Gerald Egan

My feedback

  1. 698 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    71 comments  ·  Azure Active Directory » Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    Gerald Egan commented  · 

    Please make this feature a priority.

    Gerald Egan supported this idea  · 
  2. 343 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    52 comments  ·  Lab Services  ·  Flag idea as inappropriate…  ·  Admin →
    Gerald Egan supported this idea  · 
  3. 254 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    40 comments  ·  Azure Active Directory » Domain Services  ·  Flag idea as inappropriate…  ·  Admin →

    CONFIRMED that NPS and Azure AD Domain Service can work with the Azure MFA NPS extension to enable MFA for RDP to virtual machines. That said, Azure Bastion Host (https://docs.microsoft.com/en-us/azure/bastion/bastion-overview) provides the same value without the additional infrastructure of NPS. We have a doc bug created to add the nuance to our documentation, which is to 1) Skip registering the NPS server and 2) ensure your network policy has “Ignore user account dial-in properties” selected.
    Leaving the topic open as we continue to investigate/validate other NPS use cases (e.g. VPN and 802.x scenarios)

    Mike Stephens
    Senior Program Manager
    Azure Identity
    IAM Core | Domain Services

    Gerald Egan supported this idea  · 
  4. 873 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gerald Egan supported this idea  · 
    Gerald Egan commented  · 

    would be nice to have this feature today seen as MFA is down for everyone worldwide...

    Gerald Egan commented  · 

    Would love this. please update asap

  5. 544 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Thank you for your feedback! The feature team is aware of this suggestion and will keep it under consideration. There are technical challenges to overcome in order to make this happen. Please keep the votes coming if this feature matters to you.

    Chen

    Gerald Egan supported this idea  · 
  6. 423 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gerald Egan supported this idea  · 
  7. 1,219 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Folks,

    Thanks for the questions and suggestions. And apologies for not sharing any update on this thread for so long. We’ve been working on this problem and have announced changes on our official team blog (see here: https://cloudblogs.microsoft.com/enterprisemobility/2016/09/15/cleaning-up-the-azure-ad-and-microsoft-account-overlap/).

    First, we are acutely aware of the UX pain this is causing and we are sorry for this. We are trying to undo a decade and a half of systems divergence. There are literally hundreds of different engineering teams across Microsoft involved in this effort. So this is taking time.

    Second, we can’t easily “merge” two accounts, or allow IT to “take over” personal Microsoft accounts. There are two main hurdles: (1) The terms of service are fundamentally different for the two account types and (2) they are based on different technologies with different stacks (different identifiers, SDKs, token formats, etc.). We’re working to converge the two stacks but again this…

    Gerald Egan supported this idea  · 

Feedback and Knowledge Base