Currently, we are not aware of any plans from Windows Server for this capability. We’ll continue to work with Windows Server to revisit this in the near future
Thanks for the idea.
52 votes3 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
16 votes1 comment · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
70 votes10 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
There is planned work to address this scenario. We don’t feel that backup codes provide a good security option as they’re often misplaced. Also, it’s hard to have users print them out and have them when they’re needed. Instead, we are looking at a time-limited passcode that could be generated either by the user (just in time when it’s needed) or by an admin (for example a helpdesk agent). The organization admin would have control over when a user could generate these codes. The code can be used for a limited time, then it will no longer be valid.
Note – for areas with limited cellphone connectivity (or roaming charges), the code generated in the authenticator app will allow MFA login. The time-limited passcode is meant to stand in if the user temporarily forgot/lost their phone.
Ok, any info and ETA when will Azure AD > One-time bypass, work also without need for on-prem MFA server ?
Thanks for the feedback! We are interested in collecting feedback on this request – please vote for it if this is something you like to see.
We’re also interested in learning more what people want to use the SFTP/FTPS for and which protocol they prefer. Please feel free to leave us a comment letting us know more detail!
Program Manager, Azure Files
We recently announce the General Availability of Azure Active Directory Domain Services (Azure AD DS) authentication for Azure Files! By enabling integration with Azure AD DS, you can mount your Azure file share over SMB using Azure AD credentials from Azure AD DS domain joined Windows VMs with NTFS ACLs enforced. For more details, please refer to our blog post:http://aka.ms/azure-file-aadds-authentication-ga-blog.
A part of the GA announcement, we shared the upcoming plan to extend the authentication support to Active Directory (AD) either hosted on-premises or in cloud. If you need an Azure Files solution with AD authentication today, you can consider installing Azure File Sync (AFS) on your Windows File Servers where AD integration is fully supported.
If you are interested to hear future updates on Azure Files Active Directory Authentication, please complete this sign-up survey:https://aka.ms/AzureFilesADAuthPreviewSurvey.
Azure Files Team
You can now use the Azure CDN to access blobs with custom domains over HTTPS. See the following article for instructions on how to do so: https://docs.microsoft.com/en-us/azure/storage/storage-https-custom-domain-cdn. Having talked to a number of customers, we concluded that this solution addresses many scenarios where the need for HTTPS access to blobs with custom domains exists.
Native Azure Storage support for using SSL to access blobs at custom domains is still on our backlog. We would love to hear about your scenarios where using the Azure CDN is not an acceptable solution, either by posting on this thread or sending us an email at firstname.lastname@example.org.
We have created samples to do this in custom policies here:
While we realize this is only works for custom policies (the part where you can track versions of consent), we currently don’t have plans to implement this in built in policies.
I also confirm, that according to EU GDPR; users needs to select checkbox and mark as "I agree" on terms. This action also needs to be logged. It must be prior or during the registration process on AAD B2C. So what about this feature?
We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?
We are using B2C and are using Groups for permissions. In regular AAD is fine, but in B2C we need to have groups inside claims. This is more than 2 and half year old topic. Still now progress :(
This is possible through custom policies (see documentation below). We are planning to bring it into built-in policies within the next 6 months.
106 votesunder review · 2 comments · Networking » Content Delivery Network · Flag idea as inappropriate… · Admin →
We have been considering all of the risks and investigating the steps required to ensure we implement this feature with high positive impact and low to no negative impact.
After this investigation we have decided we will enable Pay-As-You-Go customers the option to configure a spending limit on a Pay-As-You-Go subscription, with appropriate safeguards and measures to prevent both service abuse and production service failure.
We have not yet finished determining the details of what this feature will look like, nor do we have a timeline for release, but we have heard your voices and have added this feature to our backlog.
Thanks for your continued feedback,
-Adam (Azure Billing Team)
I am also interested in opt-in for CSP Azure subscription spending limit. To have hard / financial limit . After reaching the limit to automatically guarantee azure subscription is suspended / no further costs for end-customer should be generated.
Using the Linux Agent for OMS you can forward syslog to a Linux server and then have it send the syslog to OMS.
Is this sufficient for what you want to do?
Hi, if you build Linux Agent for OMS, that can forward syslog and SNMP to the OMS - this is fine.
However you need to support standard Linux packages (Debian, CentOS/RHEL etc.)
Also, this is not enough for some other devices, kind of IoT, or networking equipment, where you can not install your OMS Agent, it just simply supports the basic Syslog messages and SNMP monitoring, so direct supporting this protocols would be the best.