How can we improve Azure Active Directory?

← Azure Active Directory

Automate Seamless SSO Kerberos decryption key rollover AZUREADSSOACC

Currently to automate the Kerberos SSO decryption key rollover for AZUREADSSOACC , we would need to store domain admin and tenant global admin credentials in a script or scheduled task.

This is obviously not ideal. We currently having to perform the rollover task manually each month.

Please look at how this process could be improved for automation.

231 votes

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

NL shared this idea · Mar 27, 2018 · Flag idea as inappropriate… · Admin →

started ·

AdminAzure AD Team (Product Manager, Microsoft Azure) responded · Jul 18, 2018

We are currently working on an approach that will allow Tenant Admins to do key rollover from the Azure AD portal; without the need for PowerShell or scripting. This will be released within the next 4-6 months. Subsequently, we will release an update that will perform key rollover automatically every 30 days

Swaroop

Show previous admin responses (1)

42 comments

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

Max Michels commented · July 18, 2019 2:36 AM · Flag as inappropriate

Any updates on this feature?
Anonymous commented · July 11, 2019 3:03 PM · Flag as inappropriate

whatever happened to this?
Fred Stanley commented · July 1, 2019 8:12 AM · Flag as inappropriate

It's been a year since the last Admin update on this.

Can key rollover be done from the Azure AD portal and if so, where exactly is that located?

Has the automatic key rollover feature already been implemented as an auto-update to Azure AD Connect?
Paul Youngberg commented · June 19, 2019 10:54 AM · Flag as inappropriate

Any update?
Tobias commented · June 9, 2019 4:01 PM · Flag as inappropriate

It's simple to automate this in Azure Automation with a Hybrid Worker on-prem. Credential is kept safe in Azure and the job can be scheduled. 500 minutes of running time is free every month.
[Deleted User] commented · June 6, 2019 5:02 AM · Flag as inappropriate

4-6 months or more :)
do you have a new date for this feature?
Robbie commented · June 4, 2019 1:06 PM · Flag as inappropriate

Status please? Need this ASAP.
James commented · June 3, 2019 6:27 AM · Flag as inappropriate

What is the status of this feature?
Anonymous commented · May 3, 2019 11:02 AM · Flag as inappropriate

This is obviously taking longer than expected to implement (which is fine, I'd rather all the kinks ironed out before production), but can I sign up for some sort of email notification instead of me checking this thread every day?
Matt commented · May 2, 2019 9:45 AM · Flag as inappropriate

Swaroop/Microsoft, any update on this?
Patrick commented · April 30, 2019 6:04 AM · Flag as inappropriate

Adding a comment to get updates to this thread.
AzureIsToExpensive commented · April 30, 2019 1:03 AM · Flag as inappropriate

Hi still plans for this to come out this summer?
Mike commented · April 23, 2019 6:56 AM · Flag as inappropriate

Hi,

Do you have any update on this? We're now at the end of April.
Mike commented · April 9, 2019 7:43 AM · Flag as inappropriate

Is there any update on this feature?
Anonymous commented · April 3, 2019 10:25 AM · Flag as inappropriate

Adding a comment to get updates to this thread...
Thanks for working on this feature to make this smoother!
Patrick Elischer commented · March 26, 2019 3:23 AM · Flag as inappropriate

before commenting this post, you should read the comments first.
MS wrote(05. Februar 2019) : "We will do an update to this thread in early April to update on our progress and get more specific on the date if possible."

it isn't april yet, is it?
Neil commented · March 26, 2019 2:59 AM · Flag as inappropriate

Hello???? Did MS leave the room?
Gill Bates commented · March 22, 2019 11:44 AM · Flag as inappropriate

CHIRP CHIRP CHIRP?
AlexSamad commented · March 5, 2019 6:05 PM · Flag as inappropriate

Any news - this seems like a major deficiency
Matt commented · March 1, 2019 1:01 PM · Flag as inappropriate

Any update on the availability of this?

← Previous 1 2 3 Next →

Azure Active Directory: Azure AD Connect

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 3,473 ideas
- Additional Services 294 ideas
- Analytics Platform System 12 ideas
- API Apps 7 ideas
- API Management 422 ideas
- Automation 390 ideas
- Azure Active Directory 3,204 ideas
- Azure Active Directory Application Requests 213 ideas
- Azure Advisor 16 ideas
- Azure Analysis Services 137 ideas
- Azure API for FHIR 2 ideas
- Azure App Configuration 13 ideas
- Azure Backup 398 ideas
- Azure Bastion 9 ideas
- Azure Blockchain Service 2 ideas
- Azure Bot Service 58 ideas
- Azure Cloud Shell 303 ideas
- Azure Confidential Compute 3 ideas
- Azure Container Instances 91 ideas
- Azure Container Registry 56 ideas
- Azure Cosmos DB 217 ideas
- Azure CycleCloud 1 idea
- Azure Data Explorer 48 ideas
- Azure Data Share (Public Preview) 2 ideas
- Azure Database for MariaDB 7 ideas
- Azure Database for MySQL 53 ideas
- Azure Database for PostgreSQL 84 ideas
- Azure Database Migration Service 36 ideas
- Azure Databricks 55 ideas
- Azure DDoS Protection 6 ideas
- Azure Digital Twins 22 ideas
- Azure Event Grid 50 ideas
- Azure Functions 148 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 82 ideas
- Azure Government 76 ideas
- Azure IoT 239 ideas
- Azure IoT Central 77 ideas
- Azure IoT Device Catalog 14 ideas
- Azure IoT Edge 65 ideas
- Azure IoT Solution Accelerators 26 ideas
- Azure Key Vault 106 ideas
- Azure Kinect DK 27 ideas
- Azure Kubernetes Service (AKS) 127 ideas
- Azure Lighthouse 0 ideas
- Azure Management Groups 16 ideas
- Azure Maps 41 ideas
- Azure Marketplace 380 ideas
- Azure Media Services 209 ideas
- Azure Migrate 30 ideas
- Azure mobile app 221 ideas
- Azure Monitor 86 ideas
- Azure Monitor- Alert Management 66 ideas
- Azure Monitor-Application Insights 542 ideas
- Azure Monitor-Log Analytics 876 ideas
- Azure Pack 324 ideas
- Azure portal 1,776 ideas
- Azure Red Hat OpenShift 11 ideas
- Azure Resource Manager 415 ideas
- Azure Search 225 ideas
- Azure Security Center 176 ideas
- Azure Sentinel 18 ideas
- Azure Service Health 16 ideas
- Azure SignalR Service 7 ideas
- Azure Spatial Anchors 16 ideas
- Azure Sphere 48 ideas
- Azure Stack 145 ideas
- Azure TCO Calculator 28 ideas
- Azure Time Series Insights 6 ideas
- Batch 42 ideas
- Batch AI 8 ideas
- Biztalk Services 23 ideas
- Blockchain 40 ideas
- Cache 50 ideas
- CDN 88 ideas
- Change Tracking 7 ideas
- Cloud Services (Web and Worker Role) 283 ideas
- Cost Management 166 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 125 ideas
- Data Factory 681 ideas
- Data Lake 334 ideas
- Data Science VM 19 ideas
- Diagnostics and Monitoring 187 ideas
- Event Hubs 17 ideas
- Global Infrastructure 41 ideas
- HDInsight 122 ideas
- Lab Services 237 ideas
- Logic Apps 1,275 ideas
- Machine Learning 60 ideas
- Mobile Engagement 19 ideas
- Networking 773 ideas
- Notification Hubs 27 ideas
- Scheduler 47 ideas
- Scripting and Command Line Tools 105 ideas
- SDK and Tools 138 ideas
- Security and Compliance 82 ideas
- Service Bus 179 ideas
- Service Fabric 276 ideas
- Signup and Billing 1,379 ideas
- Site Recovery 238 ideas
- SQL Data Sync 67 ideas
- SQL Data Warehouse 244 ideas
- SQL Database 623 ideas
- SQL Managed Instance 85 ideas
- SQL Server 9,536 ideas
- Storage 720 ideas
- StorSimple 45 ideas
- Stream Analytics 224 ideas
- Support Feedback 260 ideas
- System Center Data Protection Manager 109 ideas
- Update Management 102 ideas
- Virtual Machines 1,408 ideas
- Web Apps 354 ideas
Microsoft Azure