Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

We have a new log in experience integrated with Azure AD, and we strongly recommend you log in with your Azure AD (Office 365) account. If your UserVoice account is the same email address as your Azure AD account, your previous activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. It is very important to have the MAC address added to the Azure AD user sign in report to know which devices are connecting.

    In order to audit whether a permitted device is accessing a user account we need to be able to uniquely identify the devices connecting to the user account. By adding the MAC address of the device connecting to the tenant we can isolate all devices that are accessing the data. This is different from the devices that are listed in the tenant as installations. A non-authorized user could be accessing a user account if the password has been jeopardized by adding the email credentials to any email client or by accessing the portal directly. Adding the MAC address to the…

    6 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  2. MFA for the the Azure portal only

    We use MFA for the Azure portal, but enabling this carries the MFA functionality to the entire Microsoft suite. This means not only portal.office.com, but all of our applications that use Azure AD, Skype, Exchange OWA, even Yammer! I opened a ticket and was essentially told MFA is all or nothing at this point.

    6 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  3. DreamSpark and Cloud Solution Provider (CSP) subscriptions don’t have access to the classic portal, either.

    DreamSpark and Cloud Solution Provider (CSP) subscriptions don’t have access to the classic portal, either. Is there a workaround for managing the Azure AD or providing a V1 vent to to the webapps created in the ARM portal. How can a CSP partner get the access to the classic portal?

    6 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. Increase allowable square logo file size for company branding.

    The 10000 byte file size is not quite large enough for our 240x240 logo

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  5. Initiate Manual Sync with Intune and AAD

    Initiate Manual Sync with Intune and AAD. Sometimes it takes 30 minutes or more for devices to sync between Intune and AAD. After adding a new device into Intune, it would be nice not to have to wait up to 30 minutes to add the same device into an AAD security group.

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  6. Integrate Azure and Office 365 Health, Reporting, Audit, and Activity information fully with OMS/Log Analytics

    Bring all the analytics and monitoring from all Microsoft cloud services Azure and Office 365 into OMS/Log Analytics please!

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. Bitlocker sync status

    Is there a way to let a device sync to Azure Active Directory every hour or so if Bitlocker is still active? You can already see the decryption key and when it is registered. However, we have to have prove that the device was encrypted at the moment it was stolen.

    Thank you in advance!
    Roy

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow creation of SAML Roles in portal

    Currently to create new roles for a SAML app, I have to either hope the application provider has given me an app manifest, or create them using powershell. It would be much easier for simple apps to create the roles using the portal.

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make Azure AD a first class citizen of Azure

    Azure AD per say is yet a first class citizen w/i Azure. Azure ARM support is needed for pretty much all AD related features

    1) Creating updating Users, Roles, Groups, RBAC using ARM
    2) Creating Service Principals using ARM
    3) Creating automation RunAs service principals
    4) Creating Azure AD application
    5) AAD domain services
    6) MFA using ARM and Graph API
    ...

    Will AAD really become a shining example of a core-azure service someday?
    Looking forward to it...

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  10. Admin status page of current sign-ins/logins/sesssions where sessions can be killed

    Other services have a admin display that shows users currently logged in and allows the admin to kill the sessions (revoking creds, etc).

    This is different than the current Azure AD Sign-ins screen that shows running status of who signed in and when, and whether the sign-in was successful.

    Realize this is a big ask with many moving parts, but something I believe is warranted for security and compliance reasons.

    -thanks
    -e

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. In Application -> Users allow to sort on all columns.

    Currently you can only sort on Display Name. Sorting on other columns (ex: Access) would make management much easier. For instance finding out who has or does not have access to the application is currently impossible.

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  12. Access to Azure Active Directory (Office 365 paid subscription)

    Hi,

    If you create an "Access to Azure Active Directory" subscription from your Office 365 subscription when you are logged with the wrong global admin (Office 365) then you cannot change the Account Administrator (Azure) because the subscription cannot be transferred.

    The only workaround is to log on with a different global admin and create a new Azure subscription to the same Office 365 tenant.

    It is quite confusing and the documentation below should be amended or the procedure simplified so the Azure Account Administrator can be changed or the subscription transferred.

    https://technet.microsoft.com/en-us/library/dn832618.aspx
    https://azure.microsoft.com/en-us/documentation/articles/billing-subscription-transfer/
    https://azure.microsoft.com/en-gb/documentation/articles/billing-add-change-azure-subscription-administrator/

    Thanks

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow quick search and find of user

    When activating Freshdesk for users, I have to manually scroll through pages and pages, until I see the name on the list. But it would be great to have an option to quickly find the user from the list (something like a search bar or the use of Ctrl +F).

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  14. bitlocker

    Please provide an audit trail for access to BitLocker Recovery Keys.

    My investigations of the AAD audit logs show that no audit log entries are created when an AAD user views a BitLocker recovery key in the admin portal.

    The InfoSec departments at many organizations expect to see an audit log entry for security critical actions. Viewing a BitLocker recovery key is viewed as a security critical action.

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. Searching & Filtering in the Portal

    We should be able to search and filter within the portal in a much more complete way than we can today.

    Today, you can mostly search for startwith of a upn/name of a user. This is super limiting, so I go back and live in PowerShell to do anything more than a simple name search.
    And if we want to filter, you can use show all users, or guest users only.

    Give us the ability to search / filter / sort / export any attribute available to us.

    This extrapolates to Groups and other object types too.

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  16. No puedo ingresar a mi correo

    No puedo ingresar a mi correo aun con mi contraseña y proporcionando todos los datos.
    Necesito ayuda

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. 4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  18. M135288860@taalim.ma

    mode passe oublié

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. agregar numero de telefono

    buenos dias he estado observando que por el momento un usuario standart no puede agregar su numero de telefono para reestablecer su contraseña, seria una opcion muy facil que ellos mismos pudieran agregarlo y cambiarlo, sin necesidad que el admin lo haga por ellos asì podran administrar su contraseña y el contacto con el servicio tecnico serà minimo

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add Helpdesk Information to Custom Branding Page

    Office 365 allows you to add in custom Helpdesk Information (URL/Phone #). It would be helpful if we could also apply this to our custom branding page as well, since the sign-in help field does not allow HTML, nor does it respect line breaks in the Plain Text.

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base