Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Windows Hello for Business in AAD/AD Hybrid too complicated for SMB

    Currently the process to enable Azure AD-joined users to authenticate to on-premises systems is complex and requires multiple servers and specialized expertise. Can we enable a simplified approach to enabling Hybrid environments to support Azure-AD Joined Windows 10 using Windows Hello for Business without complicated Key Trust or Certificate Trust implementations, or at least simplify the setup of those environments so that SMB may easily accomplish this?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Guest invitation Language

    Have Guest Invitation Emails Appear on the portal's chosen Language.

    What happens is that Right now, no matter what language you have on the portal, it could be any other Non English language, but All invitations they come in Enlish only.

    It is more appealing for the customer's to get local language rather than English.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow the customization of non-compliance message in Azure policies

    Allow the customization of non-compliance message in Azure policies.
    When clicking on the compliance detail of a policy assignment the message underneath "Reason for non-compliance" currently for example says: "Current value must be like the target value." It would be great if this would be customizable.
    Thank you

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Delegate a user to be able to reset passwords for only a group of users, but not all users.

    We are a college and have a student helpdesk that needs the ability to reset student passwords but we do not want them to be able to reset passwords or access the staff and faculty accounts. Being able to assign these helpdesk users as administrators over a student group similar to Active Directory would be great.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure / Intune third party app integration for subscription based apps

    Hello,

    I work with a software development company on a mobile applications team which produces an iOS / Android app. This app is used extensively both recreationally and commercially for field data collection.

    Many of our larger enterprise clients already utilize MDM's such as Intune, and have shown interest in accessing and distributing our app to team members through such an MDM.

    I have spoken to both Intune Support Engineers and Azure Authentication specialists about a specific technical use case regarding in-app subscription integration. Our app utilizes subscription based registration for access to premium app tools and features via a…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Retrieve all properties using $select=* in Microsoft Graph API

    When querying for properties of a Group in Graph API, a subset of the total number of properties is returned unless $select=<specific property> is used in the query.

    $select=* presently pulls all of the default properties, which is not needed at all since that's the default. The suggestion is to have $select=* pull *all* of the available properties. This prevents the need to have a long specialized query that pulls every property and avoids issues where if the list of available properties is changed.

    Documentation: https://docs.microsoft.com/en-us/graph/api/resources/group?view=graph-rest-1.0

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. React Native MSAL

    Add a supported library for React Native for Microsoft Authentication Library (MSAL)

    3rd party libs for RN aren't fully supported (either not maintained, or don't cover both Android and iOS)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Conditional Access View - Unprotected Application

    Please create a view within Azure Active Directory\Conditional Access that shows all applications that do not have a CA Rule applied. Currently you have to click into each application separately to view if there is a CA Rule applied to that app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. Policy definition read permission deny

    NotAction: "Microsoft.Authorization/policyDefinitions/read" (Get information about a policy definition) :: when I am using this action in not Action and assigning that Custom role to any active AAD user then he should not be able to read ARM policy definition. However, he can read the ARM Policy definition. This is a bug.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Role-based Access Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow ability to assign multiple management groups to custom role

    In cases where it is not possible to use a common parent over all subscriptions, can Microsoft please allow the ability to assign multiple management groups to a custom role in Azure Active Directory? The option exists to add multiple subscriptions, but when there are over 200 subscriptions, it becomes difficult to administer with 100% accuracy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure Policy to deny storage account creation when soft delete is disabled.

    Policy couldnt deny the storage account based on the softdelete enabled or Disabled.
    Currently,the blobService properties control the behavior of the blob service, but they are implemented on a subtype (resource type == "storageAccount/blobServices"). When creating a storage account (resource type == "storageAccount"), the subtype is only required/provided if non-default values are desired. Otherwise, the resource provider internally creates the storage account with default values. This create operation is not performed by ARM, so ARM policies have no effect.
    This feature has to be brought in, so that, policy can control storage account creation based on subtype object.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Dynamic Groups - Please add function to allow moving devices from one dynamic group to the another.

    Currently when enrolling device using a QR code you can only assign a dynamic group to allow polices to apply. If user needs new set of policy then the only way is to wipe device and scan a different QR code.
    It would be handy to have the ability to just move the device to another dynamic group without having to do this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Groups/Dynamic groups  ·  Flag idea as inappropriate…  ·  Admin →
  13. Rename user logon account on sign-in page Alias

    Please make it possible to rename of alias your user logon account on the sign-in pages.

    I work for a IT company and have lots of login accounts, it would be nice the give the accounts a custom more faster recognizable name.

    I would recommend to make a "Rename" option under the More option menu ("...")

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sort on all fields in Azure (All Sorting Votes here)

    Every list view, detail list and table should be sortable by every field.

    This is basic functionality that is inherent to almost every system, software, environment and setting in technology. Since the GUI was first presented people have been sorting what they see, and even command-line interfaces offer sorting options in almost every scenario. Whatever technology Azure uses to present data, I'm assuming SQL, has the ability to sort the results.

    For example, there is no logical reason why I can't sort my Azure A/D Devices by Device Name in the portal.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Why doesn’t Azure AD natively use Organizational Units?

    Microsoft developed Active Directory the way it is with Users, Groups, Workstations and Organizational units in order to easily apply policies to said objects — what lapse in judgment cause them to natively omit such a hierarchical grouping mechanism to keep objects organized? As a cloud-only tenant (even tenants I worked on that were hybrid) I despise when I click on Users and Groups and am greeted with never ending list of all objects with no meaningful organization and **** poor search abilities (though the new search preview works better)

    Yes, I get “azure AD is not active directory” but…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. So, when I click on azure AD connect, it just shows an ability to configure, but no ability to upgrade

    Make it easy to see all options when getting into the program. I want to do an in place upgrade, but upon getting in, there is no option for doing an upgrade. Only a message that synchronization has been suspended until configuration is complete, and then there is just a wizard for configuration, and that is it. NOT very intuitive. It is an older version, which is why I want to upgrade, but trying to follow the pics shown under in place upgrade does not seem to apply, as there is no option shown to upgrade on version - https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-upgrade-previous-version

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to Flag IPs that are trying to hack into accounts.

    We constantly see IP addresses from China trying to hack into several e-mail accounts. Would be great if there's a tool to submit these to Microsoft so that they can block on their end.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. Associate (constrain) Azure AD B2C user flow to a specific application and vice versa

    Currently any user flow can be used by any application; it's the application responsibility to set and require only a specific flow to be used, for example one requiring multi-factor authentication.

    This can be challenging in the case of single-page and mobile apps.

    It would be great to be able to associate/constrain specific flows to be used with only specific apps to allow easier and more secure administration.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow authentication email for SSPR to be in same tenant domain

    Today, Azure doesn't allow you to put another email with the same domain name for SSPR contact info setup. This would be beneficial to be allowed for people with multiple accounts (regular and admin)
    In addition, a password reminder email could be setup easily with powershell then to utilize that field information for the admin account to email the non-admin account a reminder that the password expiration is coming up. Most people do not login to windows with their admin account to know the password age. Today there is a workaround to get it populated in there but a user…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 172 173
  • Don't see your idea?

Feedback and Knowledge Base