962 votes187 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
This feature is now on the roadmap. The MFA team is planning to adjust admin roles or create a new role that will allow delegation of MFA registration and credentials to an admin role.
Just tried using the portal as "Authentication Administrator" and reset MFA for a users, it worked.
@Joshua I am working on it. Large enterprise. OSS is scary. Want to make sure the code is somewhat usefull to the community :)
We developed our own app for this and have delegated permissions to Helpdesk staff to reset MFA. Everything uses Azure PaaS services. Looking into publishing it to GitHub.
28 votes4 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
Thanks so much for the feedback! Customizations of the My Apps portal for both end users and admins are on our roadmap. This includes providing the ability to re-arrange and group apps and as well as using a customizable domain.
We’ve also recently add a few new features to allow you to better manage the visibility of apps on My Apps. You can now hide specific third party applications and as well as the set of Office applications. Learn more about it here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-coreapps-hide-third-party-app
Please keep sharing feedback and ideas!
At least add free text search or something or expand the list of apps when scrolling. We have over + 300 apps today and its getting very hard to find the correct apps when Development are allowed to create apps on their own.
We’re continuing to investigate options for adding this support. There are technical challenges to overcome in order to make this happen. We thank you for all your valuable comments so far, and welcome any additional feedback you have on what are the most important use cases involved with these scenarios.
I have tried this for a couple of weeks in different scenarios. Azure AD groups in Azure AD Groups. Synced AD groups added into Azure AD Groups, and it works. But is it supported? :)
@Owen I manage an Azure AD with +30.000 users synced from 5 on-prem ADs. How many nested on-premise groups do you think exists in those AD´s that I would like to leverage in Azure AD? Many. Regards Michael
Thanks for the post , votes, and comments. We are aware of this limitation and are targeting sometime next year to improve this experience. In the meantime you can sign up for a new account in your desired country and transfer your assets to the new account via Support.
-Azure Billing Team
As suspected, I have successfully done subscription transfers between account´s with different countries/billing currency’s.
However the subscription just change currency to the target account. If it worked it would only be applicable in a scenario where you start from scratch. In a large enterprise with a little Azure history, No.
I do have more detailed information if anyone at the Azure billing team would like to see it.
You can get Azure AD logs in Log Analytics today. Check out the https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor for more info. We are working on making the Azure AD Identity Protection events log available, and we will keep you updated when we have more details.