Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Need some way to deal with: "AADB2B_0001 : We cannot create a self-service Azure AD account for you because the directory is federated"

    Not all B2B invites can be redeemed successfully. Failures happen for reasons that are out of the inviters control (leading to an inability to fix the problem) and are not predictable (leading to poor user experience).

    I suspect this problem happens most frequently when a partner organization bungles taking ownership of their tenant. MSFT needs to make it much harder for people to render their production tenant in such a disfunctional state.

    42 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow B2B Guest users to authenticate on Windows 10 Azure AD joined Devices

    Allow B2B collaboration users (Guest users who signs in with an account that's managed by another Azure AD directory) login into Azure AD Windows 10 joined devices.

    Use case: Collaboration between an educational institution and a public library. Adding student Azure AD (AAD) accounts from the educational institution as AAD Guest accounts in the public library AAD tenant would allow students to use their educational institution AAD credentials to login into the public library Windows 10 AAD joined devices.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  3. Permit OTP for users who do have a corresponding Azure AD account

    We sometimes encounter situations where a user may actually have an existing Azure AD account (in another tenant) or and MSA - but we want to invite them as an OTP user.

    The reason for this - using the existing AAD account as an example - is that this may be an account that is the product of some abandoned POC that this other org did. And as a result, the user does not know the password and SSPR may not be enabled. The result is that the user is unable to redeem a non-OTP invite.

    For best flexibility, maybe…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  4. Restrict Azure B2B Guest Users from viewing Group members in https://myapps.microsoft.com

    We would like to restrict B2B Guest users from viewing Groups that they are part of, or from viewing the Members inside those Groups.

    Currently, the feature to turn this off (Under Groups - General - Self Service Group Management - Restrict Access to Groups in the Access Panel) exists for ALL the users in the directory and not for the Guest users only. Hence, If we turn this off, then the internal users won't be able to leverage the Self service group membership feature. And if we keep this on then we will end up letting the Guest users…

    29 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  5. Invite redemption url get

    We are able to invite new guest users into our AD Tenant using either PowerShell or Graph API. Using this approach we may choose not to send the Invitation E-Mail, in which case we would get the Invitation Redemption URL and we can send it to the "guest" in any way we choose allowing us to better control the first step of the overall invitation experience.

    The issue is that once we get the URL, we have no way to retrieve that URL back in the future. It is up to us to save that URL for future use or…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  6. Guest invitation sender email customization

    Currently when Guest user is created in Azure AD invitation is ent to guest using "invites@microsoft.com" email address and due to this sometimes guest users ignore this email as spam. Instead of @microsoft.com domain , can we use our own company domain email here?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. B2B Scenario - the B2B Guest User should use the MFA or their autheticating tenant

    In a B2B scenario, I share information on ODfB or SPO with external users from another tenant and require MFA ot access this information.
    The B2B user would need to enroll into the MFA for my tenant, even though he already is setup to use MFA in his tenant. This would result in multiple Authenticator accounts for the same orignal Azure Account.
    I would expect the Service hosting Azure AD to accept the MFA of the users home tenant.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  8. Update UPN/Mail of B2B account

    Add possibility to update mail / UPN of Azure Guest account. That is required if mail of host user has been changed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  9. How To Make Money On Youtube

    How To Make Money On YouTube
    https://onlinefreeearningtips.com/how-to-earn-money-from-youtube/

    It is safe to say that you are keen on setting up another lingering salary stream? While becoming super wealthy with YouTube is far-fetched, it's incredibly plausible to make an extra $50-$100 consistently or two. Here are the means by which I do only that!

    Hoping to bring in a minimal expenditure on the Internet? Why not check out YouTube? You don't need to strike it fortunate or become famous online to procure cash with YouTube, however on the off chance that you do happen to fall into such karma, there's a significant…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  10. If you are using federation authentication and the user doesn’t already exist in Azure AD, the user cannot be invited. In order to resolve t

    If you are using federation authentication and a user invited as guest to a tenant doesn’t already exist in Azure AD, the user cannot be invited. In order to resolve this issue, the external user’s administrator must synchronize the user’s account to Azure Active directory. The error message given the user, when the user attempts to accept the invite to the new tenant is 'an unexpected error occured'. This error message cost us a lot of time trouble shooting

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  11. I would like to restrict access Guset users who are Microsoft Account

    when I invite guest users, if he or she has both Microsoft Account and Work or School Account (has same upn), he or she can select which one user to access my tenant's resources.

    In order to strengthen a security, I would like to restrict access to Microsoft Account but Azure AD does not have this feature.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  12. Set a due date for guest users

    Currently there are a lot of unneeded guest users in Azure AD.
    So I want to set a due date for guest users.

    For instance, Guest users don't sign in for 90 days, it is deleted or blocked automatically.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  13. Independent Escorts Service For Man in Haridwar

    If you noticed that you intend to spend additional time with somebody, you need to use her for a meal date. She will reveal breath-taking, and you will have a top-quality time. She will assist you to truly have significant time, and you might get the top-quality power to her/him you can mix right back on your work. You will experience pleasure when you consider the best situation you may spend quite a long time conditions with her. You will effective at money a great deal therefore you will get yourself a pricey lifestyle. http://www.haridwarescorts.com You are the section of…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  14. Outlook OST Recovery tool

    Are you searching for a recovery tool? If yes so you are in the right place because we brought a smart solution to recover data again from offline OST. It easily recovers data from OST file even it can recover permanently deleted data and lost data. After the recovery task, you can convert your data into PST and other file formats such as EMLX, MSG, MBOX, vCal, vCard, HTML, and EML. The smart solution is OST to PST Converter application that has the best technology.This tool does not make any difficulty during the conversion task. It will allow you to…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow guest users to configure FIDO2 passwordless authentication

    Allow guest users the ability to register FIDO2 security keys for their accounts. Currently this is only available for "Member" users but we would like to see this available for "Guest" users as well.

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-security-key#user-registration-and-management-of-fido2-security-keys

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  16. B2B include Manager access reviews

    B2B governance options are currently limited to the group and app reviews. If a guest account that has no group membership or application access these guest users fall between cracks.
    Although the review can be performed by User Admin this will require centralization of the governance function.
    Suggestion: add a Manager review and fall back to User Admin or Security team review of guest accounts as a last resort.
    Develop and publish governance process ensuring all guest accounts are accounted for, outlining options for guest account internal ownership allocation ( Manager or responsible person), ways to include a responsible person…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  17. For the user export function, I would also need the column source, especially for guest users this is a key attribute.

    For the user export function, I would also need the column source, especially for guest users this is a key attribute.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  18. Automated GuestInvites or Tenant Federation

    We got customers, that work very close with several partner tenants. Instead of the current B2B self-service invite process, they look for a solution to automatically provision, update and deprovision guests from selected tenants in their tenant.
    Currently the only solution we can deliver this feature is by leveraging Microsoft Identity Manager (MIM) and Graph API Apps to synchronize AzureAD Tenants. Thes works very well if we only integrate a few tenants.
    If we would get this functionality out-of-the box, so that e.g. Tenant X just request Tenant Y to synchronize user objects as guest. And of course after Tenant…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  19. B2B Guest User schema to indicate Host and Guest Org Unit data

    Although the current gust user schema contains Org unit information, there is a need to distinguish between the guest Org Unit details and the Host Org unit details for proper access decisions, segregation of duties verification and account and access governance.
    Suggestion: please update the guest account schema to include both guest and host Org unit information.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  20. Who created guest user

    Hi,

    Currently i have no possibility to see who created a guest-user, except going through the audit-logs.
    Maybe the User inviting the guest could be automatically set to the "Manager" attribute(which is currently not available for guest users).

    Then the monthly review of created guest-accounts would be much easier to handle, as you could ask the inviter/manager if still needed.

    46 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    This is good feedback and is in our backlog but not currently under development. While we work on prioritizing/designing the feature, it’s helpful to hear from you how you would use this information in your scenarios. Please let us know by adding comments here.

    Thanks,
    Elisabeth

← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base