Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Recycle Bin For Deleted Devices

    Would be great if there was a recover-msoldevice cmdlet or some way to recover a bitlocker recovery key after a device was deleted.

    108 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    18 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow multi-tenant automatic registration of windows domain-joined devices

    The guide available here:

    https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-automatic-device-registration-setup

    Is not multi-tenant aware.

    This prevents the use of meaningful conditional access polices where multiple customers are sharing the same source Windows Server OnPrem AD in a hybrid 365 scenario.

    I would like a solution that allows the SCP information to be delivered by an alternate means, GPO for example.

    We could then sync multiple customers in AD to multiple 365 tenants and implement conditional access effectively.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  3. msFVE-RecoveryInformation sync

    I can see in Azure AD the device can store Bitlocker encryption keys. I have been able to directly store bitlocker keys to Azure. My issue is that I have computers with bitlocker enabled and the bitlocker information stored in on-prem AD. Currently there is no way to synchronize the on-prem bitlocker keys with the Azure Hybrid connected device. I think this should be included in the ADconnect tool, especially since the msFVE-RecoveryInformation object is a sub-object of the device.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  4. ADD a function to link devices so that we can be able to "manage lost devices:"

    Add a feature to upload or "export devices" into the Azure platform so that users can manage if lost or stolen

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  5. Not require AAD registration for using Office 365

    I have several customers that would like to 1) be able to block the pop-up that end users see when starting to use an Office 365 product and 2) not require AAD registration for using Office 365 products.

    The benefits like SSO are very nice, BUT there are som cases where AAD registration is a problem. An example is students that get access to a O365 license as part of their benefits of going to that school. If they have personal PCs, they may have strong objections to their device being managed by the school in any way.

    We have…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  6. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  7. Please make the country code field in the Phone registration page editable on mobile devices

    Phone /Alternate phone on registration page : Country code is not editable on mobile devices and user has to scroll the full length to pick countries like UAE.

    Please make it editable .

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  8. Can't get "REGISTERED" column data in Devices using Powershell or MS Graph

    I would like to get "REGISTERED" column data using PowerShell or MS Graph but I don't.
    (the attached file : Azure portal -> Azure Active Directory -> Devices)

    I need to manage devices of my company.
    So I hope to give us a solution.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  9. Shorten delta sync cycles for user registration

    We are implementing VDI instant clones (VMWare horizon) and noticed that workplace join is happening almost instantly for the device part but takes a long time to update the user part. When running dsregcmd /status the user part of the registration takes a couple of hours to be filled in. In our case this blocks access to Outlook due to conditional access failing.

    Improvement of the delta sync cycles (user registration needs two delta sync cycles to be run in the backend) would be helpful so the user is registered immediately upon logon to the VDI

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  11. Restricting Microsoft accounts from signing in to the device, only require an Administrator Microsoft account specified in AAD.

    If a user with AAD credentials/Microsoft account signs into our Self Deploying Autopilot Kiosk PCs, the local accounts on the PCs will have the Password Never Expires set to false and User cannot change password false.
    Upon restart of the PC, the PC then will not log in to the KioskUser0 inbuilt account from the Assigned Access CSP. Upon trying to log in to this account, it will prompt to reset the password. This defeats the purpose of using the RS5 Auto Logon Account (KioskUser0).

    I should be able to restrict the accounts that are able to log in to…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add User and App Credential (username/App ID and password/certificate) Support for Intune AutoPilot Cmdlets

    Allow Connect-AutoPilotIntune cmdlet of the WindowsAutoPilotIntune module accept secrets (password and/or certificates) as a parameter to facilitate scripting. At the moment it only accepts <user> as a parameter. When such a script is added to say, Task Scheduler, the user account used will have to be logged into the machine for the task to successfully run the PS script.

    Examples

    1. Connect-AutoPilotIntune -credential

    2. Connect-AutoPilotIntune -TenantID ... -ApplicationID ... -CertifiacateThumbprint

    etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  13. Lotus Notes to PST Converter

    The most reliable NSF to PST converter tool is designed by ATS team that easily export Lotus Notes data into Outlook PST and other file formats like EMLX, MBOX, HTML, EML, vCal, vCard, MSG and CVS. It is the best method for completing the conversion process. At a one time, you can convert single as well as multiple files in a few moments. Its preview facility show recovered mailbox before the actual conversion task. You can directly convert your data into cloud-based application Office365 & Live Exchange Server that is the best feature of it. A free demo version is…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  14. Implement method to delete device information from Access Panel

    If user provisioned Windows Hello for Business on a device, the device is displayed on the Access Panel of the user.
    Even user dis-provisioned from that device, the device information will not be deleted from Access Panel.
    Currently, we do not have a method to delete this device ifnormation.
    Customer would like us to implemment a method to delete this device information.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sync Active Directory with (Android) phones

    Microsoft support tell me currently it is not possible to extend synching such as Enterprise State Roaming to (Android) phones with Azure Active Directory. So we have to use Google Chrome web browser rather than Edge to sync between PCs and phones.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base