(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Prevent Account Lockout due to Brute Force Attack

    Currently Azure Active Directory is locking Office 365 user accounts based on the number of failed sign-ins. If the user credentials are entered incorrectly, it does not check or verify existing Azure Conditional Access Policy, whether this account can sign-in from that location (Country or IP address) or not, because the authentication was not successful.

    To prevent Azure AD account lockouts, can you design the Modern Authentication system in Azure AD to check for existing Azure Conditional Access Policy for failed logins coming from blocked locations (Country or IP address)?

    This will help Office 365 Admins prevent account lockouts, sourced…

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  2. AADSTS50126: "Invalid username or password" returned even when the password is valid

    While trying to log in to Microsoft 365 with OAuth2, some customers are getting this error code, although the username and password is indeed correct.

    This is because this error code appears to be returned for another error situation which is not related to the password that the user entered.

    No matter the actual cause of the error, it is crucially important to properly pinpoint the actual cause of the error, so that the software can respond correctly. Different error cases need different responses from the software.

    From the client software side, the perspective of a client software developer, we…

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make start/stop solution able to target only 1 VM instead, listing each VM to not be targeted.

    Hello,

    Please create another scoping feature in the Microsoft.Automation - Start/Stop solution, so that a user could target only 1 desired VM, instead of listing all VMs to be ignored in the "VM Exclude List".

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow GitHub Enterprise to be a source to sync Azure Automation Accounts

    Currently there is only three options under the source control blade which allows you to sync Azure Automation Accounts with the latest runbooks. I would like there to be an option to use GitHub Enterprise as a source as a lot of the work that is developed can not be stored on a normal GitHub and my organization pays for GitHub Enterprise

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  5. Monitor alert: Throttling Health Event's title and cause needs to be more specific rather than word like "UserInitiated"

    properties: {

        title: This storage account was throttled because it exceeded Azure Storage partition request per second, partition bandwidth, or IP scalability limits.,
    
    details: null,
    currentHealthStatus: Degraded,
    previousHealthStatus: Available,
    type: Downtime,
    cause: UserInitiated
    },

    ==========================

    Storage account throttling can be caused by busy storage partitions on the server side which is not related to customers' usage.

    The "UserInitiated" wording in the health event cause would lead to misunderstanding of reaching service limit when customers' traffic is not there yet. Maybe we can change the wording to "ClientInitiated".

    More specific alert cause can help both customers and support team to identify…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  6. linkable support requests

    Currently Support Requests (https://docs.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request) can not be directly linked to, which makes tracking them in my own internal system and sharing them with my coworkers an difficult and time wasting hassle of copying and pasting just the identifier which they then have to search for themselves in the portal. Communication and information transfer would be much faster with simply a hyperlink pointing to the generated support ticket resource. Nearly every other resource has links which work like this.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. Azure VPN error report is not detailed enough

    The Azure VPN status shows failed, but after we perform a Patch in Azure resource Explorer, the error returned refer to that certificate is invalid. So our customer suggested that It would be great if the expired certificates information was available in the failed text box instead of just saying “Failed”. E.g. “Failed to start because of expired root certificates”.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  8. Naming policy format

    In Group Naming Policy, be able to specify format of prefix or suffix. We would like the policy to enforce a 3 letter prefix [user selectable] followed by a hyphen and then free-form text for the user. If the 3 letter prefix could be from a list we publish, all the better.

    Our use-case is that we identify a group or asset by their 3 letter assigned code, then allow free-form text. For example - "GRC-Project123" would be valid. But I can't trust the users to name Groups (Teams, Planner Plans, etc) following the naming convention we've established.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  9. Require to send app service plan's metric data to a workspace.

    A diagnostic setting to send the app service plan's metric data to a workspace is really needed.

    The metric data in app service plan is important and useful for monitoring the condition of all the apps, here is a strong requirement to make use of the data on Cx's goal flexibly by sending the data to a workspace.

    Please take this into consideration. Thanks a lot.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. Map IPV6 addresses to locations so we can use it in Conditional Access policies using Countries/Regions as Named Locations

    It is not possible to have Conditional Access Policies using Countries/Regions correctly because AAD doesn't map IPV6 addresses to locations.

    When setting up Conditional Access, most of us are using Countries/Regions to limit the scope for the access, especially when we see how many sign-in attempts we get on a daily basis from foreign countries.

    We therefore add Countries/Regions as trusted locations in the AAD Named Locations.

    Problem is that AAD doesn't map IPV6 addresses to locations and therefore map incorrectly users using IPV6 when assessing Conditional Access policies.

    Result is that either users are blocked while they are within…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  11. App Service update history

    I would like to know the exact date and time when the Azure platform update was actually performed on Azure Portal.
    I've heard many complaints about not being able to do that.

    Many vendors need to report exact date and time to end users.

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  12. We would like to be able to use the Azure DevOps Kubernetes Service Connection against Arc Enabled kubernetes Clusters

    When using ADO and selecting the Kubernetes Serivce Connection, it only shows AKS clusters in the drop down for a particular subscription. We think it would be great to be able to use the kubernetes service connection against Arc Enabled kubernetes clusters that have been added to a subscription.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  13. Assign users to group temporarily through PIM

    Hi,

    Currently, on the PIM, we can assign Azure roles and Azure resources temporarily to groups/users.
    It would be essential for Microsoft to add the feature to assign groups membership to users temporarily.

    Meaning that, we would like to have users temporarily assigned to some groups through the PIM and once it expires, they are removed from those groups. That would allow us to enforce the security following best practices.
    It will be essential since a lot of permissions are set according to groups, to access tier service through SAML, to access AKS Kubernetes clusters at different permission levels etc...

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automatically apply Azure Hybrid Benefit (AHB) based on EA entitlement

    Microsoft Enterprise Agreements are complicated and difficult for companies to understand. There are SKUs that, when purchased under an EA, can give certain rights to reduce the overall price of an Azure Virtual Machine when enabling the Azure Hybrid Benefit (AHB). EAs change from year to year, as do the rules that go with licensing those SKUs.

    In order to properly manage the AHB, you must have a solid understanding of Microsoft products, knowledge of what those SKUs allow for in Azure and also a coding background so that you can dynamically assign AHB to VMs as they are provisioned…

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure VPN with Azure MFA should require two-factor authentication every time it connects

    We are using Azure VPN client with Azure MFA, and the client requires the second factor (code via SMS) only when the user connects for the first time. After that, every time we click on the VPN icon, the VPN client connects automatically, ignoring the MFA requirement, even if we log off the user or turn off the PC. It seems that, after the first authentication with MFA, the client turns into a "one-factor authentication" access, requiring only userid and password. If someone obtains the Windows credentials for a user, an attacker with access to the laptop can connect remotely…

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. FrontDoor Designer - Do not show disabled KeyVault certificate versions

    When enabling HTTPS in FrontDoor designer for a custom domain, it lists all versions of certificates found in KeyVault, even when the version was disabled.

    Suggestion is not to show disabled versions of SSL certificates by default, perhaps with a check box to show disabled versions (not sure what the use case would be).

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make Azure DevOps Agents an Azure Trusted Service

    Make Azure DevOps Agents an Azure Trusted Service.
    It is very frustating having to code workaround because of this, i.e. when there are firewall rules for key vault or storage.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  18. Privileged Identity Management (PIM) - Start and End Time in PIM email to be in local time not UTC

    Require new feature to customize the time from UTC to local time in the PIM email.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow change of country residency

    I changed my country of residency and now my Azure account is pretty much locked up. It does not let me add a new payment method with my new country as the country option is grayed out.

    I contacted support and they basically told me the current platform does not allow it!!!

    Can you please allow this? For me, it is not an option to use another email address....I have only one email address that I monitor.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  20. hybrid environment - User synchronization from Onprem

    In hybrid environment, User's is been sync from on prem to AAD with AAD connector, we can also activate password write back.
    If the user is lockout in on prem, this is not replicated to Azure\O365 and the user can log in in the cloud.
    And vice versa ,when user lockout in Azure, he still can login in on prem.
    I suggest to add this feature.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 81 82
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base