Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Stop use the function

    How can i stop use the function to log in my account! It's really inconvinience to me! tell me how stop use it that is my right.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. inconvinience; limited ;

    If international students come bake to their home country and take online courses how they receive their verify code from their US phone #?
    Now, I really want to know how I can stop use the verify code to log in my account. I am not stay with my cell-phone all the time. Each time I log in my account that I must find where my cell-phone is which really inconvenience for me. On the other hand, I don't believe that such any bored person would steal and log into a student's mailbox and blackboard unless their motivation is interstress…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disable Add subscription outside home directory

    Currently it is not possible to add a subscription to a directory that is not your home directory. However, the "Add" button is still shown and active under subscriptions when logged in to a non-home directory. Creating a subscription this way confusingly adds it to the user's home directory without regard for the directory where you wanted to add it. This should either be clarified when initiating the create subscription wizard, or the Add button should be removed/disabled when not in the home directory.
    Situation: User belongs to one directory and is added to another with sufficient permissions to create…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. WHFB is not working with Server 2019 Domaincontrollers

    We had Windows Hello for Business working fine.
    We created a new ad forest with only servers 2019, now WHFB is not working anymore.

    "This option is temporarily unavailable. For now, please use a different method to sign in." and KRB Error: KDCERRCLIENTNAMEMISMATCH

    please fix

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. smartlock - powershell commands

    It would be nice for administrators to see what accounts are currently locked or how much time to go if they were locked by smart lock out. Or even a way to unlock them?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. azure ad app Required permissions dependency

    Presently when you create a azure ad app and app the api in Required permissions. It requires that app the api has be in specific order to use the KnownClient setting for Creating the service principal in Consumer Tenanat. Please make check the internal dependency of Required api before creating the service Principal.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. Stop asking me to add security questions. I don't want them on my account. I'm not adding them. Stop trying to force it.

    Stop trying to force me to add security questions. I have too many possible answers. I just want to access my account quickly so I can get back to work. If I add them, I'll second guess what the answer is and possibly get it wrong and then be locked out of my account longer. It's happened before. Security questions are rubbish and you are affecting my ability to treat my patients in a negative fashion by slowing me down by hitting to decline 3 times to log into my work account and another two times to check me email.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. Azure AD Account Initials

    The initials circle that is generated in Azure AD and propagated to other workloads seems to parse the DisplayName attribute which does not always render the correct initials. For example, if the CX uses "BusinessUnit-FirstName LastName (Contractor)" as a naming convention then everyone gets the exact same "BC" initials. This has been a complaint for way too long and is easily resolved by using the FirstName and LastName attributes to generate the correct initials and fall-back to DisplayName only if they are not populated.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. AD Attribute Info (AKA Notes) for Groups should be sync to Cloud and Available to Exchange Online.

    The AD Attribute Info (AKA Notes) is currently synced for Users but not for Groups. The companies I have worked before made heave use of it and surprise no one else complain. Also, its a field available in the GUI. I would think all attributes exposed via the GUI should have been synced.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Intune Roles Assignments

    Intune currently doesn't allow a privilege account access the Intune portal without assigning an E3 license. We have L1 and L2 support that we want to be able to limit the access of the portal and do not want to grant them Global Admin access, but we also do not want to assign a second license for the privilege account for custom roles. Will there be an limited Intune Roles Assignments that doesnt require a license in the road map?

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. option to prevent users to consent to third party tenants

    Admins can today block the users ability to grant consent to applications. However, this will not block users from consenting to being invited into third party tenants as guests.

    I suggest that Azure AD should get a “external access” feature where Azure AD admins can choose (per user/group) to either;
    - Allow users to access all external tenants as guests
    - Allow users to access selected external tenants as guests
    - Allow users to access selected external tenants and require admin approval for all other external tenants
    - Users are not alloed to access external tenants (but admins are allowed…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure Profile field updates

    I want to be able to add fields into the Azure profile (to then sync into SharePoint, so we don't have to update it in both places)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. Azure AD Password Policy

    Azure AD should provide more parameters to configure as per the users need.
    For example as per my organisation's Security policy, the minimum password length required is 12. But there is no way to configure this parameter from 8.
    The Azure AD platform should provide the ability for users to configure the below password policy at least.
    1. Password history
    2. Password complexity of temporary password generated by Azure
    3. Password length

    86 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow users to remove themselves from Azure accounts (duh)

    I'm an independent contract developer. I did work for a client many years ago during which they added my personal email to their corporate Azure account.

    Recently I tried to login again to Azure portal using my personal email and was caught in an infinite redirect loop that timed-out with "your account is locked".

    After ~3 weeks dealing with Azure support (who were completely useless) I self-diagnosed that the problem was my email was still attached to the client's account. I asked Azure support to remove the email, but they said I had to contact the client and ask them…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Date in German group expiration e-mail has a wrong format

    See attached file. The E-Mail is in German except the date. Instead of "March 09, 2019" it should be "09. März 2019".

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow the Group Review Process owner to be changed through the GUI or Powershell

    The current Azure Group review process automatically sends out an email when the scheduled task to the review the group members is activated. This email contains the owner of the task as a contact for the "reviewer" to contact if they have questions, and this owner may no longer be the correct contact. It would be useful to be able to change the owner on reviews so that the reviewer can be referred to the help desk, instead of having to delete the review and re-create the review which changes the review schedule

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. Implement a windowed IDENTITY column definition

    Please implement a windowed identity column that automatically initializes and increments over a window in columns in a table.

    I would like the conceptual functionality of SelectedSubsetId below.

    CREATE TABLE dbo.SelectedSubset
    (

    ItemSetId INT NOT NULL FOREIGN KEY REFERENCES dbo.ItemSet(ItemSetId),
    
    SelectedSubsetId INT NOT NULL IDENTITY(1,1) OVER(PARTITION BY ItemSetId),
    PRIMARY KEY CLUSTERED (ItemSetId, SelectedSubsetId )

    )

    Where SelectedSubsetId would start at 1 and increment by 1 for each ItemSetId entered. Another table would would foreign key this primary key and add the item ids of the set

    CREATE TABLE dbo.SubsetItems
    (

    ItemSetId INT NOT NULL,
    
    SelectedSubsetId INT NOT NULL,
    ItemId INT
    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add dynamic owners to a group in addition to dynamic members

    Currently, groups can be defined dynamically with rules. Please expand that capability to dynamically define owners as well. This will be especially useful for Microsoft Teams. When the current owner of a group leaves the company or role, the person who replaces him/her should automatically become the new owner of the group.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. I downloaded and have used the app, but no icon appears on my pool home. Where is the app icon?

    NEED! Auto-download of an app, so settings can be changed at need.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base