, so this requirement is a new prerequisite for Azure AD Connect.

More information on PowerShell prerequisites can be found atHere.


PowerShell 5 is already part of Windows Server 2016, so as long as you're using the latest version of Windows Server, you probably don't need to take any action.

What else do I need to know?

Why is this update important to me?Over the next year, several components in the current Azure AD Connect server installation will no longer be supported. If you're using an unsupported product, it will be very difficult for our support team to provide the support your organization needs. Therefore, we recommend that all customers upgrade to the newer version as soon as possible.

This upgrade is especially important because we had to update the Azure AD Connect prerequisites and you may need more time to schedule and update your server to include newer versions of these prerequisites

Is there anything new I should know about?No - Version 2.0 does not contain any new features. This release only includes updates to some core components in Azure AD Connect. However, newer versions of Azure AD Connect V2 may include new features.

Can I upgrade to version 2 from any previous version?Yes - Upgrading to Azure AD Connect V2 from any previous version of Azure AD Connect is supported. Follow the directions inThis articleto determine the best update strategy for you.

Can I export my current server configuration and import it into Azure AD Connect V2?Yes, you can, and it's a great way to migrate to Azure AD Connect V2 - especially if you're also upgrading to a new OS version. You can read more about the import/export setup feature and how to use itarticle.

I have enabled automatic upgrades for Azure AD Connect - will I get this new version automatically?Yes - If you have automatic upgrade enabled, the Azure AD Connect server will be upgraded to the latest version. However, we can only upgrade your server if you are running Windows Server 2016 or later and have TLS 1.2 enabled.

I'm not ready to upgrade - how much time do I have?Upgrade to Azure AD Connect V2 as soon as possible.All versions of Azure AD Connect V1 retired on August 31, 2022.We will continue to support older versions of Azure AD Connect at this time, but providing a good support experience can be difficult if some components in Azure AD Connect are no longer supported. This update is especially important for ADAL and TLS 1.0/1.1 as these services may unexpectedly stop working after deprecation.

I'm using an external SQL database instead of SQL 2012 LocalDb - do I still need to upgrade?Yes, due to the deprecation of TLS1.0/1.1 and ADAL, even if you are not using SQL Server 2012, you still need to upgrade to maintain support. Note that SQL Server 2012 can still be used as an external SQL database for Azure AD Connect V2. The SQL 2019 driver in Azure AD Connect V2 is compatible with SQL Server 2012.

Will the SQL 2012 components be automatically uninstalled after I upgrade my Azure AD Connect instance to version 2?No, upgrading to SQL 2019 will not remove any SQL 2012 components from your server. If you no longer need these components, you should follow themSQL Server uninstall instructions.

What happens if I don't update?You won't see any impact until one of the discontinued components is actually retired. Azure AD Connect will continue to work.

TLS 1.0/1.1 support will be deprecated in 2022 and you must ensure that you are not using these protocols before that date as your services may unexpectedly stop working. However, you can manually configure the server for TLS 1.2, which does not require Azure AD Connect to be updated to version 2

Azure AD Connect Health may stop working after March 2023. Prior to that, we will automatically update all Health Agents to the new version, but if you are using AADConnect V1, we will not be able to auto-upgrade due to compatibility issues with V.

ADAL support is scheduled to end after December 2022. When ADAL is no longer supported, authentication may unexpectedly fail, preventing the Azure AD Connect server from working properly. We strongly recommend that you upgrade to Azure AD Connect V2 before December 2022. You cannot upgrade to a supported authentication library using the current version of Azure AD Connect.

ADSync PowerShell cmdlets not working after upgrading to version 2?This is a known issue. Restart your PowerShell session after installing or upgrading to version 2 and re-import the module. Import the module by following the instructions below.

  1. Open Windows PowerShell with administrator privileges.

  2. Type or copy and paste the following code:

    Import module name "C:\Program Files\Microsoft Azure AD Sync\Bin\ADSync"

Licensing requirements for using Azure AD Connect V2

Using this feature is free and included with your Azure subscription.

Licensing requirements for using Azure AD Connect Health

Use of this feature requires an Azure AD Premium P1 license. To find a license that suits your needs, seeCompare generally available Azure AD features.

next step

  • Equipment and prerequisites
  • Quick montage
  • Custom settings
Top Articles
Latest Posts
Article information

Author: Jamar Nader

Last Updated: 06/05/2023

Views: 5255

Rating: 4.4 / 5 (55 voted)

Reviews: 94% of readers found this page helpful

Author information

Name: Jamar Nader

Birthday: 1995-02-28

Address: Apt. 536 6162 Reichel Greens, Port Zackaryside, CT 22682-9804

Phone: +9958384818317

Job: IT Representative

Hobby: Scrapbooking, Hiking, Hunting, Kite flying, Blacksmithing, Video gaming, Foraging

Introduction: My name is Jamar Nader, I am a fine, shiny, colorful, bright, nice, perfect, curious person who loves writing and wants to share my knowledge and understanding with you.