Azure AD B2B support is in progress and expected to be available in CY20Q1
This initial iteration of B2B is scoped to support only adding guests from other Azure Government tenants and not Azure commercial
I agree with everyone else. B2B between Government and Commercial is by far more useful to my organization than just Government to Government at this point.
Although we are a government entity we have close business partners who are already invested in Azure Commercial. We have already encountered issues with sharing with, or consuming from, users within those other groups. To be specific, recently Power BI content.
Another use case is that we are consuming both Azure Government and Azure Commercial. Our enterprise AD is synced with our Azure Commercial AD that backs our Office 365 tenant. We need to be able to invite accounts from our commercial AD into our government AD so that we can leverage RBAC on government resources for those guest accounts.
337 votes46 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Just wanted to post another update that this is a high priority, but we do not have any details to announce yet.
/Stuart and Vince
45 votesstarted · 2 comments · Azure Active Directory » Azure AD Connect Health · Flag idea as inappropriate… · Admin →
Any updates on this? This is becoming a pain point for our organization because none of our support staff can see whether or not an account is currently locked out due to Extranet Smart Lockout.
350 votes44 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
The MFA team is currently working on adding get/set/read/delete abilities for StrongAuthentication data to the Graph API.
Is there any further updates on this? The lack of support for retrieving MFA data in either the Graph API or the AzureAD PowerShell module is a big shortcoming. As Microsoft encourages us to use these newer endpoints for everything else it becomes difficult to support a mixed environment when we need to have access to the MFA data still. Also we are experiencing intermittent and anomalous failures when trying to use the deprecated MSOnline PowerShell module.
We do have some capabilities in this space by using either Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews) or the newly-released-to-preview Entitlement Management feature (https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview).
If neither of those fulfill your requirements, please add a comment with your scenario for the feature to help us prioritize and design it better.
Thank you for your suggestion, we moved it to our ‘Networking’ bucket so we can review and update it. ASGs, service tags are in our immediate roadmap as well as further increasing the number of NSG rules (1k at the moment).Jeremy Brun shared this idea ·