John Del Forno

My feedback

  1. 66 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Lighthouse  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
  2. 10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » Other  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
  3. 5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory » Other  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    Manifest can be updated via Graph API now.

    The AppRoles can also be updated via PowerShell.

  4. 11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory » Other  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    Simply adding Tags to this area of Azure would solve this issue.

    John Del Forno supported this idea  · 
  5. 14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Azure Active Directory » Other  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
  6. 51 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
  7. 10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    Tags in general across Azure AD would be optimal.

    John Del Forno supported this idea  · 
  8. 5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Networking » Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    A lot of resources now support Managed Identities, which should be able to be used in Security Groups in general, might be worth looking into?

  9. 255 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    32 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

    Given that a Azure AD B2C tenant should only be used for configuring Azure AD B2C, would having programmatic API’s to configure all of the Azure AD B2C settings be useful or is there more that you are looking to achieve using ARM templates?

    /Parakh

    An error occurred while saving the comment
    John Del Forno commented  · 

    AzureAD should be manageable via ARM template as a whole, not just B2C.

    Especially from an MSP perspective and in B2C's case, due to Data Sovereignty.

    It's a rather large pain to need to create different B2C tenants in different countries to ensure localised data account, then making a change to the offering as a whole and needing to re-apply that change multiple times.

    Yes, the Graph API is there, however, that requires even more work to update and maintain, where as the ARM engine would do it natively.

  10. 90 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Azure Active Directory  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    A lot of issues would be resolved for us if Enterprise / Registered Applications - including the manifest file - could be maintained under source control rather than having to execute an API/PowerShell call.

    John Del Forno supported this idea  · 
  11. 36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Automation » Other  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    Make use of a Logic App or the MS Graph API to call create and send an email?

  12. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure portal » Dashboards + tiles  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
    An error occurred while saving the comment
    John Del Forno commented  · 

    Effectively integrating parts of Power BI into the Dashboard would make it beyond powerful.

    Filter drill downs, linking data etc.

  13. 35 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory » PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    Yet another case of what we see in the portal, isn't what we see in the Graph API.

    Inconsistency isn't a good thing and it makes developing anything for the Azure platform a rather large headache.

    John Del Forno supported this idea  · 
  14. 1,057 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    91 comments  ·  Azure Active Directory » Authentication  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback, we’re currently reviewing this capability to see how we can support RADIUS auth on NPS specifically, for AAD Joined Windows 10 devices to authenticate to WiFi access points

    If there are scenarios beyond the above, please provide the details in the comments


    Ravi

    John Del Forno supported this idea  · 
  15. 910 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    John Del Forno supported this idea  · 
  16. 1,674 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    94 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

    We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.

    That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.

    Apologies for the delay.

    /Parakh


    Old message:
    We’re doing some research both on the specifics of this ask as well as what it would take to support this.
    Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?

    An error occurred while saving the comment
    John Del Forno commented  · 

    Sorry @parakh, this isn't a work around.

    I don't want admins of the B2C directory to need to have access to the parent directory to administer groups.

    Nor can I allow them to have Graph API Access to the parent directory, as the current permissions grant access to all groups, not predefined or prefixed groups.

  17. 225 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
  18. 297 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    76 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    John Del Forno supported this idea  · 
    An error occurred while saving the comment
    John Del Forno commented  · 

    Went to sign up for this today, there's availability for Christmas Island but not Australia.

    That's a bit ridiculous.

  19. 43 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Azure Active Directory » Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    John Del Forno commented  · 

    Given this is already available from ADFS, to state on the documentation page that it's not possible is rather ridiculous.

    If the Graph API can access it, the internal workings of Azure AD should be able to send through relevant groups on the SAML Assertion without issue.

    John Del Forno supported this idea  · 

Feedback and Knowledge Base