We use okta for synchronizing accounts to Azure AD.

We plan to use AAD Join for our windows10 devices, it works well with AAD Connect(As AAD Connect synchronizes attributes DomainDNSName, NetBIOS name & Onpremisesamaccoutnanme)

Okta could not update these attributes, I want to find a way to update the attributes(by using PowerShell or GraphAPI?).

And also would like to know if there is any possibility to sync MSDS-Keycredentiallink attribute to on-premise without using AAD Connect so that I can use windows hello.

Users can sometimes approve MFA notifications on their device because they do not know whether it is their device authenticating or a hacker who has phished their credentials. Therefore, to help users know why they are being asked to accept authentication include additional details such as the application name, IP address and location in the MFA prompt. Apple includes the location and a map of the location in their own two-factor implementation.

Additionally, users should be notified with an email any time a new device is used to authenticate to their account.

we need an easy way to lift and **** Mainframes/ AS400 to lift and **** to Azure. instead of replatforming if Microsoft can build a layer which AS 400 or Mainframe apps can run on, can help drive consumption of Azure. Hopefully Microsoft can do it before AWS

RBAC role created so a group can be added for the single purpose of Reserved Instance creation, without keys to the kingdom (Owner rights). Capacity and Procurement would not need such keys as they would only be creating RI’s, following Least Privilege Access.

Allow Password Policies to be set at the Group Level instead of only at the domain level.

Example: Our default password expiration is 90 days, but we have a group that requires their passwords to be reset every 60 days.

This is not currently possible.

Currently Azure Automation runbooks start a powershell session that has Its security protocol set to SSL3 and TLS 1.0 by default.

Since there are alot of security risks involved with using TLS 1.0 we would like to have this version set to 1.2 or even 1.3 by default.

Since Okta has disabled TLS 1.0 and 1.1 per 1st of August 2018 this is also causing errors in Azure Automation runbooks, where we specifically need to specify a later version in each runbook.

PCI DSS 3.2 also prohibits the use of TLS 1.0 after June 30, 2018.
Source: https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

The EA portal needs auditing capabilities.

Currently AzureRM tagging only supports one value for one key. This means if i want to tag multiple departments to one resource it is incapable of handling it.

There needs to be a way to apply service tags to Azure CDN. When applying NSGs or firewall rules it would be beneficial to be able to use Service Tags to target the CDNs.

Marc

Hi Team,

Currently Azure is not supporting AAS as a datasource. Suppose i created the Datamodel in AAS and i want to use same in another AAS model, it is not working. Can we have any idea when it will support AAS as a datasource

Provisioning a QnA Maker Service provisions a Public App Service App <yourAppsName>.azurewebsites.net, but you are not given any control over the App Service Plan for which the App Service resides. My first choice would actually be an App Service Plan in our ASE environment, but if that isn’t doable at least let us select one of our existing public App Service plans to host this in.

A 1-1 ratio of App Service Plan to App Service is extremely inefficient.

When creating a 'secret' in Azure Key Vault you mainly got Name, Value and Content type fields to populate. It would be great to have a Description field as well to provide some verbose description/notes about the particular secret.

currently header comments are not maintained in Create View statements in DW. Please update the functionality so that this will remain and allow one to script out the objects with the comments and provide comments for development and re-use.

Create View vw_Name
-- Comment
-- Comment
AS
Select *
From Object

Please enable option of reserved Azure price in India and Saudi Arabia. Market is demanding the same.

It would be helpful for each object in Azure to have the account that created the object and the date/time of the creation imbedded in the metadata for the object. This would avoid the current method of having to get that information from the Activity Log and store it somewhere else that is more permanent.

I would like to add a watermark to a document of the person who printed it.

Currently it only allows a watermark of the document owner.