Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. None of the menu items exist in the Zoom tutorial.

    The documentation does not match the user experience.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  4. When UPN exists in another tenant and cannot be syncd, provide an error in AD Connect

    We had a scenario recently where a company was splitting... an authoritative domain on premise was removed from company1 tenant, then added to company2 tenant. The UPNs still syncd to company1 tenant without issue until company2 started creating cloud accounts with the same UPNs. After this, the UPN in company1 tenant was changed to the onmicrosoft.com address, but there is no error or explanation in the AD Connect logs. This only became noticed when the Hybrid was created and test mailboxes moved. We had to work through with MS to find out what was happening. It would be good if…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  5. Set/Edit "Additional Email Recipients" with PowerShell

    Hi,
    We manage lots of tenants on behalf of our clients, we would like to set/edit the 'Additional Email Recipients' for Azure AD Connect via PowerShell, rather than console GUI, which is not currently possible.

    See:
    https://github.com/MicrosoftDocs/azure-docs/issues/43005

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  6. MFA é uma Violação grave de Privacidade

    Um belo dia você chega pra trabalhar e não pode logar em sua conta Microsoft. Um novo recurso de verificação de conta (MFA) te obriga a vincular seu aparelho móvel por meio da instalação de um app, e sem nenhuma alternativa de validação por email nem por SMS.
    Eu deveria poder decidir o nível de segurança da minha conta.
    Obrigar o usuário a linkar (e poder rastrear) meu aparelho móvel soa muito invasivo à minha privacidade.
    "Quem abre mão de liberdade por segurança, não merece nem liberdade nem segurança." Ben Franklin
    Até onde vocês vão com isso microsoft? Até chipar…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  7. Microsoft Azure Active Directory single sign-on for JIRA plugin redirection fails on mobile

    I have an issue VERY similar to the one described in here: https://community.atlassian.com/t5/Jira-discussions/Mobile-Oauth-Authentication-Redirects-Wrongly-Due-to-Absolute/m-p/692580#M1727 but with the Microsoft Azure Active Directory single sign-on for JIRA plugin.

    Briefly: using Azure AD login button in Jira on iPhone (Safari or Chrome, doesn't matter) ends up in a screen telling page (one of pages in redirection chain) can't be loaded. Exact message is: Safari cannot open the page because the server cannot be found.
    If one inspects the address bar one sees that the origin in URL is duplicated. Just as if somewhere something expected a relative path but got an absolute one and…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  8. Alert about expiry of Kerberos keys

    As keys have to be rolled over manually we are keen to find some way of the the tenant sending an alert (email) when the keys need rolling over. At the moment getting the date right requires manual set up on our side. It would be helpful if the tenant could provide an alert by email to say that the keys are due to be rolled over - say 5 days before it needs to happen.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  9. Defining the Azure Active Directory (AD) attributes similar to how the Active Directory (AD) attributes are defined

    In the same fashion that there is on-line documentation that defines the Active Directory (AD) attributes would like to have on-line documentation for Azure Active Directory (AA) attributes that give full definitions as well. The attributes that would like to have the definitions given for are as follows of:

    cloudAnchor

    cloudLegacyExchangeDN

    cloudMSExchRecipientDisplayType

    cloudSOAExchMailbox

    cloudSourceAnchor

    cloudMastered

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  10. So, when I click on azure AD connect, it just shows an ability to configure, but no ability to upgrade

    Make it easy to see all options when getting into the program. I want to do an in place upgrade, but upon getting in, there is no option for doing an upgrade. Only a message that synchronization has been suspended until configuration is complete, and then there is just a wizard for configuration, and that is it. NOT very intuitive. It is an older version, which is why I want to upgrade, but trying to follow the pics shown under in place upgrade does not seem to apply, as there is no option shown to upgrade on version - https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-upgrade-previous-version

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure AD vs. On Prem Domain Controllers

    Hello everyone,,
    What are your thoughts on Azure AD? Is it mature enough?

    I'm working with a startup that has 50 employees and no Active Directory or Identity Management.

    We have landed a contract that requires all end points to be managed with security policies etc. Rather than having an on-prem domain controller or VMs on Azure, I'm considering Azure AD (Premium P1). Any drawbacks with going this route?
    https://www.spanish55.com/
    I realize that I may need to license Intune for group policy and other management capabilities. Any gotchas I need to be aware of? Would love to hear your experiences…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure Active Directory failed

    Title:
    Import from Azure Active Directory failed.
    Description:
    The import operation from Azure Active Directory Connector has failed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  13. ok

    ok

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  14. Increase number of "proxyAddresses" in sync with AD Connect.

    Been told by support to report our issue here. We have one user with more than 330 proxyAddresses and get synchronization errors. Was told the limit is 330 and this is why the error occurs. We need more than 330, how do we fix this?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  15. Distinguished Name RegEx in AdSyncConfig.psm1 false negative matches

    In Azure AD Connect, the PowerShell module C:\Program Files\Microsoft Azure Active Directory Connect\AdSyncConfig\AdSyncConfig.psm1 contains a regular expression $distinguishedNameRegex in line 21 that fails to match valid distinguished names containing escaped commas (\,). The following modification corrects this problem:

    $distinguishedNameRegex = [Regex] '^(?:(?<cn>CN=(?<name>(?:[^,]|\,)*)),)?(?:(?<path>(?:(?:CN|OU)=(?:[^,]|\,)+,?)+),)?(?<domain>(?:DC=(?:[^,]|\,)+,?)+)$'

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  16. Put a refresh on the AAD Connect OU selection screen.

    Put a refresh on the AAD Connect OU selection screen.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include AD structure (OUs) in filtering rules

    I would like to be able to set different filter conditions for different OUs (e.g. Sync all groups in OU A, but only groups with a particular attribute in OU B). Because OUs are not a filtering rule option, filters apply equally to all in-scope OUs. This is an issue for us, especially when you consider that Distribution Lists and Groups are also classified as the same object type (group) for filtering purposes.

    P.S. I chose MIM as the Category because AAD Connect isn't listed, and I believe they use the same filtering engine.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  18. Manage Federation Error: Cannot Deploy ADFS or ADFS Proxy If Wildcard Cert Is Already Set

    This is causing us ENORMOUS headaches. We already have federation set up and are using a wildcard cert. Now we cannot use the "Deploy ADFS" or "Deploy ADFS Proxy" in the Azure AD Connect tool: It says the certificate is already set (it is), we enter the password for the cert, and we get an error that states the cert doesn't have a suitable subject name. We've been using this wildcard cert for years, and haven't seen this error before in Azure AD Connect (version 1.2.70). This is a major problem as we use this tool to centrally deploy farm…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  19. Show Azure AD Connect sync server IP address in Azure

    It would be good if the IP address for Azure AD Connect server would be shown in Azure. This could be shown for example in Azure AD Connect Health (sync server properties).

    Additionally, the IP address field is <null> in the sync account's audit log. The sign-in logs are empty for the account.

    The motivation for this was protecting the sync account with conditional access using IP-based rules. While one can find the sync server public IP by other means, it would be logical to show it in Azure.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  20. AD Connect Not Installing: A constraint violation occurred

    Guys, good morning!

    I am trying to install AD Azure Connect, to do integration with Office 365 for a future Exchange migration, unfortunately I am having a problem, even performing internet search I am not having success with the solutions presented.

    Error: AD Connect Not Installing: A constraint violation occurred. (0x8007202F)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base