Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Account Lockout sync to Azure AD

    Any chance to sync account lockout on-primise attribute to AzureAD. If on-premise AD account get lockout, user can still access the cloud service externally.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  2. Service account of AAD Cloud Provisioning does not get recreated when it is deleted

    I experimented with AAD Cloud Provisioning by installing it and connecting it to my demo-tenant. Installation and sync went fine. Then I uninstalled it from my server and removed the service-account from the tenant to go back to the initial state. I installed AADCP again on a new server and noticed that the service-account isn't created anymore. The sync will fail and there is no way to get it back up again. Please investigate :)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  3. Why an end user logged in is allowed to modify the SSO configuration of an application

    Why an end user logged in is allowed to modify the SSO configuration of an application.
    I hope he should not be allowed to do that.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  4. Exchange Online changes cloud only

    Changes pushed from Azure AD Connect should have the option to only push account changes pertaining to the account itself ie.. name or password. Changes for Exchange online mailboxes could be made directly in the cloud as to avoid issues with syncing and on-prem hybrid server if one still exists.

    Example - Mailbox A needs online archive enabled, instead of having to make this change on-prem then waiting for the sync to happen and the potential for other issues... make the change directly in O365 Exchange Online.

    Currently this is not allowed for accounts that are "synced"

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  5. Import NSF file to PST

    If you want to import NSF file to PST then you can try NSF to PST Converter. The tool maintains NSF items such as emails, notes, tasks, journals, contacts, calendars, and etc. The tool supports various types of file formats such as PST, EML, EMLX, HTML, PDF, and etc. The tool support all the latest versions of Windows and Outlook. The tool checks the preview of all emails with attachment after the scanning process.

    Read More: http://www.nsf-converter.com/

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  6. When will Azure AD Provisioning be Generally Available?

    When will Azure AD Provisioning be Generally Available?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  7. 0655812067

    A mal mandili

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to sync Hash passwords between AD Local and Azure AD

    We have a local environment with Active Directory with local identities and a subscription with Azure AD with identities in the cloud, is there the possibility of synchronizing these identities taking into account that they are the same users? Initially, it was not possible to implement the password synchronization, but now we would like to implement the hash password synchronization, but we would not know how to actually do it or what risks it entails in the possible elimination of users or data stored in azure. Thank you very much.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  9. Muy buenas tardes. Tengo un problema el teléfono que se puso para acceder a la página ya no lo tengo y no puedo acceder a esta, ayuda.

    No puedo acceder de ninguna manera a worday por que el teléfono que se puso ya no lo tengo, necesito ayuda, no se puso otro segundo número.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  10. More device membership attributes in Azure AD

    We need more attributes posted in the Azure AD builder. Currently we have a small batch of attributes for devices and a huge amount for users. The only way I currently see that we can work with custom attributes is if we use MS Graph or PS. PS does not currently support also Set-AzureADDeviceExtension as a cmdlet so we are stuck with again the MS Graph which is a tone of work for such a feature to be implemented. One of our customers require WUfB and we need to dynamically assign particular devices via dynamic membership but the current list…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enable notification and tracking on AD connect configurations. Send automatic notification as and when AD configuration updated

    Yum uses the Azure Active Directory globally and any changes on Azure Connect configuration make huge impact globally. There are too many administrator that can make changes on that because of global nature. And general change management process doesn't help to track what changes being done Azure Connect. would it be possible to configure automatically notification whenever any configuration changes happened on Azure AD connect and send it to support team ?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow you to select * for Direction in Azure AD Connect, like every other field does

    In Synchronization Rules Editor from Azure AD Connect,
    Why do we have to select Inbound or Outbound yet basically every other field let's you select * / any

    Makes it a real pain tuchus going back and forth between the directions double checking which rule will have precedence over which since it can't show you both directions at the same time

    In this specific case, I was mostly was trying to figure out related to ProxyAddresses sometimes seeming to be sourced from on-prem (and therefore blocking you from making changes in O365) and sometimes allowing you to edit in the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure AD logout doesn't return a result after successful logout which is not implemented per Open ID specification.

    Azure AD logout doesn't return a result after successful logout. After closing the browser Azure AD should return result back as per Open ID specification. This is happening with Mobile Applications and web applications.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  14. "Update your trust now" in Azure AD Connect installation should have a "Learn More" link

    "Update your trust now" in Azure AD Connect installation should have a "Learn More" link.

    When I upgraded my version of Azure AD Connect it reported:-
    "Updates may be available for your Azure AD trust. Update your trust now to ensure you have the latest recommended settings."
    But there is no documentation on how to do this.
    Please write a page on how to do this, and provide a "Learn more" link in the warning message.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  15. Possible to have both Federation with AD FS and Seamless SSO in same Azure AD Connect configuration

    Make it possible to have both Federation with AD FS + Enable single sign-on selected in Azure AD Connect sign-in configuration.

    Scenario: Customer has a single on-premises AD forest (contoso.com) which consists of multiple child AD domains, one for each country and each country also has their own public e-mail domain:
    - us.contoso.com (US, contoso.com is UPN and e-mail domain)
    - fr.contoso.com (France, contoso.fr is UPN and e-mail domain)
    - de.contoso.com (Germany, contoso.de is UPN and e-mail domain)
    - ...and so on.

    US was first to roll out Azure AD/Office 365 and are required to use Federation with AD FS…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  16. Sync Azure AD last login time stamp to On Premise AD in Hybrid Envornment

    At present on premise user who is synced to Azure AD by using AD Connect, his last login from Azure AD is not getting synced to on premise AD
    This attribute need to sync as we are maintaining user life cycle management in on premise AD, If user is not logged into on premise AD for last 45 days then his account will get disabled.
    As user is active in Azure AD but not in on premise AD this is causing issue for user life cycle management.
    Please help for the solution asap.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  19. Invoke-ADSyncRunProfile does not return the RunProfile Result

    The RunProfile Result is returned but the data is incorrect, as shown below. The GUIDs are empty, and the other properties have incorrect or missing data.

    Invoke-ADSyncRunProfile -ConnectorName litware.ca -RunProfileName 'full import' -Verbose
    <#
    RunHistoryId : 00000000-0000-0000-0000-000000000000
    ConnectorId : 00000000-0000-0000-0000-000000000000
    ConnectorName :
    RunProfileId : 00000000-0000-0000-0000-000000000000
    RunProfileName :
    RunNumber : 0
    Username :
    IsRunComplete : False
    Result : success
    CurrentStepNumber : 0
    TotalSteps : 0
    StartDate : 1/1/0001 12:00:00 AM
    EndDate : 1/1/0001 12:00:00 AM
    RunStepResults : {}

    >

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  20. ADSync Cmdlets Fail with Remote PowerShell

    The ADSync cmdlets do not work with remote PowerShell. A command such as Get-ADSyncRunProfileResult works fine when executed on the computer with an interactive logon but fails when run using WinRM with Invoke-Command or Enter-PSSession.

    When called with Remote PowerShell the cmdlets fail when establishing a connection to net.pipe://localhost/ADSyncManagement.

    Since WMI was taken away, we really need a way to access the ADSync module without having to logon interactively.

    Here is the error:

    Invoke-Command -ComputerName myAADConnectServer -ScriptBlock {Get-ADSyncRunProfileResult}

    There was no endpoint listening at net.pipe://localhost/ADSyncManagement that could accept the message. This is often caused by an incorrect address or SOAP…

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base