Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. redo-msolprovisionuser

    If you run redo-msolprovisionuser against a contact object you get an error:
    Redo-MsolProvisionUser : Access Denied. You do not have permissions to call this cmdlet.
    At line:1 char:1
    + Redo-MsolProvisionUser -ObjectId 44519076-1885-45e3-9107-f0193aab1e04
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : OperationStopped: (:) [Redo-MsolProvisionUser], MicrosoftOnlineException
    
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.UserNotFoundException,Microsoft.Online.Administration.Automation.RedoProvisionUser

    You should improve this error to reflect the fact that you are running a user-based command against a contact, and you should run redo-msolprovisioncontact instead.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  2. 60 dagen code graag langer laten duren dan een uur 🙄

    Niet IEDERE keer als ik inlog een nieuwe code sturen Aub!

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  3. Allow True Custom Claims Without Scripting

    Currently the only user claim you can create and manage through UI is the role. If you want more than that, you need to add an extension element on each user individually through Powershell, then link to it through the custom claims in the manifest, making efficient management an impossibility. This effectively eliminates Azure AD as an option when developing SSO integration in any application that needs per-user information. The UI for the role (a simple dropdown) could be duplicated, and expanded with options such as checkboxes for an array of predefined values or open textboxes for individual strings.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  4. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  5. Access to edit user disconnected session timeout settings in AD users and computer

    We should have the access to edit user disconnected session timeout settings in AD users and computer in AADDS users OU.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  6. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  7. respeito as diferenças

    Segurança geral da internet,inteligência emocional e artificial juntas em armonia na administração interna,externa,local e internacionais,com confiabilidade,sabedoria,saúde,responsabilidade,Amor frateno com os direitos de interatividade para todos os meios de comunicações no mundo inteiro para todos nós...

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  8. Office My account Login

    Office My Account - if you are a existing user login office.com/myaccount, New user can create your office here. Once you account ready you can download and install MS Office in your device.

    https://www.msofficekeyoffice.com/my-account/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  9. Better instructions for choosing password in the AAD B2B Redemption Page

    Provide better error information or apply password policies so that the users do not create a weak password in the B2B redemption page scenario as explained in the below link.

    The password rules mentioned here[https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts] are not available to the user while choosing the password, as a result, the page throws an error with no specific error information or work around.

    https://stackoverflow.com/questions/55592569/password-complexity-issue-with-b2b-invitation-redemption-page/55603737#55603737

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  10. Implement Application Permission 'Directory.ReadWrite.OwnedBy' in AAD

    We want to implement an automation job to update the token in Azure AD synchronization API (Provisioning in Enterprise Application). According to the documentation in this link: https://docs.microsoft.com/en-us/graph/api/resources/synchronization-overview?view=graph-rest-beta#authorization, we need to give the service principal Application Permission Directory.ReadWrite.All to work with the synchronization api. This Application permission is too powerful since it will have access to all directories. We don't want to give a service principal this power due to the risks it may raise. Thus, we hope an Application Permission like Directory.ReadWrite.OwnedBy can be implemented in the design, so that we can use the service principal writing to…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  11. azure AD connect clear failed exports

    I recently got stuck with bad thumbnail photos trying to sync to AAD from AD. After changing them on premise, changing them in the cloud, trying to set the field to NULL with sync transforms, I couldn't get it to get past these failed exports. AAD Connect needs the ability to clear these failed exports as opposed to wiping the whole thing out and starting over.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  12. Alias

    After I entered my phone number. I went to enter an email. Then I decided I didn’t need to use that email as I do not really monitor the email entered. I went to remove said email to just stick w/ my phone muber for my window user profile. Now windows is making me keep the email I barely use as my new alias and not remove without adding another email. I do not like this at all. Not everyone has a bunch of emails plus I want my phone number to be my original alias. Give me that option…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

1 2 4 Next →
  • Don't see your idea?

Feedback and Knowledge Base