Martin Wüthrich

My feedback

  1. 811 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    120 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

    Due to various technical limitations, the first iteration of the customer-owned domains functionality will not be available for a few more months. We will provide an update as soon as we can get a more specific ETA.

    If you are looking to use custom domains to use javascript, we are now looking to enable that experience by providing a new (non-customizable) domain. Please look for updates here: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/15493536-add-support-for-javascript-inside-the-custom-ui-br

    /Parakh

    Martin Wüthrich supported this idea  · 
  2. 1,819 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    400 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.

    Use case A: nested group in a cloud security group inherits apps assignment
    Use case B: nested group in a cloud security group inherits license assignment
    Use case C: nesting groups under Office 365 groups

    Martin Wüthrich supported this idea  · 
  3. 312 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Hi folks,
    Just a quick update here. We’re still actively working on support for custom roles (RBAC) across Azure AD. Stay tuned for more announcements in the next couple of months.

    You can have a look at what we’ve shipped thus far (custom roles for application registration management) here – https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-custom-overview.

    Regards,
    Vince Smith
    Azure Active Directory Team

    Martin Wüthrich supported this idea  · 
  4. 153 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  Azure Active Directory » Devices  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for your feedback. We are looking into it and evaluating different options for solving the use cases mentioned in this thread. We will update this thread once we have more information to share.

    Martin Wüthrich supported this idea  · 
    An error occurred while saving the comment
    Martin Wüthrich commented  · 

    yes, would love that too.
    the existing cmdlet Restore-AzureADMSDeletedDirectoryObject should be renamed until then, it's kind of misleading with "Objects" when it does only cover specific O365 groups

  5. 34 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory » Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    Martin Wüthrich supported this idea  · 
  6. 2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Martin Wüthrich supported this idea  · 
  7. 5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Martin Wüthrich supported this idea  · 
  8. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » B2B  ·  Flag idea as inappropriate…  ·  Admin →
    Martin Wüthrich shared this idea  · 
  9. 17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    Martin Wüthrich supported this idea  · 
  10. 54 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Azure Active Directory » B2B  ·  Flag idea as inappropriate…  ·  Admin →

    This is good feedback and is in our backlog but not currently under development. While we work on prioritizing/designing the feature, it’s helpful to hear from you how you would use this information in your scenarios. Please let us know by adding comments here.

    Thanks,
    Elisabeth

    An error occurred while saving the comment
    Martin Wüthrich commented  · 

    this would be highly needed. but please do not set an existing attribute automatically. It would be great to have an additional attribute like "InvitedBy"

    Martin Wüthrich supported this idea  · 
  11. 26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Azure Monitor-Log Analytics  ·  Flag idea as inappropriate…  ·  Admin →
    Martin Wüthrich supported this idea  · 
  12. 808 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    We’re really pleased to let you know that we’ve released the first authentication method APIs to public preview:

    https://docs.microsoft.com/graph/api/resources/authenticationmethods-overview

    So far there are APIs for managing phone numbers and password resets. When phone numbers are set with the API, the user can use that number for MFA and SSPR (as allowed by your tenant’s policy).

    The team is hard at work at building out APIs for all of the other authentication methods, and we’ll update the response here as they’re released.

    Martin Wüthrich supported this idea  · 
  13. 37 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Martin Wüthrich commented  · 

    As another contributor already suggested:
    This affects all User Accounts within a Azure AD. We need to be able to alert, if a specific user logs uses the Azure AD as an identity provider.
    If you read the following article of Microsoft carefully:
    https://support.office.com/en-us/article/protect-your-office-365-global-administrator-accounts-6b4ded77-ac8d-42ed-8606-c014fd947560
    You will find, that Microsoft recommends to use specfic, cloud only Accounts for the permanent Global Administrator assignment. And that you should avoid conditional Access on those, to make sure the Fallback Admins will work, if your Admin Account doesn't.
    So with no CA, and maybe also without MFA, we have Global Administrator Accounts with only a Password.
    This leads to the fact: We need to be alerted as fast as possible, if one of those Fallback Accounts is used for authentication, because they should not be used, until an emergency.

    Martin Wüthrich supported this idea  · 
  14. 27 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Azure Cloud Shell » PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
    Martin Wüthrich supported this idea  · 
  15. 149 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Azure Active Directory » Domain Join  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently working on this capability and will provide an update when it’s done.

    However, instead of expanding the “Additional Local administrators” setting, we will support adding AAD groups to Windows 10 local groups (.e.g Administrators, Remote Desktop Users) via MDM policy and elevate user privileges on logon. This will provide greater flexibility to assign different groups to different devices


    Ravi

    An error occurred while saving the comment
    Martin Wüthrich commented  · 

    and thus there are huge organization, and they only want to have a reasonable amount of admin per device:
    Please make the group assignment more finegrained, so that I can add only the Asia IT on the ASIA Devices. Maybe connect it with:
    Administrative Units?
    https://docs.microsoft.com/en-us/azure/active-directory/active-directory-administrative-units-management

    Martin Wüthrich supported this idea  · 
  16. 57 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    An error occurred while saving the comment
    Martin Wüthrich commented  · 

    Yes, this is highly requested. To be able to delete a Device (Azure AD Join or Device Registration), you will need to be Global Administrator.

    Martin Wüthrich supported this idea  · 
  17. 1,884 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  88 comments  ·  Azure Backup  ·  Flag idea as inappropriate…  ·  Admin →
    Martin Wüthrich supported this idea  · 

Feedback and Knowledge Base