Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. If the Display Name is manually specified in the invite, the External Azure AD should not override and rewrite it.

    When I set up a guest user in Azure AD, and they accept the invitation, the external Azure AD rewrites their display name in a scheme that doesn't match either organization's naming convention. As the users accept the invites, the admin has to go back and rewrite the guest's display name. Doing this for massive numbers of users becomes cumbersome. This property should be able to be locked on the inviting AD.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  2. Sharing Sites and Accessing Apps

    Does the one-time passcode work for all MS products, such as for providng guest access to Teams?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow customization for OTP account verification code email

    The OTP email that is sent once daily to OTP Azure B2B guests is, quite frankly, ugly. We would like to brand this email with our firm's logo as well as put some friendly language that specifies what application they're trying to sign into so it does not look as much like a phishing email. Please allow us to customize this email and make it more friendly looking as opposed to a very operational security email that may confuse less-than-savvy users.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  5. Guest account registration french translation issue

    Guest account registration
    When we register a guest account in Azure Active Directory, the text of the autorizations revision is not the same en fr-FR and fr-CA. In fr-CA, the word Photos is plural and this is incorrect and not well received by users. Only the profile photo is accessible. In fr-FR, photo is singular.

    I think that, for all languages versions, the text should be more specific saying «Your profile photo» / «Votre photo de profil». Guests don't want to share too much information.

    Thanks

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  6. Fix New guest user invite SharePoint MFA

    Right now if you invite a new guest user through SharePoint with a conditional access policy enabled the guest will get an error the first time they try to setup MFA on the tenant they are invited to. If they try to set it up a second time the error is gone and they are able to setup MFA.

    Please fix this issue.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. 451123828@ minia3.moe

    نسيت كلمة السر

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  8. Hide BitLocker key from the users

    Bitlocker encryption keys are found on laptops running windows on https://myaccount.microsoft.com/device-list. These can be abused either by an attacker with access to the machine, or by the final user since it has everyone read permissions on icacls. Furthermore a privilege escalation is possible by reconecting the disk to another computer and change files in order to achieve persistance and higher privileges, since the final user has is bitlocker keys, he can decrypt and see/change other files in another computer.

    Details:

    https://sec-consult.com/en/blog/2019/04/windows-privilege-escalation-an-approach-for-***********-testers/

    A machine that does not encrypt the Windows partition and allows booting from CD, USB or a pre-boot…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  10. One-time passcode authentication for B2B guest users - Is it possible to reduce user session expiry time from 24 hours

    While reviewing the public preview feature of One-time passcode authentication for guest users, it was observed that the guest user session expires only after 24 hours. This seems to be a longer window and we will prefer to have the user session time to be something like 8 or 9 hours. The guests will be signing in from their environment and we don't know how secure their environment is and how secure is the email account that they are using. Leaving the user session open for 24 hours seem to be risky and we will prefer to have an option…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  11. Reset my guest account - to fix post migration lost B2B access

    URL in AAD where a user can reset their guest account access. We've just gone through a tenant migration and the manual nature of the reset process is painful. It's basically a Delete and Re-invite process to the same e-mail address that is already in AAD.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  12. Proper error-code and messages in the Invite redemption failed page

    We use the Graph API to register users, send Invite link to user. User opens the link, grants permission to application to access the data, and from then on user will be able to access our application using the Azure Single Sign-on.

    Currently, while signing-up(opening the Invite link), in case of any problem, it shows a Request ID, Co-relation ID, and Timestamp.
    It would be better if an error message and error code too can be displayed in this page. This would be really helpful for us. As of now we need to reach out the Azure support team for…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  13. 18 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  14. Delegated admin not compatible with B2B

    It would be great to make compatible delegated administration privileges with B2B, as this affects B2B collaborations when external users tried to gain access to Access Packages in Azure AD - Entitlement management.

    0 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  15. 0 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  16. OTP: Allow a guest and a contact with same email address

    Guest Account is not able to sign-in with OTP if an Exchange online contact exists with the same email address and the guest tries to sign-in to the my apps portal.
    Error “AADSTS50020
    If the guest use the link from the invitation he received by email, there is no issue.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  17. Force OTP method for B2B for certain organisation to mitigate double MFA

    The OTP method in preview works well. We want to avoid the heaviness of B2B with MFA setup where OTP to a trusted domain is sufficient given they have their own MFA etc. (perhaps not available to gmail/msa accounts.)

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow Guest users to change their MFA

    Guest (B2B) users should be able to reset/change their MFA options. Currently when a guest user gets a new phone, they have no way to fix the Authenticator app. Currently Guest can only try and find a contact at the tenant org and have them reach out to IT in order to reset. This is very confusing for all users.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add B2B collaboration and Guest Access for GCC-H

    Please add the ability for GCC-H users to add Guests into Microsoft Teams or provide a way to add them into Azure AD as organizational Guests in GCC-H. This capability was a selling point while using the commercial version, but now we are trying to work around this issue. Please implement this feature as soon as possible.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base