Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. LinkedIn Integration: Need to control whether company users are allowed to share data with LinkedIn

    LinkedIn integration with company's tenant is great. But company needs to be in control to decide whether their users are allowed to send company's internal data to LinkedIn.

    Yes, there's an option for users to decide whether they should be configuring the connection or not to send their company info to LinkedIn but that's not good enough for large organizations. Users will make mistake and this will cause a lot of unforeseen concerns. This needs to be managed centrally. Please look into this.

    According to this article : "https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/linkedin-user-consent"

    the below info will be sent to LinkedIn and…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add Enrolled User Rule for Dynamic Device Groups

    It would be nice to be able to create a rule for a Dynamic Device Group that is based on what user enrolled the device. This is especially useful when you are using a DEM account to enroll hundreds of devices but cannot use the DEM account to apply device config policies to. Example (device.enrollmentUsername -eq "intunesvcDEM@contoso.com") where the new attribute is enrollmentUsername and the DEM account is intunesvcDEM@contoso.com.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. Email notifications of expiration policy for Office 365 groups

    There is the expiration policy for Office 365 groups.
    Email notifications are sent to the Office 365 group owners 30 days, 15 days, and 1 day prior to expiration of the group.
    However, I would like to configure (using PowerShell etc.) that do not send Email notification to owner.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ability to limit Security Group to contain Devices or Users only

    Would be very usefull if you could add group settings to Azure AD Security Groups, where you'd be able to limit members to be either Users objects or Devices objects ONLY.

    We often use security groups for Intune configuration. Including users but excluding devices creates conflicts. It would be very helpfull with this added control and granularity.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. tôi quên mật khẩu giúp tôi lấy lại mật khẩu.

    tôi quên mật khẩu giúp tôi lấy lại mật khẩu.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. Create Managed Service Identity (MSI) in a custom AAD tenant

    Is it possible to have the user defined identity create in a custom AAD-tenant? We maintain several environments within a single subscription, and create all app registrations in a AAD for each environment, and not in the AAD-tenant that is associated with the subscription

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. MSA allow multiple redirect urls

    MSA Oauth allow multiple redirect urls - or just make it easier.

    Microsoft Oauth makes Azure Easy Auth with Deployment slots difficult. Other OAuth providers make adding multiple redirect hosts easy. Microsoft Oauth is harder and can't be used unless you know the trick.

    In other oauth providers you just add the redirect urls.

    For MSA, you can only add from a single domain, and the host domain has to be added first:

    https://bar.com
    https://foo.bar.com
    https://gug.bar.com

    Otherwise it won't work.

    Why does MSA have to be this hard?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  8. AD password protection for segmented Active Directory

    Create an offline version/add-in of the Azure AD password protection filter. Need the capabilities similar but without Azure AD access.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. 3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. BAD IDEA NOT PROGRESS

    the old way was sign in and password on the same page. ONE click and i'm in. WHY DID YOU MAKE ONE EASY STEP INTO MORE STEPS???????

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Would like to know the location of the picture--I liked the one from Santa Monica with the PCH that you used before. Can we have a choice?

    You should tell us were the background picture is geographically. I liked the one from Santa Monica with the PCH. Being an expatriate Southern Californian it reminded me of my origina.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. I lost my account after you "improved" the system. Thank you very much

    I lost my account after you "improved" the system. Thank you very much. Have a nice day.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. 3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. OAuth password flow

    Document the username/password OAuth2 flow. The documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-code shows the implicit and authorization code flow but does not contain any information or setup instructions for the username/password flow

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Speed up background processing

    This goes for all Azure AD processes, including Azure AD Connect and Device management.

    Changes made to Azure AD sometimes take an extremely long time to process; changing a computer's name, changing a person's name, adding a new computer and waiting for the name to show up in Azure AD so that you can add them to a group; I've waited as long as 24 hours for changes to be reflected in Azure AD.

    All processing jobs need to run quicker for Azure AD.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable "Owner" attribute for Group Object on Azure AD Connect Sync

    Currently, the group owner on Azure AD Portal is mapped to "Owner" attribute while the Office 365 Admin Portal is mapped to "ManagedBy". For a group which is synced from local AD to the AAD via AAD Connect, there is no way to update the "Owner" attribute on Azure AD.

    The AAD Connect does not support "Owner" attribute for sync and we can't assign "Owner" on Azure AD as it is a synced object.

    So to resolve this issue, the "Owner" attribute should be supported as an attribute for sync on the Azure AD Connect.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow users to add non-gallery apps to myapps.microsoft.com

    Allow end users to add applications to their portal by browsing through the application catalog vs just searching blindly and allow them to add non-gallery apps in a "bookmark" manner.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Invoice

    As with most companies, receipts are required for purchases.
    Why is it so difficult to find a copy of the invoice for what I have been charged and paid for?
    This should be easy but there are red herrings everywhere and the admin account magically changes to my account.
    Please fix this mess and make it easy to access or .. email a copy of the invoice to a nominates mailbox!
    I know I am not the only one that struggles with your overly complicated interface

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Completely integrate Office 365 Azure AD Premium subscription with Azure

    After purchasing an Azure AD Premium P1 license and attempting to open the Azure AD admin center, I found that I had to separately sign up for an Azure subscription. I am a little concerned about the apparent disconnect between Office 365 vs. Azure infrastructure, subscriptions, support, and what seems to be everything else about the 2 systems. This disconnect makes me nervous that one system/subscription doesn’t know anything about the other, and I will therefore have to keep track of them separately and pay for them separately. I’m hopeful (but not expecting) that my Office 365 account and payment…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable / Fix the display of Bitlocker Recovery Key in AAD Preview

    Bitlocker Recovery Key only shows in Classic Portal. Example: Surface Hub recovery key can be seen in AAD classic portal but not AAD preview

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base