Ben Hatton

← Customer Feedback for ACE Community Tooling

My feedback

  1. Backup Azure PaaS resources

    544 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    48 comments  ·  Azure Backup » PaaS Backup  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  2. PIM - Integrate PIM into Portal configuration of Azure Resource RBAC

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton shared this idea  · 

  3. PIM - Configure default settings for all role assignments

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    started  ·  0 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton shared this idea  · 

  4. PIM - Allow users to extend period of activation for activated eligible roles

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton shared this idea  · 

  5. Add support for nested groups in Azure AD (app access and provisioning, group-based licensing)

    1,904 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    407 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    started  ·  AdminAzure AD Team (Admin, Microsoft Azure) responded

    We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.

    Use case A: nested group in a cloud security group inherits apps assignment
    Use case B: nested group in a cloud security group inherits license assignment
    Use case C: nesting groups under Office 365 groups

    An error occurred while saving the comment
    Ben Hatton commented  · 

    CAB provided that C means Teams membership supports nested security groups as members.

    Ben Hatton supported this idea  · 

  6. Provide a lower starting cost for Front Door

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    1 comment  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  7. Frontdooor - TLS mutual authentication - X-ARR-ClientCert

    293 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    10 comments  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    triaged  ·  Adminazurecxpuservoice (Product Manager, Microsoft Azure) responded

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    Ben Hatton supported this idea  · 

  8. HTTP -> HTTPS redirect routing shouldn't count in the price

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    triaged  ·  3 comments  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  9. Azure Front Door should automatically configure custom domains on backend app services

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    triaged  ·  1 comment  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  10. Ability to skip specific rules in Font Door WAF without skipping all rules

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    1 comment  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  11. Exclusions required in config of Frontdoor WAF

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    0 comments  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton shared this idea  · 

  12. Confirguration of caching rules in Front Door

    79 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    planned  ·  1 comment  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  13. Enable OWASP secure headers on Azure FrontDoor service

    255 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    started  ·  7 comments  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  14. Enable PIM role assignment by Group membership.

    227 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    started  ·  19 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  15. OData Import

    219 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    12 comments  ·  API Management » Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  16. LinkedIn Integration: Need to control whether company users are allowed to share data with LinkedIn

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » Other  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 
    An error occurred while saving the comment
    Ben Hatton commented  · 

    This integration is problematic to say the least.

    a) consent mechanism by-passes the normal 3rd Party AAD user consent security control;
    b) consent UI does not provide full disclosure of what those permission grants mean;
    c) permissions granted to linkedin exposes wildly inappropriate sensitive data and takes consent from a person who does not own that data;
    d) linkedin branding inside the corporate boundary
    e) freely exchanges data between a service designed to protect your information and one that is designed to sell your information
    f) on by default (at least in some tenant types?)

    For those who haven't looked closely, these are the grants:

    People.Read Read users' relevant people lists Allows the app to read a ranked list of relevant people of the signed-in user. The list includes local contacts, contacts from social networking, your organization's directory, and people from recent communications (such as email and Skype).

    Calendars.Read Read user calendars Allows the app to read events in user calendars .

    So basically Linkedin will have the permissions to find out who you've been meeting and communicating with, and why. And don't forget that they have permission to read any attachments to your calendar events too.

    Providing ability to control access to data by third parties is fundamental to OAuth and AAD and this 'functionality' makes AAD a joke. This seriously damages the trust that Microsoft seemed to have been building with Azure and O365 - I wouldn't be surprised to see a run of public Data Breach notifications coming out of companies using O365.

    Remove it entirely. This fails all 6 Microsoft Privacy Principals https://privacy.microsoft.com/en-GB/

  17. Remove LinkedIn Integration

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton shared this idea  · 

  18. Extend PIM into Enterprise Application User Assignment and Roles

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton shared this idea  · 

  19. Powershell Enable PIM Role Assignment

    108 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    started  ·  7 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 

  20. Enable synchronized AD groups (or AAD groups) to map to PIM.

    105 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    started  ·  11 comments  ·  Azure Active Directory » Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Hatton supported this idea  · 
← Previous 1 3 4

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice