--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/093b974a-8746-4cc1-aa06-8cc0d2163613n%40googlegroups.com.
I wasn’t keen on having Entra Connect auto-upgrade and potentially break things when least convenient so I completed the upgrade manually.
The switchover to app-based authentication was seamless – I authenticated with a suitable (HA) credential and it automatically created the app registration and hard-deleted the legacy sync account.
This was detailed in the Entra audit logs:
The documentation here - https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/authenticate-application-id?tabs=default#remove-a-legacy-service-account - suggests you need to identify and remove the legacy service account yourself. In my case this wasn’t required but I have a fairly default Entra Connect setup, so possibly it recognised it was safe to auto-delete. Presumably if you are using some custom account setup it won’t proactively remove it but I guess that’s something to look out for..
Cheers,
David
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Mike
Sent: Wednesday, 13 August 2025 3:16 AM
To: ntsys...@googlegroups.com
Subject: Re: [ntsysadmin] Microsoft Entra Connect: Migration to Application Based Authentication (ABA)
You don't often get email from craigs...@gmail.com. Learn why this is important |
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CA%2BSdsNHFCGTvTkuE7rvwF8vpCRfNRNwB3JuMyj1nBzStZH5fzQ%40mail.gmail.com.