Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Is there way we can add Authentication contact info via power shell

    is there way we can we can add Authentication contact info via power shell Like
    Phone,Alternate phone,Email & Alternate email via power shell ?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improve security offerings for B2C (alerting, blocking, etc.)

    In 119061925000704 I asked How can we setup alerts for suspicious B2C login activity.

    Can you address the following:

    • We cannot get alerts from Microsoft on suspicio
    us activity
    • Only mechanism to stop password attack is temp block on the account(s) for increasing amount of time.
    o we have increased the initial lockout to 20 min
    • Attacker IP will not be blocked, so can continue try as many account as they choose, for as long as they choose
    • We cannot see who is using MFA in B2C.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  3. Permit custom-defined AD schema properties to be synchronized to Azure DS.

    Active Directory Schema properties which are defined by the customer need to be presented in Azure Domain Services, so that these custom schema property values can be filtered and retrieved via LDAP.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. branding

    Expand organization branding to the 'change my password' page when users are already signed on to Office 365.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure AD User provisioning service : Allow accessing diagnostic logs

    It should be possible to get diagnostic logs, like API calls from the Azure Portal in case of an exception, so that a troubleshooting is possible without contacting the MS support.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  6. Membership Request notification and response from MyApps portal

    There are a lot of great features for the MyApps portal for Group management detailed here: https://docs.microsoft.com/en-us/azure/active-directory/user-help/my-apps-portal-end-user-groups

    There is one glaring thing missing though, no way to be notified/respond to a group membership request. Almost the entire workflow is there for Group self-service and self-management, but when a user requests access to a group all the Owner gets is an email. It doesn't have a link to approve or even see more details. It would be great if the portal had notifications for them to respond, a single place to manage all requests.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. Removing different tenants/directories if I am the owner of the company

    Is it possible if you are company owner and you have employs to have access to remove the tenants or directories that are created under you / under your account

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. How to change the name DEFAULT DIRECTORY to something else?

    I want to change the name Default Directory to some other name

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support .ai domain extension

    Adding support for domain extension .ai

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Please allow the ability to pay and enable accounts in the portal using credit card

    It would be a good idea to allow individual email addresses to be enabled via a portal. So, if I need a couple email addresses to be activated, I can pay for them in the portal and be done

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. add in option taken out

    In Azure Active Directory a new change has removed the ability to take users out of Groups when in the Azure AD User Profile\Groups page. Please place this option to remove the user out of groups back in. It centralized and made things easier to remove former employees from groups within Azure AD. These are employees who we are allowing to keep their Email but need to be removed from all other Azure groups.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Groups/Dynamic groups  ·  Flag idea as inappropriate…  ·  Admin →
  12. Login MsOffice My Account

    Office My Account - if you are a existing user login office.com/myaccount, New user can create your office here. Once you account ready you can download and install MS Office in your device.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. Show at the portal the quota that is being used by the tenant

    Please add at the portal the quota that is being used by the tenant to be able to request to Microsoft to increase the limit prior to have affectation and impact on the sync, b2b invites, app creations etc.

    Current limit is 1 million, and when reach we will need to create a ticket with MS to increase the limit.

    There's no way to know the value of the total currently in use.

    The advice from MS was to run a:

    Azure PS
    (Get-AzureADUser -All $true).Count
    (Get-AzureADGroup -All $true).Count
    (Get-AzureADContact -All $true).Count
    (Get-AzureADDevice -All $true).Count
    MSOL PS
    (Get-MsolUser -All -ReturnDeletedUsers).Count

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. We would like to have an ETA for when custom Azure AD admin roles will be usable.. This is a huge request from all around the world. Thank

    We would like to have an ETA for when custom Azure AD admin roles will be usable.. This is a huge request from all around the world. Thank

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Role-based Access Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. respeito as diferenças

    Segurança geral da internet,inteligência emocional e artificial juntas em armonia na administração interna,externa,local e internacionais,com confiabilidade,sabedoria,saúde,responsabilidade,Amor frateno com os direitos de interatividade para todos os meios de comunicações no mundo inteiro para todos nós...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  16. Consider providing Group settings to be accessed when creating a group in Active Directory

    When creating a group in AD the settings to deliver messages to a users inbox are turned off. When a group is created in the Office 365 Admin portal these setting seem to default to On. It would be helpful to have access to these settings in AD. This would facilitate creating a group with the proper settings while allowing users to recognize that there are setting that need to be considered for a new group.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. We need three methods: (1) Dial a phone number (2) SIP URI Dial (3) SmartPhone App to multi-factor authenticate via Phone Factor

    We need three methods: (1) Dial a phone number (2) SIP URI Dial (3) SmartPhone App to multi-factor authenticate via Phone Factor. Today methods 1 and 3 are supported. As systems move to VoIP, SIP URI will become the standard way to dial a hardware/software based phone.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add authentication logging for Azure Active Directory Domain Service

    Currently if I want to gain additional insight on why a user may be unable to login to our AADDS we have to file a support ticket.

    We are able to manage our AADDS with the classic AD management tools - a similar experience would be ideal for log review. Although we would still be happy to have access through the Azure portal as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. B2C should provide a way to alert on suspicious user activity

    Provide means to alert on suspicious user activity.

    In a pen test we were able to try brute force attack of 300 common passwords across a large number of accounts. All from the same IP address. Lockout period did not stop us moving onto other users and coming back later.

    We need to be aware of this activity if being attacked!
    If we found the correct password the lockout counter reset to zero.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  20. numeric UserInputType

    In custom policies it would be useful to have more control about the text fields to render in the HTML page. On mobile phones the numeric HTML5 input type triggers a numeric keyboard that makes a lot easier for the user to input the correct values and it improves the overall UX. Same for tel input type.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base