Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

M Simone

My feedback

  1. 29 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  5 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    M Simone commented  · 

    Hi Daniel, great to hear that MSFT is looking at this option. Any eta on when this might show up on the roadmap?

    An error occurred while saving the comment
    M Simone commented  · 

    The group Microsoft published is actually called "Office 365 (preview)". This groups all of the main O365 workloads like Onedrive, SharePoint, Exchange. This is a good step but providing the ability for customers to manage their own groups is what we really need.

    An error occurred while saving the comment
    M Simone commented  · 

    Allow the creation of custom application groups that allow us to managed our own grouping of applications for use within the Conditional Access Policies.
    MSFT released a group called "O365 apps" recently which is good, but we would love the ability to manage our own groups. It would make the management of the policies so much more flexible and efficient.

    M Simone supported this idea  · 
  2. 25 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Azure Marketplace » Feature Request  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    M Simone commented  · 

    Cisco has stated “It appears Microsoft still has not implemented support for multiple Assertion Consumer Service (ACS) URLs with index attributes on Azure’s IdP offering. You won’t be able to get SAML working on subscribers without this…. ADFS supports it but not Azure.”
    So they are kind of putting it on mSFT to support this method. Any movement on this yet?

    M Simone supported this idea  · 
  3. 7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    An error occurred while saving the comment
    M Simone commented  · 

    Either add a new role or allow customers to create their own custom role for this ability.

    Having to provide Global Admin permissions to help desk users is completely against MSFT best practices and clearly not a good idea overall.

  4. 4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    M Simone commented  · 

    We are aware of enabling MS Auth on multiple devices, but that still doesn't cover all scenarios. Having this ability to provide a temporary token with an explicit lifetime would allow MSFT to provide the same functionality that most of the other big players in this space provide.

    M Simone supported this idea  · 
  5. 293 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    M Simone supported this idea  · 
  6. 839 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    129 comments  ·  Azure Active Directory » Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
    started  ·  Azure AD Team responded

    Hi everyone,
    Thanks for your interest on this feature. This capability is still in the pipeline. The initial estimate was obviously off and we are looking at a new timeline. We are aware of the benefit of having this rollover made automatic and the interest you have on the feature, and that’s how we are looking at it while prioritizing it against other capabilities requests.
    Thanks for your patience!

    Jairo Cadena
    Principal Program Manager
    Microsoft Identity

    M Simone supported this idea  · 
  7. 1,479 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    We have released the Authentication administrator and Privileged authentication administrator roles that can manage the authentication methods of the user. If you are using Azure AD Premium, consider enforcing MFA on the user using Conditional Access. We are continuing to work on other roles that will let you manage other MFA settings.

    An error occurred while saving the comment
    M Simone commented  · 

    Agreed. We want to avoid having to elevate as Global Admin as often as possible, especially since this type of activity will most likely be given to a help desk.

    M Simone supported this idea  · 
  8. 243 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    34 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    M Simone supported this idea  · 
    An error occurred while saving the comment
    M Simone commented  · 

    Adding on to this: We need the ability to enforce MFA for "specific" apps containing sensitive data (financial, personal, etc.) on every visit, regardless of any persistent session cookies/KMSI options.
    While we tested the new preview options in Conditional Access (Sign-in frequency (Preview), Persistent browser session (Preview), they do not allow override for specific apps. In fact the persistent browser session feature only works if "all cloud apps" are selected, which is not really useful.

  9. 13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    M Simone supported this idea  · 
  10. 276 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    35 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    M Simone supported this idea  · 

Feedback and Knowledge Base