Azure Active Directory
Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.
Thank you for joining our community and helping improve Azure AD!
-
Add PowerShell commands to manage "Users flagged for risk" in Azure AD
I have quite a few users who have been tagged as "Users flagged for risk" in Azure AD. I'd like to be able to "Dismiss all events" for those users that were "Last updated" more than XX days ago. It seems I can only do this via the web GUI one user at a time. This stinks. This particular report had gone unwatched for a bit. PowerShell to the rescue please!
76 votesHi – Thanks for the suggestion. We understand this is a problem today and we are planning to bring an option to multi-select users and the “Dismiss risk” on them in the new UX. If your requirement is to dismiss risk on hundreds of users, please reach out to the CSS team and they will guide you to the right contacts.
Rajat
-
Enhance reporting capabilities for Azure AD Identity Protection
The portal reporting for Azure AD Identity Protection could be made much more powerful and usable by:
1. Add ability to sort and filter on column names throughout.
2. Resolving risk events should remove them from the display, or otherwise mark them as resolved so they can be filtered out of future searches.
3. 'Users flagged for risk' should additionally be searchable by IP address, date, type of risk event, etc. (Currently only searchable by user.)
4. Download should provide an option to filter by date, etc.11 votesWe’re working on updates to the Identity Protection UX that have many of these features included. Stay tuned!
-
"Sign-in Risk" Policy Control Addition?
Add a "Disable account" control to the "Sign-in Risk" policy for the Azure Identity Protection service.
In addition, since Azure supports password write-back to an on-premises AD, it would be great to also disable user's on-premises AD account as well.
Currently, one of the admins has to catch an alert email from Azure Identity Protection and then take action to manually disable an account on-premises if an event happens.
10 votes -
Include Azure AD Identity Protection with Azure AD Free
I believe Azure AD Identity Protection should be included with Azure AD Free edition.
It comes with Azure AD Premium P2 edition and i'm checking out the features for our 20000+ users but the cost will be extremely prohibitive.
In Free edition there are cut down reports which don't provide any real details on detected risk events. Surely it's in everyones interest to make freely available all features which allow detection, investigation and remediation of potential vulnerabilities affecting identities.
9 votes -
Add filter and sort options in "Users flagged for risk"
The list of all users flagged for risk sorted by name is inconvenient. that page needs search options, filter options, and be able to click on the column to change the sort option.
9 votes -
List users with MFA registration status under Identity Protection
List users with registration status under Identity Protection.
Currently we can only see a pie chart, which doesn't help much when performing enrollment in phases before setting the requirement for users.
7 votes -
Show location for Azure AD sign-ins from IPv6 addresses
Please add location information to sign-ins from IPv6 addresses. Currently there is no location information associated with IPv6 so it is circumventing all the Azure AD Identity Protections you have in place.
6 votes -
Sort Risky Sign-ins by date, not first name.
Sort Azure Risky Sign-ins by date, not first name. It isn't efficient to receive an email noting a user at risk has been detected but have to troll manually through dozens of pages to find a date that might match the event. I know I can download items to an Excel sheet and sort that way but why make extra steps?
6 votes -
Azure AD password protection
Add the possibility when using the Azure AD Password Protection feature that if you would ban the word "Contoso" as a password that also varations to this word or sentinces with this word are forbidden. For example "Contoso 2018" or "Contoso is great".
4 votes -
Azure AD Objects LifeCycle Management
We have a certain requirements to create Object like User accounts, Groups etc in Azure AD directly but we don't see an life cycle management like the one available for Office 365 Group.
We need an option to have life cycle management for the objects created in Azure AD. so that we will ensure the life cycle management option available for the objects created in On-Premise AD and Azure AD.
Note: Azure MSI requires a security group for SQL authentication and we don't have a option to use the On-Premise group synced to Azure AD. Only the security group created…
3 votes -
The user flagged for risk receives an email from Identity Protection
When a new risk event is identified, the user flagged for risk receives an email from Identity Protection.
If the user does not recognize this event, the user can change his or her password by following the link provided in the email without going through the administrators.2 votes -
notes
I am suggesting you add another status to the Azure events (WIP?) so InfoSec teams can better manage who is working on an event. Once resolved, it would then be removed from the open items list.
2 votes -
Initial Access Code for MS authenticator
Hello. SASS PASS offers gated access (three tries) to two factor codes. However the MS APP does not have this feature. This is a big issue as any one who has the phone is able to view the codes. Please add an additional security code before anybody is allowed to access the accounts protected by the authenticator.
2 votes -
vulnerabilities
Allow alerts regarding vulnerabilities to be turned on or off
2 votes -
Azure Identity Protection
The emails that are sent when there is a new alert should contain more information than just being notified there is a new alert or risk event. The email can only be sent to global admins so there is no reason to not have detailed info in the email. Also if there is more info in the email a Global Admin can at least call, text, email the user in question as we wont always be able to gain access to the portal so if the event is real. it can be addressed over the phone. Instead of waiting to…
2 votes -
Enable Azure Active Directory Identity Protection integration with Service Now
I consult for an Enterprise where Service Now is used to capture all DevOps work (tickets). I would like to see rather than an email alert from an Azure AD IP event the ability to raise a Service Now ticket
2 votes -
2 votes
-
Let me sign in. This reminds me of the Gestopo operation. Safegurds that negatively impact honest people. RR$, Ph.D.
A real garbage operation
2 votes -
I don't know I'm new here
Full protection
2 votes -
Azure AD Identity protection - Reporting enhancement for multi tenant
Reporting lacks any granularity for multi tenant in situations where each tenant may require their own individual notifications (e.g. CSPs).
I would like to see granularity by organisation, e.g. UPN suffix, to be able to notify the relevant people. As with other suggestions, just adding the email/UPN by default would help break down the output.
2 votes
- Don't see your idea?