Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure Active Directory License assignment

    When doing Licence Assignment via AD groups, it doesn't always work. doing it with EMS licences. It was working, but now we have users in the AD group not licenced. Nothing has changed. Azure AD see's the users with no licences as members of the group. At the moment I can't rely on it. Makes my job a little harder.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Licensing  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. Users and Groups assigned to Application Flyout to Show Users

    In the preview of AAD management in portal.azure.com, when looking at the users and groups assigned to an application, it would be great to be able to see the members of the group when you click the group. It is a huge improvement that you can now see who has access to the app by default, just this one last step would make it even better.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. Stop caching credentials for your online service in cookies

    I work across multiple subscriptions of Azure and Office 365 for multiple clients, all with different credentials. You try to cache these credentials, but all that happens is the cookie gets confused and I end up having to releaunch the browser.

    Using incognito mode is one workaround, but if you stopped caching credentials in the first place...

    Don't get me started on your other sites that are clearly business related, but don't use Azure AD, such as VLSC and MSDN (Visual Studio). Stop trying to be cleaver, because you're just infuriating your customers.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. Domain Services

    I have a basic domain and after the creation of the domain and also the creation and mirroring VNET for the domain is necessary for password synchronization is enabled, however when it directs to the site, not hé option and reset password, as shown in the site itself documentation Azure.
    Has there been any change?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Domain Join  ·  Flag idea as inappropriate…  ·  Admin →
  6. Bug: Cannot assign role to application registered via the new portal

    I registered an web application via the new portal and I tried to assign it a role without success. The application cannot be found when trying to add access. Application that was registered with the old portal can be assigned successfully.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. Send alert to users to reverify their secondary authentication options.

    Currently, users don't know that their secondary authentication methods are expiring. An alerts needs to be generated to these users before the methods expire and need to be verified by the user again.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. A couple of questions:

    1. Can you clarify what you mean by authentication methods that expire? Azure AD doesn’t currently have that functionality.
    2. You can make users review their registered methods on a regular basis using the control that is in the Registration section of the Password reset section in the Azure AD portal.

    Thanks,
    Sadie Henry

  8. remote

    Please deprecate Azure AD PowerShell module and instead adopt Exchange/Exchange Online style PowerShell remoting.

    During long-running PowerShell sessions, you may no longer receive up-to-date data from Azure AD, for reasons I cannot begin to imagine. Whereas web admin portal says user exists in Azure AD, Get-MsolUser won't find it. This can be fixed by running Connect-MsolService again.

    Connection to Azure AD may be interrupted and it cannot recover unless by running Connect-MsolService again.

    Especially from automation standpoint, both of these issues are severe because there is no way to see current state of Azure AD connection. For automation, I've had…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  9. Active Directory undo "Allow Admins to view private user data" setting

    In "manage.windowsazure.com -> Active Directory -> Default Directory -> Users -> Select a user -> Activity" it will ask you if you want to allow admins to view private user data with a checkbox. I want to be able to undo that setting after it's already been checked. I asked @AzureSupport and they don't think it's currently possible, but if it is please let me know. Thank you.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. LET REMOVE DIRECTORIES FROM OUR ACCOUNTS!

    Please let us remove ourselves from directories (especially ones that have zero subscriptions).

    Currently there is no button to do this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure User Login Authenticate Issue, Not able to access Graph api

    Please help with solving the following:
    I have a office365 subscription. I created application in azure Active Directory for Access users outlook calendar event from iOS application.I am using graph api for this. I am getting successfully Event of user which is added in azure active directory tenant user list. But I am not able to get the Event of user's calendar which is not added in azure active directory tenant and got the error in response "user not added in azure active directory tenant" so how to resolve this issue and allow all user to access outlook event api…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Move Azure Active directory to portal.azure.com with ARM support

    We manage nearly all products using ARM deployment and powershell, however Azure Active directory, especially creating applications and assigning groups, still requires the use of the old, buggy, https://manage.windowsazure.com portal. Would be nice to move this to be managed using portal.azure.com instead. Also having better support for powershell users / arm templates would be far superior -- the old portal requires far too many clicks to perform simple operations

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. app registration

    uable to register an app under another

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. Verification Certificate upload for Azure AD Applications

    Currently the only way to add a certificate as a verification method to a service principal is through PowerShell, and it is painful to script. It would be really helpful if there was a way to upload a certificate as a credential in the portal.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure AD Connect Health - Integration with Ticketing system

    Within our infrastructure, previously we had Dirsync and that is monitored using the SCOM MP for "FIM" and the critical alerts like service down, sql database connectivity issues between DirSync & SQL, Sync job failed ... are integrated with the ticketing system (HP Serverice manager) so it raises tickets/case to the relevant internal support teams. However if similar functionality for Azure AD Connect Health agent is available it will be very helpful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
  16. Hi , I am the admin on my portal and cant access the Classic azure portal.

    Hi , I am the admin on my portal and cant access the Classic azure portal. I need to Access Active directory to add up my applications but cant find that in new portal.
    Need help with same.
    PS:I am using the same ID as login to portal.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. HTTP Agents for OpenID connect or SAML

    We would like to migrate all our application protection to AzureAD from traditional WAM systems like SiteMinder.

    Not all applications can consume OpenID or SAML tokens, would need HTTP connectors / proxies to speed up application migration to Azure AD.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Force object based AD sync for automation

    From a sourcing perspective we often have to deal with hybrid cloud environments. For the User Workspace (webbased) we make use of both Active Directory systems (LocalAD and AzureAD) for access control to multiple applications.

    To optimize End User Experience it is neccessary to sync both Active Directory systems as fast as possible (realtime is preferred).

    Antoher possible workaround is object based (specific user or group) synchronization from command line to integrate with automation tools.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  19. add or sync profile picture with microsoft or hot mail

    add or sync profile picture with microsoft or hot mail

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. Come up with another way of authenticating staff without me having to give a personal email account!

    I had not supplied my cell phone AND PERSONAL email account to Microsoft (just in case my account gets locked out). Find a way to do this without requiring a personal email account! I'm fortunate that I'm in IT and I'm allowed to log in to a personal email account, most of our staff is not allowed to do this and we actually block access to email urls such as mail.yahoo.com. You have my cell phone number, you don't need to send email to my personal account, and I find it disturbing that we may have to loosen our security…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base