Azure Active Directory
Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.
Thank you for joining our community and helping improve Azure AD!
Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account. You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...
-
If the Display Name is manually specified in the invite, the External Azure AD should not override and rewrite it.
When I set up a guest user in Azure AD, and they accept the invitation, the external Azure AD rewrites their display name in a scheme that doesn't match either organization's naming convention. As the users accept the invites, the admin has to go back and rewrite the guest's display name. Doing this for massive numbers of users becomes cumbersome. This property should be able to be locked on the inviting AD.
1 vote -
Sharing Sites and Accessing Apps
Does the one-time passcode work for all MS products, such as for providng guest access to Teams?
1 vote -
1 vote
-
Allow customization for OTP account verification code email
The OTP email that is sent once daily to OTP Azure B2B guests is, quite frankly, ugly. We would like to brand this email with our firm's logo as well as put some friendly language that specifies what application they're trying to sign into so it does not look as much like a phishing email. Please allow us to customize this email and make it more friendly looking as opposed to a very operational security email that may confuse less-than-savvy users.
2 votes -
Guest account registration french translation issue
Guest account registration
When we register a guest account in Azure Active Directory, the text of the autorizations revision is not the same en fr-FR and fr-CA. In fr-CA, the word Photos is plural and this is incorrect and not well received by users. Only the profile photo is accessible. In fr-FR, photo is singular.I think that, for all languages versions, the text should be more specific saying «Your profile photo» / «Votre photo de profil». Guests don't want to share too much information.
Thanks
3 votes -
Fix New guest user invite SharePoint MFA
Right now if you invite a new guest user through SharePoint with a conditional access policy enabled the guest will get an error the first time they try to setup MFA on the tenant they are invited to. If they try to set it up a second time the error is gone and they are able to setup MFA.
Please fix this issue.
1 vote -
451123828@ minia3.moe
نسيت كلمة السر
1 vote -
Hide BitLocker key from the users
Bitlocker encryption keys are found on laptops running windows on https://myaccount.microsoft.com/device-list. These can be abused either by an attacker with access to the machine, or by the final user since it has everyone read permissions on icacls. Furthermore a privilege escalation is possible by reconecting the disk to another computer and change files in order to achieve persistance and higher privileges, since the final user has is bitlocker keys, he can decrypt and see/change other files in another computer.
Details:
A machine that does not encrypt the Windows partition and allows booting from CD, USB or a pre-boot…
2 votes -
sagartravel35@gmail.com
Sagar Roy
1 vote -
One-time passcode authentication for B2B guest users - Is it possible to reduce user session expiry time from 24 hours
While reviewing the public preview feature of One-time passcode authentication for guest users, it was observed that the guest user session expires only after 24 hours. This seems to be a longer window and we will prefer to have the user session time to be something like 8 or 9 hours. The guests will be signing in from their environment and we don't know how secure their environment is and how secure is the email account that they are using. Leaving the user session open for 24 hours seem to be risky and we will prefer to have an option…
1 vote -
Reset my guest account - to fix post migration lost B2B access
URL in AAD where a user can reset their guest account access. We've just gone through a tenant migration and the manual nature of the reset process is painful. It's basically a Delete and Re-invite process to the same e-mail address that is already in AAD.
1 vote -
Proper error-code and messages in the Invite redemption failed page
We use the Graph API to register users, send Invite link to user. User opens the link, grants permission to application to access the data, and from then on user will be able to access our application using the Azure Single Sign-on.
Currently, while signing-up(opening the Invite link), in case of any problem, it shows a Request ID, Co-relation ID, and Timestamp.
It would be better if an error message and error code too can be displayed in this page. This would be really helpful for us. As of now we need to reach out the Azure support team for…1 vote -
Cross tenant support for managed identity
Please add support for cross tenant use of managed identities. Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/known-issues#can-i-use-a-managed-identity-to-access-a-resource-in-a-different-directorytenant
18 votesThank you for reaching out to feedback suggestion forum. Please share more information around your scenario/use-case, end goal, what type of tenants/directories etc. this will help us to understand need and design this integration.
-
Delegated admin not compatible with B2B
It would be great to make compatible delegated administration privileges with B2B, as this affects B2B collaborations when external users tried to gain access to Access Packages in Azure AD - Entitlement management.
0 votes -
Երեմ Սամսոնյան
ԱԲ315933
0 votes -
OTP: Allow a guest and a contact with same email address
Guest Account is not able to sign-in with OTP if an Exchange online contact exists with the same email address and the guest tries to sign-in to the my apps portal.
Error “AADSTS50020
If the guest use the link from the invitation he received by email, there is no issue.1 vote -
Force OTP method for B2B for certain organisation to mitigate double MFA
The OTP method in preview works well. We want to avoid the heaviness of B2B with MFA setup where OTP to a trusted domain is sufficient given they have their own MFA etc. (perhaps not available to gmail/msa accounts.)
1 vote -
1 vote
-
Allow Guest users to change their MFA
Guest (B2B) users should be able to reset/change their MFA options. Currently when a guest user gets a new phone, they have no way to fix the Authenticator app. Currently Guest can only try and find a contact at the tenant org and have them reach out to IT in order to reset. This is very confusing for all users.
12 votes -
Add B2B collaboration and Guest Access for GCC-H
Please add the ability for GCC-H users to add Guests into Microsoft Teams or provide a way to add them into Azure AD as organizational Guests in GCC-H. This capability was a selling point while using the commercial version, but now we are trying to work around this issue. Please implement this feature as soon as possible.
2 votes
- Don't see your idea?