Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Baseline Policy: Require MFA for Admins (Preview) Needs to exclude groups

    Baseline Policy: Require MFA for Admins (Preview) needs to be able to exclude groups.

    This policy does not pay attention to trusted location. Therefore, your global admin or other admin SERVICE ACCOUNTS will get blocked unless you exclude them one-by-one.

    This is very disruptive. This policy used to allow excluding groups and they changed it to only excluding users. Not all companies can move at the pace Microsoft is enforcing. We cannot make all of our service accounts into some other solution which won't get impacted and still work for us.

    Bring back group exclusion for manageability!!

    60 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add possibility to exclude groups/users from Security defaults

    Almost all tenants have some accounts that can't do MFA, e.g. for info screens or system integration. Security defaults would be enforced upon all users... meaning we can't enable Security defaults for most of our customers! Microsoft also recommends excluding an emergency access account from MFA.

    40 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →

    Security Defaults is targeted towards customers that have simple security requirements and do not have complex environments. If you require policy customization, we recommend using Conditional Access which allows for rich flexibility and customization. However, certain system integrations and automation can be tackled with dedicated service principals.

  • Don't see your idea?

Feedback and Knowledge Base