Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Set an AzureAD account to expire on a specified date

    Just like in active directory allow accounts to be set to expire on a specified date. Our company policy is to set network accounts for non-employees (consultants, contractors, temporary employees, interns) to expire at a certain interval after they are created. We want the same functionality within Office 365.

    442 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  2. Support plus-addressing in emails, which is invaluable for testing

    We need to create many users for our testing environments. Normally, the way we do this is to use 'plus-addressing'. This is a convention by which you can add a '+' sign and then anything afterwards to an email address, and it gets delivered to the recipient as if the + and everything after did not exist i.e. the following two email addresses are different but get delivered to the same place:

    me@gmail.com
    me+foo@gmail.com

    This is a standard called 'sub-addressing' which is supported by quite a few mail providers, including Google Gmail, Google Apps, Yahoo! Mail, Outlook.com, and quite a…

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  3. AAD Usernames need to support all character sets

    Many customers allow usernames with special characters, double byte characters and Asian character sets. AAD Connect and Azure AD do not support all of these character sets. Not all customers use Active Directory on premise as their main identity store. Thus identities with special characters cannot be synchronized into AAD. For customers with hundreds of thousands of usernames with special character sets, it is a horrible user experience and very costly to try to rename all these logins.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  4. Block Sign In Source-of-Authority issue

    It is very confusing for customers that they have the option to change the "Block Sign In" state, when the users source-of-authority is "Windows AD Server" (Active Directory).

    Why is this not disabled like all other attributes. It doesn't make any sense to have the control enabled, when the UserAccountAttribute overwrite the setting during Azure AD Connect sync.

    You should at least have a popup box telling the users that this setting will be overwritten by Azure AD Connect sync, if the Azure AD Connect is configured to update the AccountEnabled value based on the UserControlControl state in the local…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  5. Reset Enterprise State Roaming Data

    Please provide an ability to reset the Enterprise State Roaming data for individual users.

    Scenario, we are in the middle of a new Windows 10 rollout, where users already have ESR enabled, we want to provision a new profile though for each user, where we set some settings in a default user profile on the machine. With ESR enabled - we cannot set some default settings though.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  6. workday to Azure AD automatic user provision

    We are implementing the Workday Azure AD automatic user account provisioning for our client and we are facing below issues.

    https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/workday-inbound-tutorial

    *Workday account username is employeeID. As of now, the employeeID attribute is blank at Azure

    Issue 1: Automatic provisioning creates the duplicate user record at Azure with email id as userid@domain(20955@clientdomain.com), whereas the client is using their own logic to create the email ids (firstname+MiddleName_Lastname@clientdomain.com). After provisioning of accounts, we are getting duplicate records with different email ids.

    Issue 2: Automatic Provisioning is not updating the employeeId attribute in the Azure user account even when…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  7. Multiple User/Group Delete in Azure AD

    Hi.

    For testing/dev/learning purposes it would be an welcome feature to enable multiple Azure AD User/Group delete.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Today on the list of All users you can select the checkbox for multiple users, and then click the delete button to delete all the selected users. Does this meet your requirement? If not, would you let us know the details of the scenario you’d like to be easier for you to accomplish in our admin portal?

  8. Allow delete oneself from a Azure AD

    For some Azure ADs which I don't have any subscriptions, I want to delete myself from that Azure AD. Currently, I find there is no way to do that.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  9. 3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  10. Native support for all Active Directory Attribute Field Actual names

    Please add the full on-premise Active Directory Attribute Field Actual name list to Azure AD.

    Many Orgs have fields mapped for critical company apps like employeeType but since that does not exist in Azure AD I have to map it to an extentionAtributeXX.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  11. Have automated alerts for User/Group deletions - Especially for Managed Groups

    It would be really nice to have the ability to set alerts (email) for User/Group deletions.

    This is especially useful for security management when Security Groups are assigned owners, usually regular users, for membership management but can accidentally delete the Security Group.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  12. Ability to assign custom user home folder names

    It seems it is not possible to change user home folder names in Windows 10 when it is managed by Azure Active Directory. Folder name gets created according to display name assigned in AAA.

    For example, my display name is Kaan Türkeş and it creates C:\Users\KaanTürkeş

    That is a big problem because many applications including Microsoft apps don't work properly when there is non English letter in folder name.

    I can change my display name, but then in emails my name is not showing up but instead display name is showing. Even in external mails display name is showing up.…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  13. Having the same Form for User Creation in Azure AD as it is in Office 365 Admin Portal

    When creating a new user in Azure AD the form is very minimal - Name, Display name, e-mail address/UPN, Groups, Job Title, Department and that's it.

    To fill out office number, location, address, admin-created password, etc has to be done after the user is created, yet in Office 365 admin portal, all of that can be done on one blade.

    I'd like to do everything from the Azure Portal rather than going in and out of other portals to do some basic tasks.

    In the same spirit -- Distribution Groups that are not full blown O365 groups would be nice…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  14. Expose User SID property

    Please add the SID property to Get-ADUser and Graph. This is needed to pre-stage a Profile on a Windows 10 device to perform a USMT migration from the AD user. This would allow a hands free migration to bulk enroll devices, perform USMT capture of AD account, disjoin domain, and then perform USMT restore to migrate user profile data from AD to AAD account

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  15. redo-msolprovisionuser

    If you run redo-msolprovisionuser against a contact object you get an error:
    Redo-MsolProvisionUser : Access Denied. You do not have permissions to call this cmdlet.
    At line:1 char:1
    + Redo-MsolProvisionUser -ObjectId 44519076-1885-45e3-9107-f0193aab1e04
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : OperationStopped: (:) [Redo-MsolProvisionUser], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.UserNotFoundException,Microsoft.Online.Administration.Automation.RedoProvisionUser

    You should improve this error to reflect the fact that you are running a user-based command against a contact, and you should run redo-msolprovisioncontact instead.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  16. 60 dagen code graag langer laten duren dan een uur 🙄

    Niet IEDERE keer als ik inlog een nieuwe code sturen Aub!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  17. Allow Group Sergregation for Azure AD Password Protection

    We need to select groups of users to have Azure AD Password Protection applied. We synchronize it to our local AD through the proxy and DC agents. We have a subset of users that require a more simple password. This configuration is available with SSPR and would like the same functionality here. Thanks

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  18. This may well be the least user-friendly program I have ever encountered. How do I get rid of it?

    I want get rid of this beast off my iPad, but I am afraid to delete in case it prevents me gain access to something.
    How do I get rid safely?
    Thanks
    Wyn

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  19. Allow True Custom Claims Without Scripting

    Currently the only user claim you can create and manage through UI is the role. If you want more than that, you need to add an extension element on each user individually through Powershell, then link to it through the custom claims in the manifest, making efficient management an impossibility. This effectively eliminates Azure AD as an option when developing SSO integration in any application that needs per-user information. The UI for the role (a simple dropdown) could be duplicated, and expanded with options such as checkboxes for an array of predefined values or open textboxes for individual strings.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  20. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base