When reviewing a user's profile, a last login date for any Azure AD/Office 365 login should be captured/displayed, so that admins can evaluate inactive users for account disable and license recovery.7 votes
We have added single users as group owners within the portal, this is great and keeps us from distributing the User Admin role. With that said, my team would like to add security groups as group owners as well. This would help as our user base is constantly changing and we'd rather have one group as an owner of all our groups and make changes within it compared to having to go to each group and add/delete owners as they are hired/terminated.6 votes
It is very important to have the MAC address added to the Azure AD user sign in report to know which devices are connecting.
In order to audit whether a permitted device is accessing a user account we need to be able to uniquely identify the devices connecting to the user account. By adding the MAC address of the device connecting to the tenant we can isolate all devices that are accessing the data. This is different from the devices that are listed in the tenant as installations. A non-authorized user could be accessing a user account if the password has been jeopardized by adding the email credentials to any email client or by accessing the portal directly. Adding the MAC address to the Azure Active Directory User login report would enable a more complete audit.
In order to audit whether a permitted device is accessing a user account we need to be able to uniquely identify the devices connecting to the user account. By adding the MAC address of the device connecting to the tenant we can isolate all devices that are accessing the data. This is different from the devices that are listed in the tenant as installations. A non-authorized user could be accessing a user account if the password has been jeopardized by adding the email credentials to any email client or by accessing the portal directly. Adding the MAC address to the…6 votes
Initiate Manual Sync with Intune and AAD. Sometimes it takes 30 minutes or more for devices to sync between Intune and AAD. After adding a new device into Intune, it would be nice not to have to wait up to 30 minutes to add the same device into an AAD security group.6 votes
We use MFA for the Azure portal, but enabling this carries the MFA functionality to the entire Microsoft suite. This means not only portal.office.com, but all of our applications that use Azure AD, Skype, Exchange OWA, even Yammer! I opened a ticket and was essentially told MFA is all or nothing at this point.6 votes
DreamSpark and Cloud Solution Provider (CSP) subscriptions don’t have access to the classic portal, either.
DreamSpark and Cloud Solution Provider (CSP) subscriptions don’t have access to the classic portal, either. Is there a workaround for managing the Azure AD or providing a V1 vent to to the webapps created in the ARM portal. How can a CSP partner get the access to the classic portal?6 votes
Please provide an audit trail for access to BitLocker Recovery Keys.
My investigations of the AAD audit logs show that no audit log entries are created when an AAD user views a BitLocker recovery key in the admin portal.
The InfoSec departments at many organizations expect to see an audit log entry for security critical actions. Viewing a BitLocker recovery key is viewed as a security critical action.5 votes
We should be able to search and filter within the portal in a much more complete way than we can today.
Today, you can mostly search for startwith of a upn/name of a user. This is super limiting, so I go back and live in PowerShell to do anything more than a simple name search.
And if we want to filter, you can use show all users, or guest users only.
Give us the ability to search / filter / sort / export any attribute available to us.
This extrapolates to Groups and other object types too.5 votes
Thank you for your feedback! Our feature team is is looking into options for addressing this scenario for users. For now, we are happy to announce that we’ve released the Enhanced Groups experience preview which includes improvements for search, sorting, and filtering of groups. This preview adds capabilities like substring search on groups lists and new member search.
The 10000 byte file size is not quite large enough for our 240x240 logo5 votes
Integrate Azure and Office 365 Health, Reporting, Audit, and Activity information fully with OMS/Log Analytics
Bring all the analytics and monitoring from all Microsoft cloud services Azure and Office 365 into OMS/Log Analytics please!5 votes
Is there a way to let a device sync to Azure Active Directory every hour or so if Bitlocker is still active? You can already see the decryption key and when it is registered. However, we have to have prove that the device was encrypted at the moment it was stolen.
Thank you in advance!
Currently to create new roles for a SAML app, I have to either hope the application provider has given me an app manifest, or create them using powershell. It would be much easier for simple apps to create the roles using the portal.5 votes
Azure AD per say is yet a first class citizen w/i Azure. Azure ARM support is needed for pretty much all AD related features
1) Creating updating Users, Roles, Groups, RBAC using ARM
2) Creating Service Principals using ARM
3) Creating automation RunAs service principals
4) Creating Azure AD application
5) AAD domain services
6) MFA using ARM and Graph API
Will AAD really become a shining example of a core-azure service someday?
Looking forward to it...5 votes
Other services have a admin display that shows users currently logged in and allows the admin to kill the sessions (revoking creds, etc).
This is different than the current Azure AD Sign-ins screen that shows running status of who signed in and when, and whether the sign-in was successful.
Realize this is a big ask with many moving parts, but something I believe is warranted for security and compliance reasons.
Currently you can only sort on Display Name. Sorting on other columns (ex: Access) would make management much easier. For instance finding out who has or does not have access to the application is currently impossible.5 votes
If you create an "Access to Azure Active Directory" subscription from your Office 365 subscription when you are logged with the wrong global admin (Office 365) then you cannot change the Account Administrator (Azure) because the subscription cannot be transferred.
The only workaround is to log on with a different global admin and create a new Azure subscription to the same Office 365 tenant.
It is quite confusing and the documentation below should be amended or the procedure simplified so the Azure Account Administrator can be changed or the subscription transferred.
When activating Freshdesk for users, I have to manually scroll through pages and pages, until I see the name on the list. But it would be great to have an option to quickly find the user from the list (something like a search bar or the use of Ctrl +F).5 votes
Great suggestion and we are working on making this experience and many others with regards to users, groups and apps in the portal when we release Azure AD in the new Azure Portal in a few months.
The fact that the portal displays users in groups in some random fashion with no ability to sort alphabetically is unbelievable. Also, the fact that we do not have a "show all" option for lists, instead we have to load more which doesn't show much more at all. It would also make sense to have a search function built in to the groups page I don't understand why there isn't. Please add in the functionality to at least automatically sort alphabetically.... I would be eternally grateful!4 votes
No puedo ingresar a mi correo aun con mi contraseña y proporcionando todos los datos.
Necesito ayuda4 votes
- Don't see your idea?