Azure Active Directory Connect Upgrade In-place or Swing Migration

-

In this article we are going to discuss different methods that you can use to upgrade your Azure Active Directory (Azure AD) Connect installation to the latest release.

I have been reading lot of queries and question mark over the type of upgrade process or approach should be taken by the Architects or an Engineer managing the AAD Connect software.

First of all, it is very important that the environment and specially the servers  are in line with the current and the latest releases of Azure AD Connect. Microsoft is constantly making upgrades to AADConnect, and these upgrades include fixes to security issues and bugs, as well as serviceability, performance, and scalability improvements.

As been on the field working for different clients the issues and confusion is whether to do in place upgrade or do a swing migration, Microsoft states with small environment and not many complex settings usually in-place upragde should be carried out. But in my opinion I do not like to disturb the existing setup and configuration by doing a in-place upgrade as not always the process is smooth and you can hit some hiccups, in turn that could cause the working server some issues.

So always follow the swing migration to safeguard the environment and follow the Microsoft's AAD Connect Swing Migration process over here

High Level points are:

  • Backup the existing AAD Connect Server
  • Discovery and Analysis of the existing AAD Connect Server configuration
  • Export of the Configuration Settings from the AAD Connect
  • Network Connectivity from the New Server to all the domains,Azure 
  • Global Administrator or Hybrid Account Access
  • Setup the AAD Connect in a Staging Mode on the new server
  • Import the Configuration File on the new server
  • Compare the Configuration File from the old server and the new server (Link here for the config tool)
  • Monitor the Full Import and Sync Process on the new server
  • Once all confirmed and verified that Sync Process is without any errors, carry out the swing migration
  • Again monitor the Full Import and Sync Process on the new server
  • If all is well and working as expected, the old server can be decomissioned and AAD Connect can be uninstalled and removed from the old server
Also the new AAD Connect Server specification should be well spec as the initial full import, syncs takes up lot of processing power and you will need to have more power for the services to complete the setup.

Reboot periodically, monitor the services via SCOM or other monitoring tools, keep upto date with Microsoft bulletin news and if you have any issues do not forget to gather all the logs and events from the server before you raise a support call with Microsoft or you can ask Microsoft Q&A Forums,

Hope this helps and don't forget to provide any feedback or comments.


Comments

Post a Comment

Popular posts from this blog

Windows 11 22H2 RDP disconnects and freezes randomly

-
Image
Namaste Everyone. I have been following and reading many forums with the similar issue of RDP session freezing or either getting disconnected frequently. Logs have not proved anything exceptional or drastic changes in the environment, however I was able to test this in my lab and have traced some Network Logs via the Wireshark and could see retransmision packets between the client and the server. This all started after the update to Windows 11 22H2. The resolution is to either rollback the 22H2 on the client or apply this registry or ADMX setting via the Group Policy. My theory is that after looking at the logs in my client is that the problem is due to the fact that the RDS connection is trying to connect over UDP and is not trying to connect over TCP if the UDP fails or gets block for some reason. So either you can manually set the registry in the client by following the below step: Browse to the below Registry Path with administrator account: HKLM\SOFTWARE\Policies\Microsoft\Win...
Read more

Certification - 70-533

-
Welcome Azure Techies!! In this blog I am going to share some tips and information on my personal experience in earning the Microsoft Specialist Azure Certification, specifically "Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions". This was a great experience overall in achieving "Microsoft Specialist Certification", my journey started on the back of a several projects I was involved within the company and inclined to understand the in and out of the Azure Mechanics. At the time of writing this article Microsoft  exam measures your ability to accomplish the technical tasks listed below, and from March 2016 onward the Skills Measured for this exam will change and include some updates, Please refer the link for more information on the changes. Link I would suggest and recommend to keep checking this page regularly for the updates from Microsoft. Link. There are many helpful articles and guidance from the Pro's in earning the Certi...
Read more

Windows 2019 Server Change TimeZone error "Unable to continue" You Do not have permissions to perform this task.

-
Image
 Namaste everyone, During the install of a new Azure AD Connect software I was provided a brand new Windows 2019 Server Datacenter Edition and this was fully patched and updated with the Security patches. There were no Group Policies with exception of the Domain Policy and a SCCM Server Policy for patching. I noticed the time was out of sync an hour as the server was located in the different region and all other servers were set to local region settings. So the usual step is to try and change the date and time from the Control Panel, however when I tried to update the time I received a message that I cannot change the time. "Unable to continue" You Do not have permissions to perform this task. Please contact your administrator for help. The simple fix to use the Get-Timezone and Set-Timezone PowerShell commands,  Get-TimeZone -ListAvailable | where StandardName -like "*GM*"    ( This command will extract the specific Timezone with the words GM in the StandardName, y...
Read more