Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Directory Proxy limits

    Currently, there is a silent limit of 100 conditional access policies that are returned by the Directory Proxy. There is no documentation stating this limit and no way to currently configure the limit.
    I would like for it to at the very least be documented so our customers can find it and not expend countless man-hours trying to figure out why all of their conditional access policies are not functional through Directory proxy.
    See ICM 132666648 for reference.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. Display in the AAD portal for a given user an indication if/when the ID is 'AAD ID Protection-blocked'

    One of my demo AAD personas/IDs was blocked when I did some TOR demos the other day. This was a nice demo/experience and (as designed), blocked the ID since the alerts were 'active.'

    However, I neglected to 'resolve' the alerts in ID Protection and then today, was doing some other demos w/ that user and I had several blocks/interrupts (again, not a bad story, since my user had some ID Protection activities).

    BUT … it would be really great if the UI page for the user in AAD indicated that it was 'AAD ID Protection-blocked' or something.

    It wasn't until…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  3. Custom Domain Should be Allowed

    Currently B2C does not support to run custom policies user flows with custom domain like login.mydomain.com,as far as i know it is under private preview. Does anyone know when Microsoft is planning it to make public.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  4. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  5. Because now and befor need to it will refer allcross go to drivces of it me close Wiless if ip to need be Mac Tv me close too it be cache sy

    iPhone me be aspic to use copy lincen of iPhone 6splus out save to cd or external me to it load But all will go ads advertising sing up use my lince betweenness acer and iPhone in befor look to me why use supscrip 2 time word frist or world two tell for me be what be it too that was it using something for it but give me use mail singin this not sure to will need it may reset password or restall drivces new befor app wep soruce May be promplam for me be it control to that…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  6. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. SCIM for zoom

    Without provisioning, I was able to map my new "JIT" provisioned Zoom users to type=pro in the SSO config.
    Now with SCIM, everyone is set to Basic by default and I don't see anywhere to change that. How can I set users to pro by default or based on the azure app assignment (where I can set it).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide Emergency GA account excluded from all CA policies and keep it disabled

    Provide Emergency GA account excluded from all CA policies and keep it disabled with Data protection Team to validate and enable it (ie. for 24 hours). it can be kept disabled again post X (ie. 24) hours.. Currently base line policy doesn't allow exclusion. If we are in locked out situation. go to some website or reach DP team to enable that GA account to unlock overselves or at least CA administrator level permission to disable CA policies.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. Exclude certain AD Groups from the policies of Azure AD Password Protection (MAB Devices)

    When using MAB authetication in a Domain, one has often to provide the Mac-address as UserName and as Password. Examples can be IP-telephones, computers that are being installed with SCCM, printer,...…

    AAD PPM does not allow names to be equal to passwords, which ist basically correct, but MAB is a common way of registering certain hardware.

    It would be a good idea to make AAD PPM configurable meant to exempt specific accounts from AAD PP on AD-Group Basis or by some other means.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  11. Azure AD User provisioning service : Support Contains Function in Attribut Flow Expression

    Adding a new Expression for https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/functions-for-customizing-application-data called Contains(source[Multivalue], ValueRule).

    This allowes multiple AppRoleAssignments and to set the correct Roles in the SaaS application.

    As a reference SAP Concur with Roles like:
    - Travel user
    - Expense user

    instead of
    - Travel user
    - Expense user
    - Travel and Expense user

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  12. New drive not yes me useing so bad think me adjust too sir not give it use same account me

    Results drake software to it hack system windows and lincen windows of my acer explorers beyond limited start it have drive to lndonisai because spud of acer aspire me be windows sing into it now sir

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow "Secret Token" field to be empty in order to let Azure AD to generate its OAuth token

    For a SCIM application, in the Provisioning panel, "Admin Credentials" section, the "Secret Token" cannot be left empty. If empty, then the page cannot be saved.
    As consequence Azure AD will not generate its own token to be used when invoking the SCIM API.
    Current behavior is: Once I enter any text in the "Secret Token", then that text will be set "as is" in the Authorization header on each HTTP Request made to SCIM.
    This is not acceptable.
    In the documentation it is written that this "Secret Token" is optional.
    We want to use the token generated by the…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  15. More logging, text files, historical data on AZ AD Sync

    Based on a recent problem we had, regarding AD Synch, we´ve noticed that there are no log files being generated locally and it´s very hard to find and keep track on what has happened during the syncs.

    We need more historical information, texte based, searchable, etc

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to export Risky Sign in policies programmatically

    We need a way to export/consult Risky sign in policies.

    In general, a feature should be released with its associated API to allow Microsoft customers to perform automation.

    Support case 119070422001895 confirmed this was not possible.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. ok

    ok

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  18. Staff discount

    My password never works signig in on this site to reserve my staff discount number please send me a code to my mobile so I can reset pass word my number is 07885531073 thanks lee john

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  19. Windows Server AD couldn't match Azure AD user

    Yesterday I tried to have on-premises AD take over my Azure AD user, by create a same user on local AD, use the same UserPrincipalName and ProxyAddress, and it worked.
    Today, I tried this on a brand new Windows Server, it failed several times. I got the email saying: The object has been updated in your Azure Active Directory, but with some modified properties, because the following attributes are associated with another object..
    I want to know why is that happened, and I want it's working.. Thanks in advance.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. MFA Office Phone calling should identify extensions by comma

    Users are typically set in AD with a comma preceding their extension for their Office phones. This is so that users can click on someone's phone number using their cell phone to dial numbers automatically.
    Having to change to " x" breaks this functionality that and in turn when calling from a shared company number, random users become associated with the caller ID.
    In short Azure should be able to work with commas to be able to identify and dial Office phone extensions to prevent breaking other systems.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 158 159
  • Don't see your idea?

Feedback and Knowledge Base