Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  2. automate disjoin

    With a mass deployment to be able to use Intune MDM management, our devices needs to be joined and registered correctly. However, most of our devices are in "Pending" state and we would like the ability to do a bulk disjoin, remove the email account under Access work or school settings, and then be able to re-register the device successfully to be later enrolled in Intune MDM management.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow OTP users to update/change their source of authorization to AAD or Google federation

    When I turned on the OTP preview, it automatically forced users who did not have a domain listed in AAD or google to use an OTP, but it's rediculous to have to use OTP every time you log into an Extranet or Employee portal. I would like for users to use OTP as a last resort and be given the option to use or create a Microsoft account first, even if they used OTP previously with their current email address.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  4. AAD Login to Windows automatically joining Intune

    After automatically joining AAD, need a way for those systems to also automatically join Intune. Maybe even by granting a specific Intune App access to the VM as admin or something like that.
    Don't want to auto enroll all, as this should only work for these Azure VMs.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  5. Do not remove the successfully HAAD Joined computer from Azure AD if the userCertificate attribute was deleted on prem (mode)

    when the userCertificate attribute is changed/Corrupt on prem (source of change unknown yet), the computer objects gets deleted from Azure AD due to current sync rules and logic. there should be no reason to depend on this attribute after the station was successfully registered. And since the computer is not aware of this sync change between AD and AAD its local state still tells the station its registered and no re-registration attempt is made. we can allways block registration by deleting the device from AAD or block the user. and WAM is Disabled to bypass. case 120021424002034 The point is…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  6. make the fallback to software key faster in case hardware TPM fails.

    during hardware/software updates sometimes the TPM got corrupted and the users are not able to access resources that depend on Azure AD PRT until Windows is able to perform automatic fallback to software key. Due nature of the fall back process (station reboot has to happen to reregister, and after that the user has to sign in again to get AAD PRT) there is a latency with getting AAD PRT and Cx helpdesk has to work with end users to address the issue faster than to wait for 1-2 days to self recover. and WAM is Disabled to bypass. case…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  7. mi caso

    yo he sido victima de hackers han robado toda mi privacidad es como violar reproducen mis cuentas venden infrigen los derechos roban dinero roban mis apps y las venden es una situacion fea y nadie debe vivirla se descomponen los celulares .roban delincuentes metidos en mi telefono infrigiendo la ley

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  8. What is Azure

    The page states “Download the Azure Portal App.”

    This page should provide information what exactly the Azure Portal is?
    I should not have to go searching for this information.

    Also, the only mobile device I have is my cell phone.
    Sorry, my cell phone is my personal phone and I do not have memory to download another app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  9. Bulk import gives error after csv upload - example csv cannot be modified and uploaded - need a working csv

    a working downloadable csv bulk import sample file would be helpfull.
    You would expect a sample file to be ready to import right away - with no changes (execpt the email adresses) necessary.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  11. Edit the Password Policy - Azure AD - 5 Attempt lockout, Password History at least 5

    Right now if a device is Azure AD joined there is no lockout policy and the password history is only compared to the most recent password set.
    In regular Microsoft Active Directory there are many more options you are given for a more secure password practice:
    -If 5 incorrect attempts are made into a device login it should lock for 1-2 minutes and there should be an option in Administrator to be able to unlock
    -Compare new password to past 5 passwords

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  12. system assigned managed identity enables Azure resources to authenticate to cloud services (e.g. Azure Key Vault) without storing credentia

    Please updat ehte documentation to reflect the fact that we need to enable this feature BEFORE se install the extention. as in a requiement.

    system assigned managed identity enables Azure resources to authenticate to cloud services (e.g. Azure Key Vault) without storing credentials in code. Once enabled, all necessary permissions can be granted via Azure role-based-access-control.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  14. Let's do it automatic instead

    Manual join a VM to a domain and manual disjoin domain to a domain before removing/deleting the VM is too much . Giving the current state of the art , it should be possible to do it in the console when creating the VM or removing it. It will resolve orphans.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  15. Passwordless Sign in for Azure Active Diretory using Fido 2 security Keys

    As the machines are joined to local domain I am not able to join the machines to Azure AD to implement this service. Can you guys guide me the way how to Join the machines which are joined to local domain without changing the ndomain

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Angola to the list of countries for creation of tenant

    While trying to create my Azure AD/Tenant, I have noticed that my location (Angola) is not available in the list of countries or regions. It is clear that I cannot choose a random country/region now because I won't be able to alter it later, therefore, could you please add this country to the list?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  17. Do we have a powershell method to activate Azure Resource roles ( not Azure AD roles )

    Do we have a powershell method to activate Azure Resource roles ( not Azure AD roles )

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  18. New variables in Intune groups

    When creating groups in Intune I would like to see more dynamic variables to query from such as Apple Serial #. I have too many instances where my groups neeed to be tied to static devices when being enrolled.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  19. Some machines not Hybrid Azure AD Joining despite correct settings

    Some machines not Hybrid Azure AD Joining despite correct settings.
    The task for dsregcmd returns 0x1 but does not join a machine. When trying to run the command manually, I get a "Run as system". This is on 1803.
    We have several 1809 machines that throw an HTTPS 400 error code. We successfully are able to connect to the websites listed on the setup process.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
2 Next →
  • Don't see your idea?

Feedback and Knowledge Base