Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support NPS/RADIUS for Azure AD Domain Services

    Add support for Microsoft NPS/RADIUS in Azure AD Domain Services

    233 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  38 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  2. Span AADDS domain across multi regions

    Span the same AADDS domain to multi regions - currently only possible with vnet pairing and VPN gateways. Would also add redundancy to the domain if say a region were to go down or the AADDS service were to stop within a region.

    53 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  3. Azure Active Directory Domain Services - More Pricing Tiers

    Can we have more pricing tiers? I run a small consultancy business with 1 user and enabling AADDS will cost in excess of £90 a month, even though I won't have anything like the 25000 objects minimum tier cap. However AADDS is useful for demonstrating to SME clients how they can go cloud only so it would make sense to provide an entry level price point, for example max 2500 objects to suit the smaller scenarios.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  7 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow B2B users to logon to VMs using Azure AD domain services

    Currently B2B users cannot login to a Azure AD Domain Services joined virtual machine. In this scenario we do not have AAD Connect, only Azure AD directory with domain services running. We can join the VMs to the AAD DS domain and sign on with member accounts but cannot sign in with B2B guest accounts.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  5. migrate Azure Active Directory Domain Services from classic to resource manager

    Is there a way yet to migrate AADDS from Classic to RM? We need to get off of Classic.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  6 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  6. domain services

    Upgrade the Azure AD Domain Services Domain Controllers to be Windows Server 2016 instead of Windows Server 2012 R2.

    We've switched to having our domain be AAD Domain Services and connected to our Office 365 domain and we'd like to enable Windows Hello for Business, but until those domain controllers are upgraded we can't utilize it. This makes the nice fingerprint scanners on our new machines useless.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  7. AADDS: Allow pausing of Domain Services

    On a demo or MSDN subscription I would like to pause Domain Services like I can pause an AD VM. That will save me costs on a demo or development focused Azure subscription. Otherwise, AAD Domain Services uses a significant portion of the $100/month MSDN credit.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add more attributes to AADDS

    Expand the attributes that are syncd with AADDS and available via LDAPS. The one I'm specifically interested in at the moment is the Manager attribute, but others are important too.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  9. enterprise certificate authority (ca)

    Allow for creating Enterprise CA

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  10. AADDS: Integrate Domain Controller Security Logs With Azure Log Analytics

    A major security shortcoming of AADDS is that you don't have access to the security logs on domain controllers.

    This is critical for the security posture of many organizations.

    It would be ideal to be able to feed the security logs of AADDS domain controllers in to Azure Log Analytics.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  11. Bring Domain Services to Uk West and UK South

    Hi There,

    We are currently evaluating the use of Domain Services. For GDPR we'd need to have all our Infrastructure in the UK.

    Do you have a timeline for introduction of Domain Services in the UK region.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  12. proxyaddresses

    Make the ProxyAddresses attribute available through LDAPS when using Managed Domain

    Many Anti-Spam applications (ex: Zero Spam) need to connect via LDAPS to list users, and get their email address(es) but only the mail attribute is available...

    Since LDAPS managed domain is using our Azure AD , and AzureAD already has this attributes ( synched from our onPremise AD) I don't understand why it is not available through LDAPS

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure Active Domain Services Synchronisation Report

    Currently, it is not possible to get accurate information from AADDS about what and when attributes are synchronised from Azure AD to Azure ADDS. It would be most helpful if customers could query on a per user or per directory basis to find out what attributes were synced and at what time (including password changes)

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  14. Azure MFA / Remote Desktop ARM VM / Domain Joined to Azure AD Domain Services

    I don't find any Information about if it’s possible to secure an ARM VM which is joined to a Azure AD Domain Services "Domain" with Azure MFA without the need of the installation of an extra VM with an Installation of "Azure Multi-Factor Authentication Server" please provide a Solution for this because not for all customers Azure RemoteApp or XenApp Express are a solution.

    Sometimes a self-installed and self-managed Remote Desktop VM is the better way for us, but we want to spare the costs for an extra Domain Controller VM. So Azure AD Domain Services are really cool! But…

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  15. replace on-premises based AD with AADDS

    I read through with great interest the AADDS public preview use cases and documentation. It looks nice but for a very limited set of use cases. I do like the pricing.

    I would like to replace existing non-AD LDAP servers with AADDS and have both on-prem and cloud based apps do authentication from one common source. Turns out this isn't possible at all.

    I would like to have encryption for all requests to the AADDS, always.

    Additionally I would like to add attributes to the schema, if at all possible.

    I would like to AADDS join all windows devices to…

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  16. AADDS: Remove username collision limitation

    If you have joe@mydomainusa.com and a different user that's joe@mydomaincanada.com all in the same AAD, when you enable Domain Services, only one user will function since only one user gets MYDOMAIN\joe as its username. Please remove this limitation

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  17. employeeid, employeetype, extensionAttributes and such should be syncable to AAD Domain Services

    default attributes in a 2008 R2 schema or higher should be available in AAD DS, especially if these are already synced to AAD e.g. employeeid, employeetype, but also extensionAttributes

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  18. AADDS: Link to preview portal/RM created vnet

    There doesn't appear to be a way to link aad domain services to a vnet created in the preview portal /azure RM; why not?? All our vnets are ARM based!

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add 2FA/MFA support to Azure AD Domain Services

    We have 2FA/MFA setup for Azure AD, and this protects any of our applications that support SAML. However, we have some applications (e.g. VPN server) that do not support SAML, and for those we use Azure AD and LDAPS. Unfortunately, this bypasses the MFA requirement, so anything with LDAPS is less secure.

    It would be very helpful if Azure AD Domain Services has some kind of one-click integration with Azure MFA so we could protect these applications as well.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  20. Rename Domain - (ADDS) Active Directory Domain Services

    Allow renaming the Domain set in ADDS

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base