How can we improve Azure Active Directory?

Ability to connect Azure Active Directory Account to Windows 8/10 Account

For small deployments (without ADDS/ADFS on-premises) it would be very useful if user could login Windows with a WAAD Account. That means: same user experience with WAAD Account as todays experience with public Microsoft (Live) ID.

282 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Pirmin FelberPirmin Felber shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    GeorgeGeorge shared a merged idea: WIndows 10 and Azure Active Directory Domain Join - Permissions, Groups, GPO's  ·   · 

    11 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • GeorgeGeorge commented  ·   ·  Flag as inappropriate

        Now that Windows 10 logs on either to a Microsoft Account, Organizational/Work Account or Local Account as default on Startup this post addresses the Organizational/Work Account of that login.

        The machine joins the WAAD and is listed under the User Name in the AD under Devices.

        It would be great to see the WAAD expand functionally a bit to match some of the basic functionality of an On-Premise AD, for simple Permissions, Security Groups, and GPO's so we can manage those connected workstation and users at a basic level for access and/default configurations.

      • DennisDennis commented  ·   ·  Flag as inappropriate

        Direct Connect Agent Azure Active Directory.

        We would like to be able to join computers to Azure AD, just for basic user auth. Hopefully GPO's in the future also.

        We think Microsoft should build a Per-Agent-Per-Month option, they already have the technology with Direct Connect, however users need Enterprise licenses.

        This way we can decommission on-prem AD and have one identity online for all Microsoft systems and services.

      • Stuart MorrisStuart Morris commented  ·   ·  Flag as inappropriate

        Please implement this! I have just run into this use-case so the sooner the better! (Specifically with not being able to use Intune with a Microsoft Account). For the small cloud-only deployment, it's not worth hosting ADFS in Azure..

      • Jeff EvansJeff Evans commented  ·   ·  Flag as inappropriate

        Making the move to a purely cloud based infrastructure means that this is a must have for us. Having to setup an ADDS in the cloud to basically replicate what WAAD already contains is just way too heavy.
        Please allow direct WAAD access for Windows user accounts/authentication, contacts, groups etc.. so that we can bypass AD altogether.

      • Jared Pickerell - Troy USD 429Jared Pickerell - Troy USD 429 commented  ·   ·  Flag as inappropriate

        Where this would be very beneficial is to be able to use our WAAD/Office 365/Organizational Account (all the same thing) for the Microsoft Store and office.microsoft.com (also Onenote mobile apps that require to first log into a Microsoft Account)! Microsoft's requirement of only allowing Windows 8 to link to a personal "Microsoft Account" and not WAAD/O365 is causing huge problems for educational institutions and businesses wanting to deploy Windows 8 and fully utilize all online services in a managed manner.

      • Tom Van GramberenTom Van Gramberen commented  ·   ·  Flag as inappropriate

        For sure a great idea for SMB's moving to Office365.

        I actually have a live case where we are discussing if an ADDS deployment is useful. This could be an alternative.

      Feedback and Knowledge Base