Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

We have a new log in experience integrated with Azure AD, and we strongly recommend you log in with your Azure AD (Office 365) account. If your UserVoice account is the same email address as your Azure AD account, your previous activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure Domain Services Support for LAPS

    Allow (or automatically install) LAPS within Azure Domain Services since this is the Microsoft supported standard for local administrator accounts.

    LAPS: https://technet.microsoft.com/en-us/library/security/3062591.aspx

    171 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    31 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  2. Address VDI and M365 licensing

    Hello everyone, this is a requested change for the components of Azure AD machine join. The use case here is for clients to upgrade their existing Windows PC (7,8,10) to Windows 10 enterprise. Our customer base uses VMware's Horizon view for VDI. VMware's official supported license is KMS. Our clients would love to transition to a cloud based licensing model, but the Windows 10 E3 license does not work with the cloning technology for a couple of reasons.

    Horizon Cloning options & pool types:
    • Manual - VM is not built in Horizon, only brokered through it.
    • Full Clone…

    7 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  3. Integrate dsregcmd cleanup tool into Windows 10 so errors in registration will be cleared in automated way

    Attached tooling has been sent to us by Microsoft support team to clear the dsregcmd join of Windows 10 devices. However, I'd like to see this tool integrated into Windows 10, instead of us having to deploy this tool manually on about 5% of all devices (about 100 users in our environment).

    2 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  4. Need an easy way to Domain joined PCs to AzureAD Joined ONLY PCs.

    Need an easy way to AzureAD Join users on Domain joined machines. Currently in order to switch a user to AzureAD Join you have break their local domain account. This means the user loses their settings and profile. This is too disruptive to our end users at Corporate. We even enabled Hybrid Azure AD Join thinking it would allow us to connect to Azure AD and then disconnect the domain and allow the user's profile to stay intact. MSFT informed me that it doesn't work this way.

    2 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support passwordless sign-in for AAD Join

    Currently getting an access denied error (80004005) when attempting to AAD Join with app sign-in. Needed to type password + MFA challenge instead. Windows 10 1809.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  6. New variables in Intune groups

    When creating groups in Intune I would like to see more dynamic variables to query from such as Apple Serial #. I have too many instances where my groups neeed to be tied to static devices when being enrolled.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  7. AzureAD cannot support AWS China region

    I want to use SAML-based accessing to manage AWS China account, but provision configuration cannot support to take the connection to AWS China account. It will connect to AWS Global by default, and I can't choose a region.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  8. Prevent Other Users from Logging into Azure AD Joined Computer

    When a computer is joined to Azure AD any user can log into it and use it. We need a way to prevent this from happening, limiting machines to only certain users or groups.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  9. Some machines not Hybrid Azure AD Joining despite correct settings

    Some machines not Hybrid Azure AD Joining despite correct settings.
    The task for dsregcmd returns 0x1 but does not join a machine. When trying to run the command manually, I get a "Run as system". This is on 1803.
    We have several 1809 machines that throw an HTTPS 400 error code. We successfully are able to connect to the websites listed on the setup process.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  10. just make it simple and not a list of so many things you do not even wantr to start to read !

    just make it simple and not a list of so many things you do not even want to start to read !

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base