117 votes16 comments · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
Hi folks! Thank you for your feedback. We don’t yet have plans to release this feature, but we are still considering it. We will update you if anything changes.
This work is still in the plan, we don’t have an update on an eta at this point.
We do have some capabilities in this space by using either Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews) or the newly-released-to-preview Entitlement Management feature (https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview).
If neither of those fulfill your requirements, please add a comment with your scenario for the feature to help us prioritize and design it better.
We hear you loud and clear! We know this is a frequent ask and we do have this on our backlog. Unfortunately, I don’t have a timeline to share right now.
Multiple scenarios are still being investigated.
(We changed the status to because Started implied we were working on the feature and we did not want to represent it inaccurately. We are investigating and therefore, we are marking it under review.
Currently, you can use “App Registration” blade in the Azure Portal (outside of the Azure AD B2C blades) to register an apps that define application permission and the register apps that use client credentials to request these. The caveat is that this is done using the same mechanism that you’d use in regular Azure AD.
Ideally we’d have a first class experience for this in the Azure AD B2C blades or at least have an Azure doc that walks you through the experience I just summarized, so I’m leaving this feature ask open.
It would be great if you guys can add comments with your feedback. What scenarios areyou trying to achieve? Does the approach above help you achieve what you want to achieve? Does the experience to do so work for you guys and if not, what would you like to see?
Thanks for the continued feedback on this. We’re in planning.
We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.
Use case A: nested group in a cloud security group inherits apps assignment
Use case B: nested group in a cloud security group inherits license assignment
Use case C: nesting groups under Office 365 groups
Thanks for the feedback! We will look into this and share an update when we have more information.
1,114 votes98 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
For requiring additional factors with Windows Hello for Business, please see – https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock
For why PIN is better than a password, please see https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password
For Authenticator app sign in to Azure AD, please see https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-phone-sign-in
As always, other feedback is welcome
An error occurred while saving the commentArindam Laha commented
Could we propose using the Microsoft Authenticator mobile app for workstation login when using a domain - joined or a Hybrid AD joined machine. It will accelerate the adoption of MFA in the organization.
Thanks in advance.
961 votes123 comments · Azure Active Directory » User Creation, Deletion, and Profile Management · Flag idea as inappropriate… · Admin →
Thank for letting us know this is important to you. This is something we are considering, but there is no timeline yet. We would love to hear more about the specific scenarios that this is needed for, so keep providing info.
1,511 votes120 comments · Azure Active Directory » Groups/Dynamic groups · Flag idea as inappropriate… · Admin →
Thank you for your feedback! The feature team is aware of this suggestion and will keep it under consideration. There are technical challenges to overcome in order to make this happen. Please keep the votes coming if this feature matters to you.
We’ve recently picked up this work again and apologize for the lack of updates.
The approach we previously pursued did not work well and we’re re-pivoting to a different solution that will enable custom domains to be easier to set up and manage.
We hope to have this ready for a public preview late-2020 or early-2021.
31 votes2 comments · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
Thank you for your feedback! This is a great idea and we will look into adding this feature. Keep voting!
55 votes8 comments · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
Thank you for your feedback! We are still considering this feature and would love to get more feedback on this. Do you want just a text box? Does it need to be localized? What type of information would you include?
3 votes1 comment · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
6 votes0 comments · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
5 votes0 comments · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
8 votes0 comments · Azure Active Directory » Self-Service Password Reset · Flag idea as inappropriate… · Admin →
We are aware of the requirement to be able to convert a synced user to cloud only and are designing that feature, but we have no timelines to share right now.
We reverted the change that would block the “hack” to delete and restore a user to change a user to “Cloud Only”.