Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Pre-provision Autopilot devices

    Allow administrators to pre-provision Autopilot devices in AAD so that they do not have to allow users to join devices to AAD (aka personal devices).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  2. Problem with Azure AD Join USERPROFILE. Should be set to ASCII characters only

    This is such a triavial issue I'm amazed how it hasn't been addressed for years now.
    Here's the problem in more details:
    When a Windows 10 device is joined to Azure Active Directory, the logon process creates the user's folder in this location: c:\users (as might be expected, this becomes the %USERPROFILE% path). The folder name appears to be constructed based on the user's First name and Last name, as entered in the Azure Active Directory.
    However, when the user's first name or last name in the Azure Active Directory includes non-ASCII international characters (for ex. šđčćžáāķļ), these will be…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  3. Expand sign-in with AAD preview

    Please expand the sign-in with AAD preview to support more Windows OS's and other clouds. We want to leverage AAD sign-in to support Azure and AWS instances. We have mix of Windows server (2012R2 min) and Linux (CentOS/RHEL 6/7).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  4. HYAADJ | TOAST Notification | Work or school account problem. We need you to fix your work or school account (most likely your password...

    Issue: Users getting TOAST notification every time user reboot the devices or lock and unlocks the device after sometime or VPN is disconnected.

    Full Error Message:
    Answer: Work or school account problem. We need you to fix your work or school account (most likely your password changed) Click here to fix it in Shared experiences settings

    Any application which leverage silent token renewal of PRT (non-interactive) through WAM and if that silent renewal fails user will see TOAST notification and it will throw in AAD as well “Interaction Required”

    Such notifications are false/positive, how do we ensure to provide better…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure AD Domain Join for AWS Windows 2016/2019 EC2 instances

    Would like to use "Azure AD Join" for AWS Windows 2016/2019 EC2 instances to allow RDP access with Authentication via Azure AD credentials. Security is in favor of approving the following if available in AWS.

    Similar, but different situations are described here:
    https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows
    and
    https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join

    Note that "Hybrid Azure AD Joined" does not meet corporate security requirements.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  6. Prevent Azure AD Device Registration

    Prevent Azure AD Device Registration, and only allow Azure AD Join for Windows 10 devices.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  7. Display a 2nd, customizable warning message when registering private device in AAD

    The current wording ("Make sure this is your organization") of the warning message when registering a private (non-company) device to AAD needs to be modified, or the ability to display an additional (tenant customizable) warning message needs to be introduced. We are having occasions where users are joining personal devices to the company AAD tenant without fully realizing the consequence of doing so. When clicking Join, they see the "Make sure this is your organization" message and feel confident that it is, and so continue. They fail to read the smaller text (or fail to understand the significance of the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  8. Bring the web-sign-in feature to GA, it works for us

    We’re successfully testing Intune device enrollment for Windows 10 with our Shibboleth IdP federated tenant. We’re using cloud only enrollment manager accounts and applying a web-sign-in policy when enrolling the machines. The end user does the web-sign-in but then has the option to enroll in Windows Hello and use a PIN going forward so it can be a sort of bootstrap procedure for them.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add Device owner to Hybrid AAD joined Machines

    Joining machines to Hybrid AAD helps with Conditional Access polices etc. When a machine is Hybrid Joined it loses the owner of the machine. This is by designee .

    But for an administrator it is a pain to go through AD logs and identify who is using the machine or who is logged in.

    This is why i am requesting to add the feature to have machine owners added to Hybrid AAD devices on azure console.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  11. Need a full manual page for dsregcmd.

    Dsregcmd is vital for troubleshooting Azure AD Join and Hybrid Azure AD join issues, yet MS has published no full manual page on how to use it. Using the /status switch is helpful, but I have to go to forums and blogs to get basic info on /join, /leave, and /debug. A command this important should be thoroughly documented.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  12. Saved Password on Azure AD Computers

    I hope I am here on the right place with my issue but form my perspektive it's unlikly a Teams Problem:
    If a device is joins the Azure AD after a User logs into his Teams Account on a shared Laptop (for Presentations etc...). After he loggt out from Teams he only neets to enter his username to login in again. To prevent this you neet to disconnect the Account in Settings\Account settings\access Work or school. This is not a very confortable way and makes the Teams Network vunerable if a User Stayed logged in on a public PC.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow OTP users to update/change their source of authorization to AAD or Google federation

    When I turned on the OTP preview, it automatically forced users who did not have a domain listed in AAD or google to use an OTP, but it's rediculous to have to use OTP every time you log into an Extranet or Employee portal. I would like for users to use OTP as a last resort and be given the option to use or create a Microsoft account first, even if they used OTP previously with their current email address.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow vms with a long name to use Login with AAD credentials

    If you create a Windows VM with a name that is longer than 15 characters the Azure AD Join fails.

    The local name gets cut down to 15 characters but then it somehow cannot make a connection to the Azure AD.

    It should not matter how long the vm name in Azure is, the join should always work or there should be some kind of check which tells one to not use names longer than 15 characters when activating Login with AAD credentials.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  15. AAD Login to Windows automatically joining Intune

    After automatically joining AAD, need a way for those systems to also automatically join Intune. Maybe even by granting a specific Intune App access to the VM as admin or something like that.
    Don't want to auto enroll all, as this should only work for these Azure VMs.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  16. Do not remove the successfully HAAD Joined computer from Azure AD if the userCertificate attribute was deleted on prem (mode)

    when the userCertificate attribute is changed/Corrupt on prem (source of change unknown yet), the computer objects gets deleted from Azure AD due to current sync rules and logic. there should be no reason to depend on this attribute after the station was successfully registered. And since the computer is not aware of this sync change between AD and AAD its local state still tells the station its registered and no re-registration attempt is made. we can allways block registration by deleting the device from AAD or block the user. and WAM is Disabled to bypass. case 120021424002034 The point is…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  17. make the fallback to software key faster in case hardware TPM fails.

    during hardware/software updates sometimes the TPM got corrupted and the users are not able to access resources that depend on Azure AD PRT until Windows is able to perform automatic fallback to software key. Due nature of the fall back process (station reboot has to happen to reregister, and after that the user has to sign in again to get AAD PRT) there is a latency with getting AAD PRT and Cx helpdesk has to work with end users to address the issue faster than to wait for 1-2 days to self recover. and WAM is Disabled to bypass. case…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  18. What is Azure

    The page states “Download the Azure Portal App.”

    This page should provide information what exactly the Azure Portal is?
    I should not have to go searching for this information.

    Also, the only mobile device I have is my cell phone.
    Sorry, my cell phone is my personal phone and I do not have memory to download another app.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  19. Remote connection to VMs joined to Azure AD

    At a moment you can only establish remote connection to VMs joined to Azure AD from Windows 10 PCs that are Azure AD joined or hybrid Azure AD joined to the same directory as the VM. It would be great if we could connect from our PCs that are not Azure AD joined to the same directory as VM. For example PCs that are in a Workgroup or PCs that are joined to some other AD.

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  20. Bulk import gives error after csv upload - example csv cannot be modified and uploaded - need a working csv

    a working downloadable csv bulk import sample file would be helpfull.
    You would expect a sample file to be ready to import right away - with no changes (execpt the email adresses) necessary.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base