AdminAzure AD Team (Product Manager, Microsoft Azure)

My feedback

  1. 309 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Folks,
    We are working on it. There is an elevation of privilege concern associated with this feature. If a group is assigned a role, any IT admin who can manage group membership can indirectly manage the membership of that role. So, we have to ensure that the feature is secure.

    Stay tuned!

    Regards,
    Abhijeet Kumar Sinha
    Azure Active Directory Team

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    RE: "High Priority? Request has been posted 2,5 years ago?! Come on Microsoft, this is ridiculous"

    Ugh, you are right to be frustrated with us here. I'm not happy with the pace of progress on assigning groups as members of roles, either. It is a high priority for us, but it's proving more difficult for reasons that aren't obvious.

    I appreciate everyone who has taken the time to provide feedback. It is valuable, and we take it into account in our planning and prioritization process.

    Vince

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    RE: "High Priority? Request has been posted 2,5 years ago?! Come on Microsoft, this is ridiculous"

    Ugh, you are right to be frustrated with us here. I'm not happy with the pace of progress on assigning groups as members of roles, either. It is a high priority for us, but it's proving more difficult for reasons that aren't obvious.

    I appreciate everyone who has taken the time to provide feedback. It is valuable, and we take it into account in our planning and prioritization process.

    Vince

  2. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  2 comments  ·  Azure Active Directory » Role-based Access Control  ·  Flag idea as inappropriate…  ·  Admin →
    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Hi. Thank you for the feedback! We are working on support for custom roles in Azure AD now. It's a fairly large feature, so we're enabling it first for application management, then user and group management, device management, etc. We won't get to the specific permissions for managing security alerts for a bit, but we will get there. I've made a note of this specific ask to track in our backlog.

    Best regards,
    Vince Smith
    Principal Program Manager
    Microsoft Azure Active Directory

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Hi. Thank you for the feedback! We are working on support for custom roles in Azure AD now. It's a fairly large feature, so we're enabling it first for application management, then user and group management, device management, etc. We won't get to the specific permissions for managing security alerts for a bit, but we will get there. I've made a note of this specific ask to track in our backlog.

    Best regards,
    Vince Smith
    Principal Program Manager
    Microsoft Azure Active Directory

  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Hey Oscar,
    I need a clarification on your scenario.
    1. Do you want to know when a role was last assigned to a user for auditing purpose?
    Or
    2. Do you want to know when a role's permission or name was modified?

  4. 36 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Just to provide an update, we have not forgotten about this. We're working away on our backlog and still plan to add support for this.

    Thanks everyone for your votes here.

    Cheers,
    Vince

  5. 271 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    We have released a public preview of custom roles with support for a handful of permissions related to managing application registrations. We’re now working on support for enterprise application management permissions, and will continue to release more permissions iteratively over time.

    https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-custom-overview

    We very much appreciate all of your feedback here. We’re not done yet, so please keep letting us know what you think and where we can improve.

    Regards,
    Vince Smith
    Azure Active Directory team

    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Hi folks,
    Very much appreciate the feedback here. Just wanted to provide an update - we are actively working on custom roles support for Azure AD. It's a big project, but we are making good progress. Thanks for your patience!

    Vince

Feedback and Knowledge Base