Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Log IP of password reset requests and source IP of MFA triggers

    We recently experienced a user getting an MFA prompt as part of an attempted password reset request, but there is no logging of the IP or source of the request. Having IP data would allow for correlation of data with successful/failed logon attempts.

    It's actually amazing this isn't already a thing.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Intune for Desired State Configuration Management in Azure

    It will be great to have Intune available within Azure for desired state configuration management on IaaS, PaaS, and SaaS components as an alternative to other products like Chef, Puppet, etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Keep allowing individual user consent on Azure AD native apps in the Azure portal

    Make this available in the "new" portal experience as it was in the "old" UI (which will soon be retired). Also add this operation to the Azure REST API, to perform it prgrammatically.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  5. Add User and App Credential (username/App ID and password/certificate) Support for Intune AutoPilot Cmdlets

    Allow Connect-AutoPilotIntune cmdlet of the WindowsAutoPilotIntune module accept secrets (password and/or certificates) as a parameter to facilitate scripting. At the moment it only accepts <user> as a parameter. When such a script is added to say, Task Scheduler, the user account used will have to be logged into the machine for the task to successfully run the PS script.

    Examples


    1. Connect-AutoPilotIntune -credential


    2. Connect-AutoPilotIntune -TenantID ... -ApplicationID ... -CertifiacateThumbprint


    etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Devices  ·  Flag idea as inappropriate…  ·  Admin →
  6. I want to key in Hong Kong phone number to get the link to buy office 365, but the options only provide Tai Wan and China, what can I do?

    I want to key in Hong Kong phone number to get the link of Office 365, but the options are Taiwan and China, what can I do?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. How to solve active directory 'Needs attention'

    Impossible to solve issue on active directory 'needs your attention', say backup must be done but backup cannot be updated.
    I really need help.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Azure AD risk events - change sign in from infected device to sign in from bad IP address

    The Azure AD risk event "sign in from infect device" is confusing. The event actually means that a user has signed in from a device that has a known "bad IP address". A number of user will be behind a NAT address so it could be another device that is "bad".

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Migrate from PST to OST

    Taking the help of Free OST to PST Converter application the user convert their data from OST file to Outlook PST file format without any difficulty. This application has an auto scanning processor that shows the preview of recovered mailbox along with all the data of OST mailbox. It supports several files formats such as PST, EML, EMLX, MBOX, vCal, vCard, HTML. The user breaks their large file into several small files as per their need. It supports the version of MS Outlook like 97, 98, 2000, 2002, 2003, 2007, 2010, 2013, 2016 and 2019.

    Read More Info: https://ats-ost-to-pst-converter-toolkit.en.softonic.com/

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. User Initiated Certificate Generation for Import / Use in O365 apps

    Allow administrator and users to generate certificates to use in O365 apps for securing data transmissions and storage protection.

    I would simply like to download a fresh certificate for SMIME setup.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Active Directory to dynamically detect Groups with Linux Computer members

    Requesting a new feature to allow Active Directory to dynamically detect Groups with Linux Computer domain joined members, to support Azure Monitor \ Update Management & Azure Monitor \ Automation. This will meet Enterprise Readiness for Update Management and Automation

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Groups/Dynamic groups  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add an App for Windows...you might talk with the company that makes it.

    Add an App for Windows...you might talk with the company that makes it.

    Guess I will stick with Authy until you support Windows. I have a surface and not having the app makes this worthless to me. I don't alway have my phone or it is dead... kinda defeats the point of the app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. MFA, option to request setup only when outside the organisation/trusted IP scope

    I would like an option to select a group and not prompt them to setup MFA unless they are outside the trusted IP scope.

    Whilst on the trusted IP scope, the user shoudl have access to setup or continue onto office365

    Currently once MFA is enforced the user has no option but to set it up otherwise they cannot access office365 sharepoint homepage, if they cannot do it there and then it stops them from working

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Can we accept additional querystring values in Custom Policy in RP? currently its not taking additional parameters.

    We wanted to accept additional querystring value from application to B2C RP. for e.g. we wanted to send localeId as us or ca from application to B2C custom policies RP which can accept this store it in Input claim.
    But we are not able to get values in Input Claim of RP.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  15. Users should have an option to chose re-send the code again than select other sign on options...

    Re-send option should be available for users than chose other way …..

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. Graph Connector Issue: Manager update wrong HTTP method

    An issue are available on the Graph Management Agent Version 1.1.913.0.

    If you want to update the manager of a user the connector sends a POST request against graph.

    The issue is that the function Assign manager is listening on HTTP PUT.

    StackTrace below:
    Method Name : ExportContext : Export Export failed
    --------- Outer Exception Data ---------
    Message: Error during http call. HttpStatusCode: MethodNotAllowed;
    url: https://graph.microsoft.com:443/Beta/users/{GUID removed}/manager//$ref/;
    Response: {
    "error": {

    &quot;code&quot;: &quot;Request_BadRequest&quot;,
    
    &quot;message&quot;: &quot;Uri is invalid for a POST operation. The URI must refer to a service operation or an entity set.&quot;,
    &quot;innerError&quot;: {
    &quot;request-id&quot;: &quot;{GUID removed}&quot;,
    &quot;date&quot;: &quot;2019-05-21T06:41:51&quot;
    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. Hi the idea seems to be good as per the security term but if there is any network connectivity issue with the mobile number registered there

    There should be an alternate way to get signed in with the mail or there should be any of the option to provide other alternate number in case there is any network issue or the power issue.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. ARM template support for Azure AD authentication on Linux VMs

    ARM template support for Azure AD authentication on Linux VMs.
    We need to use AzureCLI to perform this task currently.

    https://docs.microsoft.com/en-us/azure/virtual-machines/linux/login-using-aad

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Role-based Access Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. IDEE Authentifizieren.

    Es wäre Sicher, wenn Sie dafür sorgen, dass diese Absicherung auch in dem Konto des Kunden integriert wird. Dieses Konto ist von mir dort schon angemeldet. Über dieses oder vom Original PC könnte ich meine Authentifizierung auslösen. Dazu braucht man( ich) kein Smartphone.
    Ein solches besitze ich nicht. Das was sie hier finden sollten? gehört nicht mir, also ist nicht in meinem Besitz. So, nun ist mein Konto wohl kaputt, nur weil ich einmal eine Sicherungs-Abfrage gewagt habe.
    Pech für mich? Ich hasse diese Meldeanmeldungen. Ich bin ich und ich habe ein Konto und habe eine ID Nummer in meinem…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow admin to reset a users security questions should they forget them

    Allow azure admin to reset a users security questions should they forget them

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base