Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Capture and display a last login date

    When reviewing a user's profile, a last login date for any Azure AD/Office 365 login should be captured/displayed, so that admins can evaluate inactive users for account disable and license recovery.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make Azure Security Groups owners of other Azure Security Groups

    We have added single users as group owners within the portal, this is great and keeps us from distributing the User Admin role. With that said, my team would like to add security groups as group owners as well. This would help as our user base is constantly changing and we'd rather have one group as an owner of all our groups and make changes within it compared to having to go to each group and add/delete owners as they are hired/terminated.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  3. It is very important to have the MAC address added to the Azure AD user sign in report to know which devices are connecting.

    In order to audit whether a permitted device is accessing a user account we need to be able to uniquely identify the devices connecting to the user account. By adding the MAC address of the device connecting to the tenant we can isolate all devices that are accessing the data. This is different from the devices that are listed in the tenant as installations. A non-authorized user could be accessing a user account if the password has been jeopardized by adding the email credentials to any email client or by accessing the portal directly. Adding the MAC address to the…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. Initiate Manual Sync with Intune and AAD

    Initiate Manual Sync with Intune and AAD. Sometimes it takes 30 minutes or more for devices to sync between Intune and AAD. After adding a new device into Intune, it would be nice not to have to wait up to 30 minutes to add the same device into an AAD security group.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  5. MFA for the the Azure portal only

    We use MFA for the Azure portal, but enabling this carries the MFA functionality to the entire Microsoft suite. This means not only portal.office.com, but all of our applications that use Azure AD, Skype, Exchange OWA, even Yammer! I opened a ticket and was essentially told MFA is all or nothing at this point.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  6. DreamSpark and Cloud Solution Provider (CSP) subscriptions don’t have access to the classic portal, either.

    DreamSpark and Cloud Solution Provider (CSP) subscriptions don’t have access to the classic portal, either. Is there a workaround for managing the Azure AD or providing a V1 vent to to the webapps created in the ARM portal. How can a CSP partner get the access to the classic portal?

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. bitlocker

    Please provide an audit trail for access to BitLocker Recovery Keys.

    My investigations of the AAD audit logs show that no audit log entries are created when an AAD user views a BitLocker recovery key in the admin portal.

    The InfoSec departments at many organizations expect to see an audit log entry for security critical actions. Viewing a BitLocker recovery key is viewed as a security critical action.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  8. Searching & Filtering in the Portal

    We should be able to search and filter within the portal in a much more complete way than we can today.

    Today, you can mostly search for startwith of a upn/name of a user. This is super limiting, so I go back and live in PowerShell to do anything more than a simple name search.
    And if we want to filter, you can use show all users, or guest users only.

    Give us the ability to search / filter / sort / export any attribute available to us.

    This extrapolates to Groups and other object types too.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback! Our feature team is is looking into options for addressing this scenario for users. For now, we are happy to announce that we’ve released the Enhanced Groups experience preview which includes improvements for search, sorting, and filtering of groups. This preview adds capabilities like substring search on groups lists and new member search.

  9. Increase allowable square logo file size for company branding.

    The 10000 byte file size is not quite large enough for our 240x240 logo

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  10. Integrate Azure and Office 365 Health, Reporting, Audit, and Activity information fully with OMS/Log Analytics

    Bring all the analytics and monitoring from all Microsoft cloud services Azure and Office 365 into OMS/Log Analytics please!

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Bitlocker sync status

    Is there a way to let a device sync to Azure Active Directory every hour or so if Bitlocker is still active? You can already see the decryption key and when it is registered. However, we have to have prove that the device was encrypted at the moment it was stolen.

    Thank you in advance!
    Roy

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow creation of SAML Roles in portal

    Currently to create new roles for a SAML app, I have to either hope the application provider has given me an app manifest, or create them using powershell. It would be much easier for simple apps to create the roles using the portal.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Make Azure AD a first class citizen of Azure

    Azure AD per say is yet a first class citizen w/i Azure. Azure ARM support is needed for pretty much all AD related features

    1) Creating updating Users, Roles, Groups, RBAC using ARM
    2) Creating Service Principals using ARM
    3) Creating automation RunAs service principals
    4) Creating Azure AD application
    5) AAD domain services
    6) MFA using ARM and Graph API
    ...

    Will AAD really become a shining example of a core-azure service someday?
    Looking forward to it...

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  14. Admin status page of current sign-ins/logins/sesssions where sessions can be killed

    Other services have a admin display that shows users currently logged in and allows the admin to kill the sessions (revoking creds, etc).

    This is different than the current Azure AD Sign-ins screen that shows running status of who signed in and when, and whether the sign-in was successful.

    Realize this is a big ask with many moving parts, but something I believe is warranted for security and compliance reasons.

    -thanks
    -e

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. In Application -> Users allow to sort on all columns.

    Currently you can only sort on Display Name. Sorting on other columns (ex: Access) would make management much easier. For instance finding out who has or does not have access to the application is currently impossible.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  16. Access to Azure Active Directory (Office 365 paid subscription)

    Hi,

    If you create an "Access to Azure Active Directory" subscription from your Office 365 subscription when you are logged with the wrong global admin (Office 365) then you cannot change the Account Administrator (Azure) because the subscription cannot be transferred.

    The only workaround is to log on with a different global admin and create a new Azure subscription to the same Office 365 tenant.

    It is quite confusing and the documentation below should be amended or the procedure simplified so the Azure Account Administrator can be changed or the subscription transferred.

    https://technet.microsoft.com/en-us/library/dn832618.aspx
    https://azure.microsoft.com/en-us/documentation/articles/billing-subscription-transfer/
    https://azure.microsoft.com/en-gb/documentation/articles/billing-add-change-azure-subscription-administrator/

    Thanks

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow quick search and find of user

    When activating Freshdesk for users, I have to manually scroll through pages and pages, until I see the name on the list. But it would be great to have an option to quickly find the user from the list (something like a search bar or the use of Ctrl +F).

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  18. sorting users in groups alphabetically

    The fact that the portal displays users in groups in some random fashion with no ability to sort alphabetically is unbelievable. Also, the fact that we do not have a "show all" option for lists, instead we have to load more which doesn't show much more at all. It would also make sense to have a search function built in to the groups page I don't understand why there isn't. Please add in the functionality to at least automatically sort alphabetically.... I would be eternally grateful!

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. No puedo ingresar a mi correo

    No puedo ingresar a mi correo aun con mi contraseña y proporcionando todos los datos.
    Necesito ayuda

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  20. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base