You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Transport Layer Security (TLS) protocol version 1.2 is a cryptography protocol that is designed to provide secure communications. The TLS protocol aims primarily to provide privacy and data integrity. TLS has gone through many iterations with version 1.2 being defined in [RFC 5246](https://tools.ietf.org/html/rfc5246). Azure Active Directory Connect version 1.2.65.0 and later now fully support using only TLS 1.2 for communications with Azure. This document will provide information on how to force your Azure AD Connect server to use only TLS 1.2.
23
+
Transport Layer Security (TLS) protocol version 1.2 is a cryptography protocol that is designed to provide secure communications. The TLS protocol aims primarily to provide privacy and data integrity. TLS has gone through many iterations, with version 1.2 being defined in [RFC 5246](https://tools.ietf.org/html/rfc5246). Azure Active Directory Connect version 1.2.65.0 and later now fully support using only TLS 1.2 for communications with Azure. This article provides information about how to force your Azure AD Connect server to use only TLS 1.2.
24
24
25
-
>[!NOTE]
26
-
>All versions of Windows Server that are supported for Azure AD Connect V2.0 already default to TLS 1.2. If TLS 1.2 is not enabled on your server you will need to enable this before you can deploy Azure AD Connect V2.0.
25
+
>[!NOTE]
26
+
>All versions of Windows Server that are supported for Azure AD Connect V2.0 already default to TLS 1.2. If TLS 1.2 is not enabled on your server you will need to enable this before you can deploy Azure AD Connect V2.0.
27
27
28
28
## Update the registry
29
-
In order to force the Azure AD Connect server to only use TLS 1.2 the registry of the Windows server must be updated. Set the following registry keys on the Azure AD Connect server.
29
+
In order to force the Azure AD Connect server to only use TLS 1.2, the registry of the Windows server must be updated. Set the following registry keys on the Azure AD Connect server.
30
30
31
-
>[!IMPORTANT]
32
-
>After you have updated the registry, you must restart the Windows server for the changes to take affect.
31
+
>[!IMPORTANT]
32
+
>After you have updated the registry, you must restart the Windows server for the changes to take affect.
33
33
34
34
35
35
### Enable TLS 1.2
@@ -48,34 +48,20 @@ In order to force the Azure AD Connect server to only use TLS 1.2 the registry o
You can use the following PowerShell script to enable TLS 1.2 on your Azure AD Connect server.
51
+
### PowerShell cmdlet to check TLS 1.2
52
+
You can use the following [Get-ADSyncToolsTls12](reference-connect-adsynctools.md#get-adsynctoolstls12)PowerShell cmdlet to check the current TLS 1.2 settings on your Azure AD Connect server.
You can use the following [Set-ADSyncToolsTls12](reference-connect-adsynctools.md#set-adsynctoolstls12) PowerShell cmdlet to enforce TLS 1.2 on your Azure AD Connect server.
You can use the following PowerShell script to disable TLS 1.2 on your Azure AD Connect server.\
83
+
### PowerShell script to disable TLS 1.2 (not recommended)
84
+
You can use the following [Set-ADSyncToolsTls12](reference-connect-adsynctools.md#set-adsynctoolstls12)PowerShell cmdlet to disable TLS 1.2 on your Azure AD Connect server.
0 commit comments