Azure AD Connect Preview 2 is available!

First published on CloudBlogs on Mar, 24 2015
Howdy folks, I'm happy to let you know that the second preview release of Azure AD Connect is now available. If you just want to get started, you can get it here . Those of you who follow the blog know that Azure AD Connect is a tool that simplifies synchronization of your on-premises directories with Azure AD to enable single sign-on to Office 365 and thousands of SaaS and on-premises applications. Since we released the first preview in December we seen a ton of interest and received lots of useful feedback. Today's release has several new capabilities and a bunch of quality improvements and bug fixes based on that feedback. This second preview release is our last 'preview' release prior to the general availability of the service. Please read on to learn about the new functionality.

Support for upgrade from DirSync

In response to one of your most common requests, we now provide the ability for you to upgrade from an existing DirSync or AAD Sync deployment to Azure AD Connect. We perform a seamless, in place upgrade from DirSync or Azure AD Sync

If you have DirSync and more than 50,000 objects in the directory, we export your DirSync configuration for you, then we import it for you when you run the Azure AD Connect wizard on another machine:

Support for existing SSO deployments

If you have already setup sign on using either AD FS or a third party federation product, or if you are planning an SSO deployment using a third party, we now let you to deploy or upgrade just the sync components. Just choose the Custom path instead of Express Settings, and then select "Do not configure" on the "User sign-in" page shown below. We'll go ahead and get the sync components upgraded to Azure AD Connect so that you have the latest sync options without having to configure sign on.

Pilot with a small set of users before syncing the entire directory

Many of you have asked for the ability to set up a small pilot based on a group of users before you sync the entire directory. Our new "Pilot" mode capability allows you to do just this. Just select an AD group on the Sync Filtering page (you can find this in the Custom path of the wizard) and we will make sure only the members of that group are synchronized to Azure AD.

Support for additional sync options

In the Custom path of the wizard, we now offer an expanded set of additional sync options currently in Preview mode. Please note that the option for group writeback will allow you to write back "Groups in Office 365" to a forest with Exchange installed. This is a new group type which is always mastered in the cloud.

Additional Tasks

Finally, the concept of Additional tasks provides you with the ability to make enhancements or refinements to your Azure AD connection after the initial deployment. Once you have run the Azure AD Connect wizard for the first time, you may wish to add scale or refine your options right away, or after some time has passed. Just launch the wizard again using the Start page or desktop icon called "Azure AD Connect". After you enter your Azure AD credentials, we will show you a page with the tasks that are relevant to your configuration. These tasks include the following: If you selected Express Settings or Custom settings with password sync on the first run:

• View data about your current configuration
• Customize your sync options
  • This allows you to specify or further refine sync options including "write back" options. In addition you can add additional Active Directory forests to your connection.

If you selected Custom settings with federation on the first run, you get the above tasks plus:

• Add an additional Azure AD Domain for federation
• Add an additional Federation Server or Web Application Proxy to scale up your AD FS farm

I hope you'll take some time to download the updated preview today and take a look. And as always, we'd love to get any feedback or suggestions you have.   Best Regards, Alex Simons (Twitter: @Alex_A_Simons ) Director of Program Management Microsoft Identity and Security Division (updated 3/25)