Automate Seamless SSO Kerberos decryption key rollover AZUREADSSOACC

Currently to automate the Kerberos SSO decryption key rollover for AZUREADSSOACC , we would need to store domain admin and tenant global admin credentials in a script or scheduled task.

This is obviously not ideal. We currently having to perform the rollover task manually each month.

Please look at how this process could be improved for automation.

807 votes

NL shared this idea · March 27, 2018 · Flag idea as inappropriate… · Admin →

started ·

Azure AD Team responded · August 15, 2019

Hi everyone,
Thanks for your interest on this feature. This capability is still in the pipeline. The initial estimate was obviously off and we are looking at a new timeline. We are aware of the benefit of having this rollover made automatic and the interest you have on the feature, and that’s how we are looking at it while prioritizing it against other capabilities requests.
Thanks for your patience!

Jairo Cadena
Principal Program Manager
Microsoft Identity

Show previous admin responses (2)

118 comments

An error occurred while saving the comment

Alexander Rieder commented · April 15, 2021 05:13 · Flag as inappropriate

What is the ETA for this?

Submitting...
Raphael Eymann commented · April 15, 2021 01:24 · Flag as inappropriate

Any Update? This is getting Embarrassing....

Submitting...
ליאור פרומט commented · April 13, 2021 03:19 · Flag as inappropriate

Any update on this?

Submitting...
Diego commented · March 22, 2021 16:19 · Flag as inappropriate

When will this feature be available? Changing something every month as a routine job is a bit annoying.

Submitting...
Anonymous commented · March 08, 2021 04:26 · Flag as inappropriate

+1

Submitting...
Anonymous commented · March 05, 2021 08:53 · Flag as inappropriate

Buelher?

Submitting...
Jaans commented · March 02, 2021 00:48 · Flag as inappropriate

Hi AD Team,

So what is the new timeline? Do you need more time to figure out the new timeline?

Would have thought 2.5 years is plenty to figure this out.

@Community, what are your best suggestions for workarounds?

Submitting...
Heinz commented · February 26, 2021 02:02 · Flag as inappropriate

If it's highly recommended every 30 days, an automated solution should be provided!
Any news from the Azure AD Team timeline?

Submitting...
Dwayne Hiers commented · February 19, 2021 08:06 · Flag as inappropriate

Would be a very useful feature. Keep us posted!

Submitting...
Jim Fischer commented · February 10, 2021 00:17 · Flag as inappropriate

Does Microsoft offer a automated workaround for this?

Submitting...
Stefan Redlin commented · February 02, 2021 02:32 · Flag as inappropriate

Any update on this?

Submitting...
Brian commented · January 28, 2021 18:52 · Flag as inappropriate

any update on this!? Its been over a year since the last update

Submitting...
Björn Bengtsson commented · January 11, 2021 05:58 · Flag as inappropriate

Please prioritize this!
Cheers

Submitting...
Gregory Mund commented · January 08, 2021 09:19 · Flag as inappropriate

WOW, almost a year and a half and no update on this? C'mon Man!! This should have been automated out of the gate, not an afterthought. If you aren't going to actually work on this maybe you should change the status from Started to Stalled.

Submitting...
Neut, Erik van der commented · January 07, 2021 02:32 · Flag as inappropriate

Found a post leading to this, hoping it was a better solution than community powershell scripts, but no.... Voted

Submitting...
Brenton Crosby commented · January 03, 2021 17:30 · Flag as inappropriate

Would like to see some action on this, as long as the Azure AD Connect client is auto-updating this feature should be able to be rolled out to everyone who has that in place.

Submitting...
[Deleted User] commented · December 30, 2020 06:13 · Flag as inappropriate

Is there any progress on this one? :) Still waiting

Submitting...
Joar Borgli commented · December 17, 2020 02:43 · Flag as inappropriate

Hello WE NEEDED THIS 2 years ago already soon 3!

Submitting...
Michael commented · December 15, 2020 16:01 · Flag as inappropriate

What is happening with this? In mid 2018 it was going to be 4-6 months away.. can you please provide an update to advise why this is taking so long? It seems it should be a fairly simple functionality improvement that impacts most, if not all of your customers on Azure AD.

Submitting...
Marco commented · December 12, 2020 15:15 · Flag as inappropriate

Any progress ?

Submitting...