Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Set an AzureAD account to expire on a specified date

    Just like in active directory allow accounts to be set to expire on a specified date. Our company policy is to set network accounts for non-employees (consultants, contractors, temporary employees, interns) to expire at a certain interval after they are created. We want the same functionality within Office 365.

    1,034 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  2. Confidential attributes

    It is very common to for an IAM / IGA solution to have more attributes than is readable by the user, such as SSNs or other sensitive information. In Windows Server AD, the "confidential bit" can be used to have an attribute in AD only available when specifically granted permission to read it.

    Such as feature is highly needed in Azure AD, as today, any user can read essentially any attribute of other users.

    Primary use cases:
    - Ability to issue SSN or other sensitive info in encrypted SAML token
    - Ability to sync SSN or other sensitive info using…

    63 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  3. Reset Enterprise State Roaming Data

    Please provide an ability to reset the Enterprise State Roaming data for individual users.

    Scenario, we are in the middle of a new Windows 10 rollout, where users already have ESR enabled, we want to provision a new profile though for each user, where we set some settings in a default user profile on the machine. With ESR enabled - we cannot set some default settings though.

    31 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  4. Support plus-addressing in emails, which is invaluable for testing

    We need to create many users for our testing environments. Normally, the way we do this is to use 'plus-addressing'. This is a convention by which you can add a '+' sign and then anything afterwards to an email address, and it gets delivered to the recipient as if the + and everything after did not exist i.e. the following two email addresses are different but get delivered to the same place:

    me@gmail.com
    me+foo@gmail.com

    This is a standard called 'sub-addressing' which is supported by quite a few mail providers, including Google Gmail, Google Apps, Yahoo! Mail, Outlook.com, and quite a…

    24 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  5. Have a function to cleanly remove Azure AD user profiles from Windows 10 devices.

    There should be an option, GUI or Powershell to cleanly remove all user profile data for a specific Azure AD user on a Windows 10 computer similar to the available tools for local/domain profiles such as netpl.wiz.

    This is important for redistribution of a device without re imaging for cases such as leaver management or device reassignment where the device is fully configured but the assigned user is changing.

    18 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  6. AAD Usernames need to support all character sets

    Many customers allow usernames with special characters, double byte characters and Asian character sets. AAD Connect and Azure AD do not support all of these character sets. Not all customers use Active Directory on premise as their main identity store. Thus identities with special characters cannot be synchronized into AAD. For customers with hundreds of thousands of usernames with special character sets, it is a horrible user experience and very costly to try to rename all these logins.

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  7. Allow Group Sergregation for Azure AD Password Protection

    We need to select groups of users to have Azure AD Password Protection applied. We synchronize it to our local AD through the proxy and DC agents. We have a subset of users that require a more simple password. This configuration is available with SSPR and would like the same functionality here. Thanks

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  8. Enterprise Dev/Test Subscription in Azure Government

    Would be a great option for client with Azure Government tenants.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  9. Block Sign In Source-of-Authority issue

    It is very confusing for customers that they have the option to change the "Block Sign In" state, when the users source-of-authority is "Windows AD Server" (Active Directory).

    Why is this not disabled like all other attributes. It doesn't make any sense to have the control enabled, when the UserAccountAttribute overwrite the setting during Azure AD Connect sync.

    You should at least have a popup box telling the users that this setting will be overwritten by Azure AD Connect sync, if the Azure AD Connect is configured to update the AccountEnabled value based on the UserControlControl state in the local…

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  10. 9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  11. Search for users by Employee ID

    Now that Employee ID is a populated field in the user profile, please enable the ability to search the tenant by Employee ID from the user search field.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  12. PowerShell to remove user from all Office 365 Groups (UnifedGroupLinks)

    When a user leaves the company we would like to clean up all the Office 365 Groups they belong to. The way the "Remove-UnifiedGroupLinks" works you need to know what Groups they belong to. That information is not relevant, I know the user and just want to remove them from all UnifiedGroups. Here is the example given in the Microsoft documentation to remove a member:

    Remove-UnifiedGroupLinks -Identity "Legal Department" -LinkType Members -Links laura@contoso.com,julia@contoso.com

    I'd like to be able to do something like what I use on premise AD:

    Get-ADUser ALIAS -Properties MemberOf | ForEach-Object {$.MemberOf | Remove-ADGroupMember

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  13. Allow delete oneself from a Azure AD

    For some Azure ADs which I don't have any subscriptions, I want to delete myself from that Azure AD. Currently, I find there is no way to do that.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  14. SCIM App Roles and Groups

    Please add a flag to treat Enterprise Apps Roles as groups.

    i.e. a new role is added to an application it will provision a group via SCIM.

    i.e a user is added to new a role in an application it will be added to that "group" in the application.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  15. Ability to assign custom user home folder names

    It seems it is not possible to change user home folder names in Windows 10 when it is managed by Azure Active Directory. Folder name gets created according to display name assigned in AAA.

    For example, my display name is Kaan Türkeş and it creates C:\Users\KaanTürkeş

    That is a big problem because many applications including Microsoft apps don't work properly when there is non English letter in folder name.

    I can change my display name, but then in emails my name is not showing up but instead display name is showing. Even in external mails display name is showing up.…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  16. Auto-merge new guest users with old mail contacts

    While creating new guest users I do see if the same alias mail contact is present we get an error and the guest account gets created and there are two email aliases gets available.

    Request to Microsoft Engineering team to create a behavior where these accounts will get merged.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  17. Azure AD Objects LifeCycle Management

    We have a certain requirements to create Object like User accounts, Groups etc in Azure AD directly but we don't see an life cycle management like the one available for Office 365 Group.

    We need an option to have life cycle management for the objects created in Azure AD. so that we will ensure the life cycle management option available for the objects created in On-Premise AD and Azure AD.

    Note: Azure MSI requires a security group for SQL authentication and we don't have a option to use the On-Premise group synced to Azure AD. Only the security group created…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  18. Multiple User/Group Delete in Azure AD

    Hi.

    For testing/dev/learning purposes it would be an welcome feature to enable multiple Azure AD User/Group delete.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Today on the list of All users you can select the checkbox for multiple users, and then click the delete button to delete all the selected users. Does this meet your requirement? If not, would you let us know the details of the scenario you’d like to be easier for you to accomplish in our admin portal?

  19. AADLoginForLinux aadlogin add a new group for the 'Virtual Machine User Login' role in Access control (IAM)

    In Access control (IAM)
    the Users with "Virtual Machine Administrator Login" belong automatically to the 'aad_admins' group,

    getent group aad_admins
    aad_admins:x:9999:

    Can you please also add a new group for the user with the role

    'Virtual Machine User Login'

    this will improve a lot the management login user and permissions

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

  20. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base