Microsoft Mandates Critical Entra Connect Sync Update
Microsoft latest Entra Connect Sync update includes security enhancements.
Published: Mar 17, 2025
Key Takeaways:
- Organizations must update Microsoft Entra Connect Sync to to avoid authentication failures and functionality limitations.
- This hardening update introduces back-end improvements to strengthen security.
- Microsoft advises eligible customers to transition to Entra Cloud Sync.
Microsoft is about to implement a hardening update for Entra Connect Sync. The company urges all organizations to upgrade to the required minimum version by April 7, 2025.
Microsoft released a new version of its Entra Connect Sync solution in October 2024. These updates include a back-end service change aimed at further improving the security and stability of the service. This hardening update is a part of Microsoft’s ongoing efforts to protect its services against potential vulnerabilities and ensure robust performance.
What is Microsoft Entra Connect Sync?
Microsoft Entra Connect Sync is a tool that enables organizations to integrate their on-premises directories with Microsoft Entra ID. It synchronizes identity data (users, groups, and contacts) between the on-premises environment and Microsoft Entra ID. Microsoft Entra Connect Sync allows users to have a common identity for accessing both cloud and on-premises resources. It simplifies the management of their hybrid identity infrastructure.
What to expect from this change?
Microsoft recommends all customers to upgrade Entra Connect Sync to at least version 2.4.18.0 (for commercial clouds) or 2.4.21.0 (for non-commercial clouds) by April 7, 2025. Those who don’t upgrade will face authentication failures when using the Connect Sync wizard to access Entra ID.
This update will also impact features such as staging mode configuration, schema refresh, and user sign-in changes. Additionally, configuring Active Directory Federation Services (ADFS) and PingFederate scenarios through the Connect Sync wizard will no longer be possible.
Microsoft notes that the sync service will continue to run normally. This means that any changes made in the on-premises directory will still be synchronized to Microsoft Entra ID as usual. Moreover, administrators will still be able to upgrade their Entra Connect Sync instance even after April 7, 2025.
Microsoft advises that eligible customers should migrate from Microsoft Entra Connect Sync to Microsoft Entra Cloud Sync. This service allows organizations to configure and manage their sync preferences online. It brings new features that are designed to enhance usability, performance, and security.