Azure Active Directory

Welcome to the Azure Active Directory Forum.

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support group exemption for Azure AD Join MFA requirement

    Please add a feature that allows IT-Pros (Azure AD Admins) to define a exemption group for people performing Azure AD join. Not every user in a company uses Autopilot for setting up his/her own device or performs the Azure AD Join. Normally this is handled by the IT department. It would be nice if one could use a bypass group during Azure AD join for these users.

    3 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)

      We’ll send you updates on this idea

      2 comments  ·  Domain Join  ·  Flag idea as inappropriate…  ·  Admin →
    • Port Azure MFA Server (PhoneFactor) reports from "classic portal" to "new"/current portal and give "Security Reader" role access to them.

      Port Azure MFA Server (PhoneFactor) reports from "classic portal" to "new"/current portal and give "Security Reader" role access to them.

      The Azure MFA Server - Activity Report which is currently available in the "new"/current Azure portal and all of the MFA Server reports that are only available in the "Classic" are only consumable by "Global Admin" role members. This makes it difficult to utilize with the rest of the security protection model available to the "Security Reader" role members.
      It would be useful to get these reports moved to the "new"/current Azure portal and get them accessible to the "Security…

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
      • Go from SignUpSignIn to PasswordReset without returning to the Client

        In the SignUpSignIn Custom policy you can click on a "password forgotten" link. This takes you back to the application where you have to check for the "AADB2C90118" message and then start a new browser with the PasswordReset policy.
        It would be nice and smooth if the user doesn't experience the browser closing and opening again.
        This would be a SignUpSignInPasswordReset Policy.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
        • After logout user not redirected to application when using Microsoft private account for logging in

          We have an application that uses Microsoft private account configured as IDP. But when users logout they are not redirected to the application, thought the logout url is configured properly. This does not happen when we use Azure Active directory. Happens only when private accounts are used for logging in.

          Test app url https://domsch.com/dib/dev.

          Click login, -> Click Azure AAD button - > Login with microsoft private email . Once logged in click logout. We will see that the user is not redirected back to the application and when the application is accessed again the user is still logged…

          0 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
          • 1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
            • search

              Currently the group search in azure active directory is done on the base of “Starts with”
              I'd like to have extended search capabilities, like "include" "end with" "exclude" and so on

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
              • Add dashboard/report with metrics in PowerBI content pack for all AAD group-based licensed provisioning

                Azure Active Directory PowerBI Content pack:
                - ability to see reports about group-based licensing trends/usage per AAD group based license.

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                • B2B Integration pack for VS2017

                  B2B Integration pack is available for only VS2015. When it is released for VS2017 we can have Only VS2017. Now i'm using two versions VS2015 for B2B and for Azure functions i'm using VS2017.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
                  • Show AADConnect version when upgrading

                    Show the AADConnect Version you are upgrading to when starting the Wizard and once complete, show the version again.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
                    • Warning on Service Connect Point change

                      Azure AD Connect Health should send a warning when the Active Directory Service Connection Point changes.

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
                      • Azure AD Connect GUI Setup: Allow DB override during install

                        When installing or re-installing Azure AD Connect after a previous installation it would be create, if the setup could replace/delete the old ADSync database on the SQL server. Currently we have to talk to the SQL Admin or open SQL Management Studio to delete the database before we can perform a new installation.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                        • Azure AD Connect GUI Setup: Allow DB override during install

                          When installing or re-installing Azure AD Connect after a previous installation it would be create, if the setup could replace/delete the old ADSync database on the SQL server. Currently we have to talk to the SQL Admin or open SQL Management Studio to delete the database before we can perform a new installation.

                          0 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                          • Azure AD Connect GUI Setup: Support "Browse" button for service accounts

                            Please add a "Browse" button in th Azure AD Connect setup guide for finding service accounts in Active Directory. You should also validate the entry for gMSA / MSA accounts that they end with "$".

                            Remove/disable the "Password" textbox when using a managed service account. It seems confusing to the users.

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                            • Fixing New-AzureADApplicationPasswordCredential

                              When using New-AzureADApplicationPasswordCredential with a CustomKeyIdentifier, it is not possible to edit keys in the Azure Portal anymore (an error "Unable to complete the request due to data validation error." is raised).

                              It should be possible to manage keys with these cmdlets without breaking the portal.

                              See https://stackoverflow.com/questions/47081133/how-can-i-add-an-app-registration-key-with-powershell-without-breaking-the-azure for the exact steps to reproduce the problem.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                              • Add support for nested group assignment to applications

                                It would be really useful if enterprise applications supported nested group assignment. Following some role based access control models it would be required to nest 1/2 layers.

                                I understand that nested groups can cause things to become messy if organisations assign nested groups inside nested groups down it can go on and on until your 15 layers deep inside a group... So even if it was depth limited to 1/2 nested groups this would still be useful.

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
                                • SharePoint Online / Microsoft Teams inviter should be written back to Azure AD

                                  A lot of functionality seems to be missing on the backend from a governance and compliance point of view. All Azure B2B accounts magically gets created in Azure Active Directory, when the users accept the invite send from SharePoint Online. We can see the invites within SharePoint Online, but they are missing this within Azure B2B invitation summary view and under Azure Audit. We would have expected to see an entry from SharePoint Online as the "Initiated By (Actor)" with the "Activity" sending out Azure/SharePoint B2B invitation on behalf of user XYZ. I would be preferred with the users UPN.

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Skype For Business Modern Authentication

                                    Please support modern authentication in Skype for Business 2016 in AD Connect Pass Through Authentication scenarios

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                    • 1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
                                      • ad connect health

                                        Can we get a Notification on Bad Password Attempts?

                                        1 vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Guidance to migrate to the new ARM domain services and remove the ASM domain service

                                          We currently use Domain services with ASM and a VPN to the ARM network, Microsoft has migrated the AAD Domain service to Azure ARM, however, it is still connected to the network in ASM. How can we migrate the service so it will use the ARM network? Because the we can remove the ASM network and gateway which lowers the costs. Can you give us a guidance of how to accomplish this?

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 59 60
                                          • Don't see your idea?

                                          Feedback and Knowledge Base