Back

New Updates for Azure AD Connect Version 1.1.105.0

Version 111050 and beyond February 16 2016 releaseWith the release of version 111050 of Azure AD Connect in mid February some major ch...

5 min read
Published on Apr 28, 2016
New Updates for Azure AD Connect Version 1.1.105.0

Version 1.1.105.0 and beyond (February 16, 2016 release)

With the release of version 1.1.105.0 of Azure AD Connect in mid February, some major changes have come to the application, such as automatic upgrades, reduced sync interval, and modern authentication with two factor authentication enabled. We’ll look at some new updates for Azure AD Connect version 1.1.105.0 and beyond.

Automatic upgrades

Microsoft in the past has pushed regular updates to its Azure AD Connect application, requiring administrators to manually upgrade each time for stability and feature improvements. Now the application/service will automatically upgrade for administrators that install using “Express Settings,” which Agile IT usually does, without any administrative action. Existing installs not on at least version 1.1.105.0 will need to manually update to at least this version to take advantage of this feature.

Reduced sync interval

From inception, Azure AD Connect, and its previous iterations, have all had a 3-hour default sync interval, requiring manual syncs for just about any change as that timeline has proven too long. Modification of this default interval was always a complicated and unsupported configuration. Now the tool has a 30-minute default interval and modification can be done via PowerShell, though anything less than 30 minutes is not supported by Microsoft.

You can view your current sync interval with the following PowerShell command:

Get-ADSyncScheduler Azure AD Get-ADSyncScheduler

AllowedSyncCycleInterval. The most frequently Azure AD will allow synchronizations to occur. You cannot synchronize more frequently than 30 minutes and still be supported.

CurrentlyEffectiveSyncCycleInterval. The schedule currently in effect. It will have the same value as CustomizedSyncInterval (if set) if it is not more frequent than AllowedSyncInterval. If you change CustomizedSyncCycleInterval, this will take effect after next synchronization cycle.

CustomizedSyncCycleInterval. If you want the scheduler to run at any other frequency than the default 30 minutes, you will configure this setting. In the picture above the scheduler has been set to run every hour instead. If you set this to a value lower than AllowedSyncInterval, the latter will be used.

NextSyncCyclePolicyType. Either Delta or Initial. Defines if the next run should only process delta changes, or if the next run should do a full import and sync, which would also reprocess any new or changed rules.

NextSyncCycleStartTimeInUTC. Next time the scheduler will start the next sync cycle.

PurgeRunHistoryInterval. The time operation logs should be kept. These can be reviewed in the synchronization service manager. The default is to keep these for 7 days.

SyncCycleEnabled. Indicates if the scheduler is running the import, sync, and export processes as part of its operation.

MaintenanceEnabled. Shows if the maintenance process is enabled. It will update the certificates/keys and purge the operations log.

IsStagingModeEnabled. Shows if staging mode is enabled. You can modify all these settings with

Set-ADSyncScheduler. The parameter IsStagingModeEnabled can only be set by the installation wizard.

Starting a manual sync

The scheduler will by default run every 30 minutes. In some cases, you might want to run a sync cycle in between the scheduled cycles or you need to run a different type.

Delta sync cycle

A delta sync cycle includes the following steps:

  • Delta import on all Connectors
  • Delta sync on all Connectors
  • Export on all Connectors

It could be that you have an urgent change which must be synchronized immediately which is why you need to manually run a cycle. If you need to manually run a cycle, then from PowerShell run Start-ADSyncSyncCycle -PolicyType Delta.

Full sync cycle

If you have made one of the following configuration changes, you need to run a full sync cycle (a.k.a. Initial):

  • Added more objects or attributes to be imported from a source directory
  • Made changes to the Synchronization rules
  • Changed filtering so a different number of objects should be included
  • If you have made one of these changes, then you need to run a full sync cycle so the sync engine has the opportunity to reconsolidate the connector spaces. A full sync cycle includes the following steps:
    • Full Import on all Connectors
    • Full Sync on all Connectors
    • Export on all Connectors

To initiate a full sync cycle, run Start-ADSyncSyncCycle -PolicyType Initial from a PowerShell prompt. This will start a full sync cycle.

Domain/OU Filtering

Some customers find the need to filter out OUs from syncing with Office 365 for a variety of reasons, be it to keep service accounts out of active users, filter out contractors, etc. The ability to filter out OUs was not natively in older versions of Azure AD Connect and its previous names but was possible through other means. Now this ability is built into the Azure AD Connect application under the customize path of the install and you also have the option to configure filtering post setup.

Azure AD Connect additional tasks view

Azure AD domain and OU filtering

Any OUs you wish to skip sync simply uncheck them here, or check new ones you wish to be synced. The older way of filtering through the misclient will still work but is no longer supported.

Modern authentication

Microsoft recommends that any users who have administrative privileges have strong authentication configured. In the past, the Azure AD Connect wizard did not seamlessly work with multifactor authentication, which as a result made using this feature difficult. With this release, Azure AD Connect now leverages the Azure AD Authentication library (ADAL) and the Modern Authentication protocols that it supports, for sign-in to Azure AD. You can now specify an admin user that has MFA or PIM configured to connect to Azure AD.

Need help managing your cloud environment? Learn more about AgileCover fully managed IT support to find out how we can position your organization for growth in the cloud.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Top CMMC Assessment Checklist Resources

Top 7 CMMC Assessment Checklist Resources

Explore the top CMMC assessment checklist resources to prepare for compliance. Learn what tools, templates, and guides can streamline your certification journey.

Aug 28, 2025
6 min read
Cloud Backup Solutions for Microsoft 365 | Benefits & Protection

Benefits of Implementing Cloud Backup Solutions for Microsoft 365

Learn the key benefits of cloud backup for Microsoft 365, including enhanced data protection, compliance support, and recovery from cyber threats.

Aug 27, 2025
6 min read
CMMC Level 3 Security Controls: Understanding NIST 800-172

Understanding NIST 800-172 Enhanced Security Controls for CMMC Level 3

Learn how NIST 800-172 enhances CMMC Level 3 compliance with advanced security controls for protecting CUI against sophisticated cyber threats.

Aug 27, 2025
7 min read
Standard Form SF-XX: A Contractor’s Guide to FAR Compliance

Standard Form SF-XX in FAR Contracts: What Contractors Need to Know

Understand the role of Standard Form SF-XX in FAR contracts. Learn how to complete it, key compliance requirements, and why it matters for government contractors.

Aug 25, 2025
6 min read
Why Hire an MSP to Manage CUI Compliance

Why Hire an MSP to Manage CUI Compliance?

Discover how hiring an MSP to manage CUI compliance streamlines security, meets DFARS and NIST 800-171 requirements, and reduces internal IT burden.

Aug 23, 2025
9 min read
What is FAR CUI and How Does It Affect Contractors?

The FAR CUI: What It Means for Contractors and How to Stay Compliant

Learn about the FAR CUI, its security requirements, and how it impacts federal contractors. Understand the key compliance measures and steps to align with Federal Acquisition Regulation (FAR) guidelines.

Aug 22, 2025
8 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation