Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Show help when adding an identity provider to the microsoft docs

    When adding an identity provider, there is no help provided to get started... this, for newcomers, should definitely be provided... there are docs on microsoft docs, but no direct link from the portal.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  2. Offer a cheaper version of AD Domain Services for testing / ALM scenarios

    The price for AD Domain services is justifiable for a production environment but is high for ALM environments (dev, QA, etc.). In certain scenarios separate AD domains for non production ALM environments are required. But at the current rates it is cheaper to use a Azure VM as a domain controller than using AD domain services. I think if Azure offers a certain offering as PAAS it should be cheaper than setting it up as IAAS.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. azure ad admin consent export/import

    When IT admin brock to add app by user(user consent), s/he need to add partner app.
    to add app by admin is dificult.
    need easy way..

    partner side: export app setting or mail to it admi n of customer side

    customer side: import setting file

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add registered owner to Device command

    Add registered owner as a property when running "Get-AzureADDevice"

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  5. Finer Deep Inspection Options

    Currently Depp Inspection is an all-or-nothing setting.

    It would be highly useful if there was a level of customization - either as a 'Only Selected Groups/Users', or a setting to override Local Agents where the online service would happily process the additional info.

    Specifically, we have found the product causes a few sites to not work as expected. And installer doesn't always place the custom Root CA in each workstation's Trusted Root Authority store - something we are working on. So it makes it very difficult to test the functionality by including or excluding users via GPO, AD Groups, etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. MFA on-premises use security questions for fallback

    In the on-premises MFA server there's the ability to enable "use security questions for fallback". This is great but only works for newly imported accounts. Can this be enforced on all users?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. On-Premises MFA logging, user change MFA method

    There's much logging in the on-premises MFA server, but it's missing the change for MFA method by the enduser at the moment. Can be handy for traceback (including the machine name from which the change has been made) and seeing if there's a possible identity theft.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Possibility to sync secret question

    It would be nice if there comes the ability to sync the secret questions including the per user answers from the on-premises MFA to and from the SSPR in Azure AD.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback! We are working on capabilities that allow you to set a user’s methods (such as security questions) in Azure AD programatically. This could be used to accomplish the scenario you described. Does that meet your requirements?

    Thanks,
    Sadie Henry

  9. I want to see many Account provisioning errors

    I can see "Account provisioning errors" that is a last record.
    but I Want to see timeline of records

    I want to see it specify the period of time

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  10. SaaS Account Provisioning Activity report is not record

    SaaS Account Provisioning Activity report is not record for BOX
    But Sales Force is Recorded completely.
    Google is not record this report.

    I hope the common specifications of the report
    This log is important for support to solve the problem of provisioning

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  11. Make AADC AD Site Aware

    Currently you can force AADC look at a limited list of DCs but that is the extent of the intelligence, to the point I am told that there is no use of AD Site awareness or DC discovery. It would be great if AADC were to use AD Sites to find a DC for a domain, ensuring a much more efficient conversation, and avoiding the need to remember to keep the list current as one's DCs get refreshed. Perhaps a best of both worlds, if no DC is selected, use DC Discovery, but if a specific list is used, either…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  12. Make it less bizzare!!!! I've read the docs and I am still confused. Its working, but Im confused.

    Are these accounts copies of accounts in my local directory? Where the does Microsoft account come into play? I can only sign in with "personal account". Come on....this is just strange and your docs are ZERO help.....

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. asdf

    typo in "about this preview": "some tasks of those tasks"

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. tenent id

    I think it is such a pain to find the client id and tenant id, this should be made simple in the subscription tab or something.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable easy access to manage multiple Azure AD tenants

    We are building a solution in a subscription under our EA linked to our corporate Azure AD. However, this solution is using a separate Azure AD to hold its users. On the Classic portal, Azure AD management brings up a list of all the directories you are an admin and/or user for regardless of the subscription you're signed in under. Bringing that forward to the new portal would help us.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Active Directory License assignment

    When doing Licence Assignment via AD groups, it doesn't always work. doing it with EMS licences. It was working, but now we have users in the AD group not licenced. Nothing has changed. Azure AD see's the users with no licences as members of the group. At the moment I can't rely on it. Makes my job a little harder.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Licensing  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Users and Groups assigned to Application Flyout to Show Users

    In the preview of AAD management in portal.azure.com, when looking at the users and groups assigned to an application, it would be great to be able to see the members of the group when you click the group. It is a huge improvement that you can now see who has access to the app by default, just this one last step would make it even better.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. Stop caching credentials for your online service in cookies

    I work across multiple subscriptions of Azure and Office 365 for multiple clients, all with different credentials. You try to cache these credentials, but all that happens is the cookie gets confused and I end up having to releaunch the browser.

    Using incognito mode is one workaround, but if you stopped caching credentials in the first place...

    Don't get me started on your other sites that are clearly business related, but don't use Azure AD, such as VLSC and MSDN (Visual Studio). Stop trying to be cleaver, because you're just infuriating your customers.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. Domain Services

    I have a basic domain and after the creation of the domain and also the creation and mirroring VNET for the domain is necessary for password synchronization is enabled, however when it directs to the site, not hé option and reset password, as shown in the site itself documentation Azure.
    Has there been any change?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Join  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base