Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  2. Search for users by Employee ID

    Now that Employee ID is a populated field in the user profile, please enable the ability to search the tenant by Employee ID from the user search field.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  3. SCIM App Roles and Groups

    Please add a flag to treat Enterprise Apps Roles as groups.

    i.e. a new role is added to an application it will provision a group via SCIM.

    i.e a user is added to new a role in an application it will be added to that "group" in the application.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  4. Better management options in azure portal

    I want to be able to perform more bulk options from within the azure portal. Examples include bulk output of users with directly assigned licenses, bulk removal of those directly assigned licenses, and to be able to export any list with filters applied, or order a list of users by any column. This has been doable in excel from the beginning of time, why can't it be done in azure?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  5. Increase max-length of EmployeeID attribute of a user, so a GUID can be stored

    At the moment its not possible to store a GUID in the EmployeeID attribute field when editing a user in Azure AD. The max length is 16 characters.

    For "Department" and "Company name" its possible to add 64 characters, but it is limited to 16 characters for EmployeeID.

    Its very common to have a guid (uniqueidentifier) as the identifier for users, so it would be good if that fields max-length can be increased.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  6. Confidential attributes

    It is very common to for an IAM / IGA solution to have more attributes than is readable by the user, such as SSNs or other sensitive information. In Windows Server AD, the "confidential bit" can be used to have an attribute in AD only available when specifically granted permission to read it.

    Such as feature is highly needed in Azure AD, as today, any user can read essentially any attribute of other users.

    Primary use cases:
    - Ability to issue SSN or other sensitive info in encrypted SAML token
    - Ability to sync SSN or other sensitive info using…

    63 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  7. AADLoginForLinux aadlogin add a new group for the 'Virtual Machine User Login' role in Access control (IAM)

    In Access control (IAM)
    the Users with "Virtual Machine Administrator Login" belong automatically to the 'aad_admins' group,

    getent group aad_admins
    aad_admins:x:9999:

    Can you please also add a new group for the user with the role

    'Virtual Machine User Login'

    this will improve a lot the management login user and permissions

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  8. Have a function to cleanly remove Azure AD user profiles from Windows 10 devices.

    There should be an option, GUI or Powershell to cleanly remove all user profile data for a specific Azure AD user on a Windows 10 computer similar to the available tools for local/domain profiles such as netpl.wiz.

    This is important for redistribution of a device without re imaging for cases such as leaver management or device reassignment where the device is fully configured but the assigned user is changing.

    20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  9. Guest account created with same e-mail address as is used in O365 GAL

    Currently - if you create an external contact in the GAL, you can create the same user after as a guest user with all attributes correct for about 2 hours. After that the guest user gets created with e-mail blank. Since the system can obviously support the two items with the same e-mail - please remove the control that block this

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  10. Add "lastUpdatedDateTime" to user allowing custom delta synchronization

    I use the Microsoft Graph API to "get all users in organization". I use the delta request (https://graph.microsoft.com/v1.0/users/delta) but it has some limitations - so I will have to do my own delta request. But the user object does not include a "lastUpdatedDateTime" property that I can use in my filter. I use a local storage and users are sync in a background task - and I would like to avoid getting all users (but only "changed" users) on every sync.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  11. Need the ability to fix user cloud address when in Hybrid mode

    We are in Hybrid mode with on-prem Active Directory and we have issues where an account gets created in the cloud based on aadconnect sync and the @company.onmicrosoft.com is created automatically and is in conflict with another account that has claimed that address. If we were cloud only, we could go in and fix it directly in the cloud. Since we are in Hybrid mode, you cannot manually update that address. The only option you have is to delete the account and let it recreate. If you have data, MFA, ODB, etc. well you have to try to restore it,…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  12. Auto-merge new guest users with old mail contacts

    While creating new guest users I do see if the same alias mail contact is present we get an error and the guest account gets created and there are two email aliases gets available.

    Request to Microsoft Engineering team to create a behavior where these accounts will get merged.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  13. award

    Add the ability to associate users with custom organizational accomplishments/badges to be used for internal campaigns.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  14. Allow the deactivation of AD user accounts without having to delete them

    Our company policy is not to delete AD user accounts for historic purposes, so we are not able to deactivate them as they will be deleted in 30 days. This creates a problem in applications like Power BI when looking at a subscription list. End users see all AD user accounts instead of just active ones so there is much confusion over which one to pick when a single user may have had multiple different user accounts in the past. Our work-around has been to put "#" in front of the user's name so they are found in a search.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  15. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  16. Allow creating OUs to manage users

    This is simple. Just allow for us to create OUs in the User area so we can break apart users by department and/or other methods. Right now having all users in one place is extremely cumbersome and annoying. We don't even have an area we can move ex employees so its just a pain with them all in one spot.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  17. Lock Account

    Create ability to unlock user seamlessly using a button on top much like the block user option. Define the threshold for when accounts become locked such as a certain number of login attempts. Like an lock icon.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  18. BULK DOWNLOAD REPORT - User Name

    The attribute "User Name" is missing in the bulk download report. It's important information....Please include it

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  19. Autocomplete

    What are our options and forcast? Politely optimize for me and my people. Crunch our data safe and wise.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  20. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base