Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

We have a new log in experience integrated with Azure AD, and we strongly recommend you log in with your Azure AD (Office 365) account. If your UserVoice account is the same email address as your Azure AD account, your previous activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support NPS/RADIUS for Azure AD Domain Services

    Add support for Microsoft NPS/RADIUS in Azure AD Domain Services

    127 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  20 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  2. Span AADDS domain across multi regions

    Span the same AADDS domain to multi regions - currently only possible with vnet pairing and VPN gateways. Would also add redundancy to the domain if say a region were to go down or the AADDS service were to stop within a region.

    34 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  3 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  3. Azure Active Directory Domain Services - More Pricing Tiers

    Can we have more pricing tiers? I run a small consultancy business with 1 user and enabling AADDS will cost in excess of £90 a month, even though I won't have anything like the 25000 objects minimum tier cap. However AADDS is useful for demonstrating to SME clients how they can go cloud only so it would make sense to provide an entry level price point, for example max 2500 objects to suit the smaller scenarios.

    30 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  5 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow B2B users to logon to VMs using Azure AD domain services

    Currently B2B users cannot login to a Azure AD Domain Services joined virtual machine. In this scenario we do not have AAD Connect, only Azure AD directory with domain services running. We can join the VMs to the AAD DS domain and sign on with member accounts but cannot sign in with B2B guest accounts.

    28 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  5. domain services

    Upgrade the Azure AD Domain Services Domain Controllers to be Windows Server 2016 instead of Windows Server 2012 R2.

    We've switched to having our domain be AAD Domain Services and connected to our Office 365 domain and we'd like to enable Windows Hello for Business, but until those domain controllers are upgraded we can't utilize it. This makes the nice fingerprint scanners on our new machines useless.

    20 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  6. AADDS: Allow pausing of Domain Services

    On a demo or MSDN subscription I would like to pause Domain Services like I can pause an AD VM. That will save me costs on a demo or development focused Azure subscription. Otherwise, AAD Domain Services uses a significant portion of the $100/month MSDN credit.

    16 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  7. AADDS: Integrate Domain Controller Security Logs With Azure Log Analytics

    A major security shortcoming of AADDS is that you don't have access to the security logs on domain controllers.

    This is critical for the security posture of many organizations.

    It would be ideal to be able to feed the security logs of AADDS domain controllers in to Azure Log Analytics.

    14 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  8. Bring Domain Services to Uk West and UK South

    Hi There,

    We are currently evaluating the use of Domain Services. For GDPR we'd need to have all our Infrastructure in the UK.

    Do you have a timeline for introduction of Domain Services in the UK region.

    14 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  9. enterprise certificate authority (ca)

    Allow for creating Enterprise CA

    14 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  10. proxyaddresses

    Make the ProxyAddresses attribute available through LDAPS when using Managed Domain

    Many Anti-Spam applications (ex: Zero Spam) need to connect via LDAPS to list users, and get their email address(es) but only the mail attribute is available...

    Since LDAPS managed domain is using our Azure AD , and AzureAD already has this attributes ( synched from our onPremise AD) I don't understand why it is not available through LDAPS

    12 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  11. migrate Azure Active Directory Domain Services from classic to resource manager

    Is there a way yet to migrate AADDS from Classic to RM? We need to get off of Classic.

    11 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  5 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure MFA / Remote Desktop ARM VM / Domain Joined to Azure AD Domain Services

    I don't find any Information about if it’s possible to secure an ARM VM which is joined to a Azure AD Domain Services "Domain" with Azure MFA without the need of the installation of an extra VM with an Installation of "Azure Multi-Factor Authentication Server" please provide a Solution for this because not for all customers Azure RemoteApp or XenApp Express are a solution.

    Sometimes a self-installed and self-managed Remote Desktop VM is the better way for us, but we want to spare the costs for an extra Domain Controller VM. So Azure AD Domain Services are really cool! But…

    11 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  13. replace on-premises based AD with AADDS

    I read through with great interest the AADDS public preview use cases and documentation. It looks nice but for a very limited set of use cases. I do like the pricing.

    I would like to replace existing non-AD LDAP servers with AADDS and have both on-prem and cloud based apps do authentication from one common source. Turns out this isn't possible at all.

    I would like to have encryption for all requests to the AADDS, always.

    Additionally I would like to add attributes to the schema, if at all possible.

    I would like to AADDS join all windows devices to…

    11 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  14. AADDS: Remove username collision limitation

    If you have joe@mydomainusa.com and a different user that's joe@mydomaincanada.com all in the same AAD, when you enable Domain Services, only one user will function since only one user gets MYDOMAIN\joe as its username. Please remove this limitation

    11 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  15. AADDS: Link to preview portal/RM created vnet

    There doesn't appear to be a way to link aad domain services to a vnet created in the preview portal /azure RM; why not?? All our vnets are ARM based!

    9 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add more attributes to AADDS

    Expand the attributes that are syncd with AADDS and available via LDAPS. The one I'm specifically interested in at the moment is the Manager attribute, but others are important too.

    7 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  17. Bring in B2B users in Azure Active Directory Domain Services.

    I would like have the option to bring in B2B users in Azure Active Directory Domain Services. It could be an important replacement for ADFS since ADDS doesn't do federation. It could be very useful to bring B2B users as selected federation style users to an internal Azure IaaS environment.

    5 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  18. Azure AD Domain Services synchronization insights

    Azure AD Domain Services was not working because of an networking issue on our side. But you won't notice until you start looking in ADDS. It would be nice if you could have insight in the replication process or at least get alerted when synchronization is not working between Azure AD and Azure AD Domain Services.

    5 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  19. Azure Domain Services Allow DHCP Authorization

    Could you grant AAD DC Administrators DHCP Authorization rights so we can setup a DHCP server on a non-domain server and still have it register with DNS / AD records?

    Currently this is blocked.

    5 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  20. AADDS: New users and groups don't appear in AADDS immediately, but there is no mention in documentation of delays

    New users and groups don't appear in AADDS immediately, but there is no mention in documentation of delays. I assume there is a sync schedule. Publishing this or showing when the next run is for a tenant would be extremely useful.

    5 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base