(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow customisation of RADIUS access challenge reply message content for Azure MFA NPS extension

    Currently RADIUS access challenge reply message content is set in the code of the NPS extension.

    We'd like the ability to customise the reply message for challenge based authentication methods ( e.g. SMS, mobile app verification code etc ).

    For example when using mobile app verification code method, the RADIUS access challenge reply message is 'Enter Your Microsoft verification code'.

    We'd like the ability to override, this, for branding consistency / ease of use reasons.

    As the VPN appliance will take the reply message content and display it to the user as is, we'd like this control.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. Playing online casino games

    Who knows some good sites where I can learn to play poker online. I know that the poker online is a lot easier than the real one, that's why I want to start with it and then move to real casino

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. Authenticate to Azure Files from Azure AD joined device

    We can use Azure AD DS and AD (in preview) to authenticate users to Azure Files, but only if their device is Azure AD DS joined, or AD joined respectively. I want to be able to do this from Azure AD joined devices.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. Display current setting for HTTP/HTTPS backend port instead of default port (80/443) when changing the http setting of Application Gateway

    When we changing the application gateway HTTP setting, the backend port always display as the default port for HTTP and HTTPS (80 and 443), even if we have used another custom port for HTTP or HTTPS.

    Sometimes, I only want to change another setting for HTTP setting such as the timeout value, without changing the backend port. But this default display for HTTP/HTTPS port easy to mislead me into changing the custom port accidentally.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. Optimization of RBAC Functionality on Azure Firewall

    I wanted to use RBAC to control the access to FW. More specifically, I want the role to be able to modify "NAT rule collection" only. To achieve this, I defined a custom role and added "Microsoft.Network/natRuleCollections/write" into the allowed actions. However, it's not working since portal reminds that "Microsoft.Network/azurefirewalls/write" must be allowed for this.

    However, if this action is allowed, users with the role can modify all configurations of the FW, even those which are added into the "Not allowed" action, which is not expected. Below is the detailed definition of the role:

    "Actions": [

    "Microsoft.Network/natRuleCollections/read",
    

    "Microsoft.Network/natRuleCollections/write",

    "Microsoft.Network/azurefirewalls/read",
    
    "Microsoft.Network/azurefirewalls/write",
    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide an option to disable the TimeSync guest integration service for Azure Virtual Machines.

    Domain joined windows machines require a registry setting to disable the VMICTimeProvider and force time sync to domain hierarchy. This could be avoided if the Time Synchronization setting under Guest Integration options in Hyper-V manager was configurable from the Azure Portal or Azure Powershell.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. New apps page Collections need ability to add Microsoft apps

    The new apps page: https://myapplications.microsoft.com/
    has a new feature for Collecdtions. However, we are only allowed to add non-Microsoft apps...which seems to be backwards. We can only get Microsoft apps in the All Apps tab. We want to create collections based on Departments which use several Microsoft products as well.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add instance count to App Service Plan pane

    Currently, there is no easy way to determine the number of active instances in an App Service Plan that has auto-scaling turned on. The most reliable way I've found to determine this is to open Live Metrics in Application Insights, which will then tell you the number of servers online. This is way too many clicks to find out this crucial bit of information. When I've received support from Microsoft engineers and asked about where to find this information, they've directed me to several metrics that never show the count, or do so inconsistently (e.g., sometimes the metric shows no…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. Enable Microsoft support to delete purge-protected key vaults even if this has an involved process.

    We have found ourselves in a situation where we deployed purge-protected key vaults into a QA environment and could not remove these to deploy into live due to the purge protection and the common namespace that the accounts reside in. We recommend Microsoft support is able to remove such accounts even if this involves going through support and signing a digital declaration accepting responsibility. This should more so be the case for empty key vaults.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. CLDAP

    CLDAP Reflection Attack is a well-known attack which is a big threat for users who set up ldap services on Azure VMs and opened inbound port 389.

    Currently in the wizard of creating a IaaS VM in Azure portal, security warning is displayed if inbound ports 3389, 22, 80, and 443 are selected. I would suggest that more ports could be added to this list such as port 389.

    This will give Azure users a heads-up on potential attacking.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. CDN purge authentication API

    When purging CDN endpoint using API call, in authentication usually we need to get auth code manually first. We checked the API has only delegated permission, thus OAuth 2.0 client credentials grant flow cannot be used.
    Now our customer have the demand that using API to get auth code then use the code to process the purging process instead of using browser to get auth code.
    Please consider to implement it if possible.
    Thank you!

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. Give users the ability to set the name of the NIC in a private endpoint

    A NIC is automatically created when making a private endpoint. It would be very useful to be able to set the name of that NIC.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. Publish Information for Azure Resource Exhaust

    If azure resources are exhausted, I would like to know about the situation.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Forex trading

    Someone involved in trading currencies? I want to start trading online but I wonder how real it is to make money this way. Reading online, I saw a lot of positive but also negative feedback about that

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Password Reset reporting

    Azure AD Password Reset blade reporting displays more users than what are targeted. Having a more accurate targeted to enrolled or enabled would make the reporting easier to understand and validate status. In My tenant, I have several accounts that would never be targeted for Cobined reg or MFA or SSPR. Such as Teams Rooms as an example.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. custom script extension

    When cx add customer script extension with blob file in azure portal, sas token is added automatically into uri even though blob is public.
    CLI and powershell doesn't have issue, but only in azure portal, sas uri is added.
    I know this is by-design, but there should be some other options we can select if we use sas token or not.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to scope Policy and RBAC assignments to Management Groups via Azure Blueprints

    RBAC and Policy can be scoped at Subscription and Resource Group levels in Blueprints; we need the ability to scope Policy and RBAC assignments to Management Groups as well.

    Currently, we do not recommend Blueprints if using MGs for centralized governance management.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable Passwordless FIDO2 auth for Mobile Apps

    Enable M365 & Azure mobile apps to sign in with Passwordless FIDO2 auth. Specifically looking for this functionality in the M365 Admin and Azure Admin mobile apps, but FIDO2 should be supported across all M365 apps on all platforms, including mobile.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. prevent to use double byte charactor for resource group name

    Even not allow to use double byte chatactor (ex. Japanese charactor) for resource group name, it is possible to use them right now.

    Prevent not to allow for using "unsuitable charactor" when create resource group.

    https://docs.microsoft.com/en-us/rest/api/resources/resourcegroups/createorupdate

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base