Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. backup of ADsyncTool config into Azure , so that when tool on-prem is rebuilt or upgraded there is an option to choose existing config and a

    backup of ADsyncTool config into Azure , so that when tool on-prem is rebuilt or upgraded there is an option to choose existing config and apply, or to manually configure the options again. This can save on user interruptions if their OU doesn't get the same licences assigned.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  2. Please consider if a backup of the config settings of the Azure sync tool including the OU filtering be stored in Azure. So that when the AD

    Please consider if a backup of the config settings of the Azure sync tool including the OU filtering be stored in Azure. So that when the AD sync connects after authentication from the on-prem server , then a check is made with the existing config layout , with a prompt to either use existing config layout if exists or continue with manual entry of config layout. Then after any changes made to display the differences before confirming updating with Azure AD. This helps as a precaution to avoid loss of complete service functionality with user dependencies.

    In the event the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  4. Cloud Identity - Disable/Enable Directory Sync Progress Indicator

    From MS Customer.
    6000 users sync'd to O365/Azure. Disabled DirSync and needs to know how long it will take.

    Research showed that there are two distinct operations
    During Disable:
    get-msoluser -all and look at last DirSync timestamp - when blank, phase one is complete.
    Change attribute of user object, UPN and when you can change one UPN you can change more information for all objects.

    We would like a set of commands, health analyzer or something that indicates the progress.

    Can an article be publically available that describes the different phases of what is happing on-premise and in Azure?

    Thank…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  5. Identity synchronization and duplicate attribute resiliency issues

    We receive an email every 30 minutes when an account has a duplicate and or Azure Synchronization error. We thought that after the first error that the error would be quarantined and viewable in the Dirsync error status within Office 365 admin center. I have not seen this happen once yet. Also, When I put in individual email addresses into the Azure portal for notification those email addresses do not receive notification. Only the technical contact get an email. I attached a screenshot of where I put separate email addresses.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  6. Office iDFix tool - some column widths cannot be adjusted

    When using the Office iDFix tool - columns cannot be adjusted to prepare an AD for Azure Sync, the result table can be flexible adjusted for nearly all columns but the first 2 from the left that is DN.

    Especially the DN is very long and it is not helpful that you cannot adjust the width there.

    also when clicking on DN the DN will be incorrectly sorted (not by OU / path / alphabetical)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  7. Office iDFix Tool will not notify about incompatible displaynames

    Problem:
    there is a technet document about the known limitations for Group names (255 char long, no dots allowed etc) but idFix will not flag them as errornous if they violate these rules.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add Contributing MA to CSExport when staging Azure AD Connect

    When in Staging mode in Azure AD Connect it would be very helpful to know the Contributing MA for the NewValue in the CSV created by csexport.exe and csexportanalyzer.exe.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  9. Extend AAD Connect to track which forest a User came from to support onboarding small, disconnected Environments with just PTA

    Scenario:
    AAD-Connect runs in Azure IaaS to sync Corp-HQ via S2S-Tunnel. A small, disconnected company is bought by Corp. and should be onboarded to Corp-AAD without establishing any Trusts between their AD and Corp-AD.
    Is the following feasable or is there any easier solution:
    - Install P2S-Tunnel on the SmallCo. AD DC for AAD-Connect to reach out and OnBoard Small-Co AD-Users (without having to establish an IPSEC-Tunnel from/to Small-Corp because they have only NAT and no public IP-Ranges)
    - Use AAD PTA for SmallCo would only be possbile if AAD knew where the account was onboarded from to send out…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make AADC AD Site Aware

    Currently you can force AADC look at a limited list of DCs but that is the extent of the intelligence, to the point I am told that there is no use of AD Site awareness or DC discovery. It would be great if AADC were to use AD Sites to find a DC for a domain, ensuring a much more efficient conversation, and avoiding the need to remember to keep the list current as one's DCs get refreshed. Perhaps a best of both worlds, if no DC is selected, use DC Discovery, but if a specific list is used, either…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure AD Connect - Check for Log on as Batch rights

    When I installed Azure AD Connect it used a local account (name started with AAD) to run the scheduled task. Worked fine until the server's GPO updated and removed the local accounts right to run the task.

    It would be helpful to have the installer check that the rights for Log on as Batch match with the way the scheduled task is being setup.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  12. Change Group Name/DN used to filter objects in AAD Connect

    Currently it is not possible to Change the Name / Location (DN) of the Group used to filter objects that should not be synchronized to Azure AD in AAD Connect.

    But there are many situations (eg. AD migrations) where names or Locations of Groups may Change.

    So implementation of changing the filter Group should be possible without reinstalling AADC

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure AD Connect GUI Setup: Allow DB override during install

    When installing or re-installing Azure AD Connect after a previous installation it would be create, if the setup could replace/delete the old ADSync database on the SQL server. Currently we have to talk to the SQL Admin or open SQL Management Studio to delete the database before we can perform a new installation.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
1 2 3 4 5 7 Next →
  • Don't see your idea?

Feedback and Knowledge Base