Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Grosse arnaque .

    Meme quand vous cochez la case 6mois ils vous redemande d approuver la connexion pour faire de l argent
    Un procès vous ferais du bien

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow Dynamics 365 Sales as Cloud app in Conditional Access Policy

    Please implement so we can select in conditional access policies under "Cloud App" also "Dynamics 365 Customer Engagement " / CRM / Sales module.
    Also for Business Central ...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow "large" backups of Microsoft Authenticator app

    I have 132 accounts set up in the Microsoft Authenticator app on my phone. When I try to enable backup, I get the message, "Your backup is too large. Cannot save to the cloud."

    I would very much like to be able to back this up so I can move it to another device. Also because I never want to go through the MFA registration of 132 accounts ever again!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable one Trusted Network Location for SMB customers using Security Defaults

    Most folks familiar with security best practices know that enabling MFA is one of the best ways to keep our credentials and tenants safe. However, for many organizations in the SMB space it is extremely challenging to enforce MFA across all accounts when not all of their staff have a smartphone, are not allowed to use a phone at work, or the employer is not able to require employees to utilize a personal phone for work purposes. It's also fairly simple to understand that a phone call to an office with a single phone number doesn't work well for MFA…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  6. Sync Dynamic Security groups to On Prem AD

    I would like to see Azure AD Dynamic groups be synced to on Prem AD. Currently you can sync distribution groups but not security groups. I would love to be able to set up dynamic groups and have my on prem groups reflect changes to things like position changes while staying synced with their counterparts in the cloud.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow multiple accounts with the same MAIL attribute and don't send email to UserPrincipalNames

    We use separate accounts for user and administrative activities. For our admin accounts we don't provision separate mailboxes, so we would want emails to our admin accounts to go to our "user" accounts, but Azure AD Connect reports that Azure AD requires that the mail attribute be unique (i.e. can't be the same on the admin and user accounts). Because of this our administrative accounts don't have a populated mail attribute. Unfortunately, Azure AD's reaction to this is to email alerts intended for those admin accounts to their UPN - which isn't an email address and does not have any…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Directory  ·  Flag idea as inappropriate…  ·  Admin →
  8. deny any role assignment (user, group, service principal) at subscription level and above.

    deny any role assignment (user, group, service principal) at subscription level and above.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Role-based Access Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for Kerberos authentication security events

    The idea behind is to enable Kerberos Authentication Service event from Azure AD Domain controller to get Network Information and Account Information from the computers connected to Azure AD Domain Services https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4768

    In a Microsoft Active Directory, we could easily get event ID 4768 when a computer in the domain needs to authenticate to the DC typically when a workstation boots up or a server restarts. But in Azure AD DS we could not get this event, even after if you enabled the security audits https://docs.microsoft.com/en-us/azure/active-directory-domain-services/security-audit-events

    The Event Id 4768 is not listed under the Account Logon security event lists …

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add an endpoint for retrieving list of tenants where user is a guest

    We need an API for retrieving all tenants where user is guest. This is currently available in Resource Management API (https://docs.microsoft.com/en-us/rest/api/resources/tenants/list), but this gives access to lots of other Resource Management endpoints. When used it might even triggers a policy to force using MFA.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Edge Chromium support for Password SSO (My Apps Secure Sign-in Extension)

    Currently Password SSO in Azure AD is not working on Edge Insider (Chromium) browsers. "My Apps Secure Sign-in Extension" seems only available for Edge, Google Chrome and Firefox. It will be very helpful if this extension is available as Edge Extension from Microsoft Store or built-in:
    https://microsoftedge.microsoft.com/insider-addons/category/EdgeExtensions

    Otherwise it could be a blocker for customers which are using this Azure AD feature to switch to modern Edge on Chromium.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  MyApps portal  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow for additional user profile attributes to be updated to applications beyond user name, manager, active status and language.

    Currently only able to update the following from Azure AD to Cornerstone On Demand App:

    cornerStoneUser.Contact.Name.Last

    cornerStoneUser.Contact.Name.First

    cornerStoneUser.Active

    cornerStoneUser.Organization.Manager

    cornerStoneUser.Language

    We would greatly benefit from being able to update the Department/Division attribute as well, as we have a moderate amount of movement between Departments within our organization.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow the Azure Security Blade appear in favourites

    Allow Azure admins to add the Security Blade (https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/SecurityMenuBlade/GettingStarted) to the 'Favourites' area, as more and more features are being bundled into that blade.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support License Assignment on Entitlement Management

    Currently, we are using assignment to group method for office 365 license.
    I hope enhance our administration for license assignment task.

    If you support to license assignment on entitlement management, we are able to complex license assignments for restrict access users.
    (ex. only e-maill access, device managment only, etc.)

    I hope support the entitlement management to the license resource.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. I need help to grant my admin profile can you help me ?

    I need can to work on azure portal shell but don´t allow me!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. Azure AD Authentication for Mobile that can redirect authentication request to different Claim Provider Trust

    Hello,
    We hope that Azure AD Authentication can redirect Mobile device authentication request to different Claim Provider Trust such third party Airwatch Workspace One.

    Regards,
    Jake

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Requested feature for Azure AD Conditional Access policy Third party MDM compliant check

    We would love to have the ability in Azure AD Conditional Access that can allow or block base on different MDM provider as for mobile device compliant check.

    Regards,
    Jake H.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Get list of Azure apps with SSO enabled

    I would like to be able to use either Get-AzureADServicePrincipal or Get-AzureADApplication to obtain a list of All Azure apps that have Single Sign On enabled. E.g. SAML, Password-Based, Disabled, Linked, etc.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Password strength meter

    Need a password strength meter or some kind of feedback at the create a new password form (non B2C)
    I asked about this at Ignite also. I understand we don't want to put the complexity policy out there and that password protection is going to make that 'fuzzy' anyway but we need a strength (or quality?) meter. It could check policy as well as the password protection mechanism and let the user know when they have a password that is strong enough (red yellow green) without letting them know the actual policy. Any feedback at that form is better than…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 184 185
  • Don't see your idea?

Feedback and Knowledge Base