We have this added to our product improvement backlog and will pick up as resourcing allows.
This suggestion has two parts:
1. Use default route or forced tunneling on P2S client rather than split tunneling
2. Enable Azure VPN gateway as an forward proxy to the Internet
At this point, these will be considered as long term roadmap items.
We have enabled a contains() function. We will be working on the capability to Replace().
69 votesplanned · 14 comments · Azure Active Directory » Conditional Access · Flag idea as inappropriate… · Admin →
We are working to bring in the support for Powershell 7.0 towards CY21 Q4 timeframe.
We are planning to support Powershell 7 towards CY21 End.
1,273 votes110 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
For requiring additional factors with Windows Hello for Business, please see – https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock
For why PIN is better than a password, please see https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password
For Authenticator app sign in to Azure AD, please see https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-phone-sign-in
As always, other feedback is welcome
1,657 votes126 comments · Azure Active Directory » Groups/Dynamic groups · Flag idea as inappropriate… · Admin →
Thank you for your feedback! The feature team is aware of this suggestion and will keep it under consideration. There are technical challenges to overcome in order to make this happen. Please keep the votes coming if this feature matters to you.
1,477 votes295 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
We have released the Authentication administrator and Privileged authentication administrator roles that can manage the authentication methods of the user. If you are using Azure AD Premium, consider enforcing MFA on the user using Conditional Access. We are continuing to work on other roles that will let you manage other MFA settings.
We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.
Use case A: nested group in a cloud security group inherits apps assignment
Use case B: nested group in a cloud security group inherits license assignment
Use case C: nesting groups under Office 365 groups
921 votes130 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
We’re really pleased to let you know that we’ve released the first authentication method APIs to public preview:
So far there are APIs for managing phone numbers and password resets. When phone numbers are set with the API, the user can use that number for MFA and SSPR (as allowed by your tenant’s policy).
The team is hard at work at building out APIs for all of the other authentication methods, and we’ll update the response here as they’re released.
An error occurred while saving the commentJoe commented
This would also be great for large orgs where a central group manages Office 365 (and thus users' primary identities), but other business orgs mange their team's endpoints.
We are aware of the requirement to be able to convert a synced user to cloud only and are designing that feature, but we have no timelines to share right now.
We reverted the change that would block the “hack” to delete and restore a user to change a user to “Cloud Only”.
This is currently in planning for enabling it for Azure AD joined devices, NOT for AAD DS
Multiple scenarios are still being investigated.
(We changed the status to because Started implied we were working on the feature and we did not want to represent it inaccurately. We are investigating and therefore, we are marking it under review.
625 votes84 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Assigning built-in roles, custom roles and admin unit scoped roles to cloud groups is in public preview. Thanks a ton for all the great feedback that you shared with us. Here’s the published documentation -
Next steps —> Support for on-prem groups. Stay tuned!
Abhijeet Kumar Sinha
Azure Active Directory Team
381 votes45 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Just a quick update here. We’re still actively working on support for custom roles (RBAC) across Azure AD. Stay tuned for more announcements in the next couple of months.
You can have a look at what we’ve shipped thus far (custom roles for application registration management) here – https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-custom-overview.
Azure Active Directory Team
Thanks for the continued feedback on this. We’re in planning.