3 votesChris shared this idea ·
Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature
An error occurred while saving the commentChris commented
Hi, any further updates on the status of this ? as you mentioned in December that you hoped to make this available over the next couple of months
We’ve started work on this, focused on policy based on IP range.
Thanks for the feedback, we are working on enabling ASG references across subscriptions/VNets, it’s currently on our plans
26 votes3 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
Multiple scenarios are still being investigated.
(We changed the status to because Started implied we were working on the feature and we did not want to represent it inaccurately. We are investigating and therefore, we are marking it under review.
625 votes84 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Assigning built-in roles, custom roles and admin unit scoped roles to cloud groups is in public preview. Thanks a ton for all the great feedback that you shared with us. Here’s the published documentation -
Next steps —> Support for on-prem groups. Stay tuned!
Abhijeet Kumar Sinha
Azure Active Directory Team
381 votes45 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Just a quick update here. We’re still actively working on support for custom roles (RBAC) across Azure AD. Stay tuned for more announcements in the next couple of months.
You can have a look at what we’ve shipped thus far (custom roles for application registration management) here – https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-custom-overview.
Azure Active Directory Team
921 votes130 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
We’re really pleased to let you know that we’ve released the first authentication method APIs to public preview:
So far there are APIs for managing phone numbers and password resets. When phone numbers are set with the API, the user can use that number for MFA and SSPR (as allowed by your tenant’s policy).
The team is hard at work at building out APIs for all of the other authentication methods, and we’ll update the response here as they’re released.
1,477 votes295 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
We have released the Authentication administrator and Privileged authentication administrator roles that can manage the authentication methods of the user. If you are using Azure AD Premium, consider enforcing MFA on the user using Conditional Access. We are continuing to work on other roles that will let you manage other MFA settings.
We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.
Use case A: nested group in a cloud security group inherits apps assignment
Use case B: nested group in a cloud security group inherits license assignment
Use case C: nesting groups under Office 365 groups
Custom RBAC is supporting the management groups scope with a few limitations. The MG team and Identity teams are working on removing these limitations but no timeline is available yet.
1,659 votes126 comments · Azure Active Directory » Groups/Dynamic groups · Flag idea as inappropriate… · Admin →
Thank you for your feedback! The feature team is aware of this suggestion and will keep it under consideration. There are technical challenges to overcome in order to make this happen. Please keep the votes coming if this feature matters to you.
18 votes3 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Hi, thank you for your feedback. This is something we are discussing.
/Stuart and Balaji