Learn about important Azure product updates, roadmap, and announcements. Subscribe to notifications to stay informed.
We are changing our Azure Active Directory (Azure AD) sign-in behavior to make room for new authentication methods and improve usability. During sign-in, Azure AD determines where a user needs to authenticate. Azure AD makes intelligent decisions by reading organization and user settings for the username entered on the sign-in page. This is a step towards a password-free future that enables additional credentials like FIDO 2.0.
Target availability: Q2 2019
We're updating the Microsoft 365 sign-in page for Azure Active Directory (Azure AD) to add a new sign-in options link. This link will be added only to sign-in pages that accept personal Microsoft accounts.
Securely tap into the rich workforce identity and organization data present in Workday and automate inbound user provisioning into Active Directory and Azure AD.
Scalably assign Microsoft service licenses to groups of users rather than individuals in Azure AD.
Azure AD activity logs integration with Azure Monitor Diagnostics and Azure Log Analytics is in public preview
Gain insights from Azure AD user activity logs stored in an Azure storage account and streamed to your preferred SIEM or custom environment, or integration with Azure Log Analytics tools directily in the Azure portal.
The ability to forward your Azure Active Directory logs to Azure Log Analytics is now available.
Identify and remediate directory errors caused by duplicate user attributes and orphaned objects, which complicate synchronizing your AD and Azure AD hybrid identity environment.
System-assigned Managed Identity for Virtual Machines and Virtual Machine Scale Sets is now available
Use a system assigned managed identity with a Virtual Machine and Virtual Machine Scale Sets.
Self-service password reset from the Windows 10 sign in for hybrid domain joined devices is now available
Windows 10 devices that are domain-joined to both on-premises AD and cloud Azure AD allow user self-service password reset from the sign in screen.
Users with an Azure AD account can now reset their password from the sign in screen of devices using the Windows 7, 8, and 8.1 operating systems.
Migrate users from federated authentication to Azure AD cloud authentication in groups or phases and manage from the Azure AD portal.
Virtual network peering is now available for virtual networks that belong to subscriptions in different Azure Active Directory tenants.
Azure Databricks now supports Azure Active Directory (Azure AD) conditional access, which allows administrators to control where and when users are permitted to sign in to Azure Databricks. Some of the common concerns this addresses include restricted sign-in access, limited network location access, managing the type of device access as well as restricted access to client applications.
Azure Files Azure AD Integration for SMB access using Azure AD Domain Services is now available in preview.
This feature adds browser support when using application-based conditional access on iOS and Android in the Azure portal.
Set Azure Active Directory conditional access policies based on user country code.
Azure AD conditional access support for limited access with Microsoft Cloud App Security is now available
Azure AD conditional access is now able to provide you with in-session controls to enable limited access within SaaS apps.
Azure Active Directory conditional access now has the ability to add custom controls.
This feature enables IT to administrator manage identities for B2B guest access via app proxy to on-prem apps which requires an on-premises account.