James Ellinidis (Cenitex)

My feedback

  1. 114 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    James Ellinidis (Cenitex) supported this idea  · 
  2. 165 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    James Ellinidis (Cenitex) supported this idea  · 
    An error occurred while saving the comment
    James Ellinidis (Cenitex) commented  · 

    User's having full control of their account on a trusted device is essential. See below for ideas:

    ======
    Design
    ======

    The initial screen would display the same 6 generated numbers as in the Microsoft Authentication App. Entering or tapping the 6 digits would allow the user to login as per normal.
    Below the 6 digits we would require their be either an Unlock and Reset button / Link which would then prompt the user to enter their network password on their trusted device.
    Once entered, the AD account would either unlock or display a form within the app where the user can reset their password.

    + User would have the ability to unlock and reset their password within an App
    + Once registered, the device would be on the users trusted device list and potentially would not require any other authentication.
    + Allowing users to unlock/reset their password anywhere / anytime
    + Should be able to sell/convince this to end users
    + If designed correct, MFA and SSPR would be within the same single app – 2 in 1 Solution.

  3. 385 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    James Ellinidis (Cenitex) supported this idea  · 
  4. 156 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Azure Active Directory » Domain Join  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently working on this capability and will provide an update when it’s done.

    However, instead of expanding the “Additional Local administrators” setting, we will support adding AAD groups to Windows 10 local groups (.e.g Administrators, Remote Desktop Users) via MDM policy and elevate user privileges on logon. This will provide greater flexibility to assign different groups to different devices


    Ravi

    James Ellinidis (Cenitex) supported this idea  · 

Feedback and Knowledge Base