You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/fundamentals/whats-new.md
+168Lines changed: 168 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,6 +32,174 @@ Azure AD receives improvements on an ongoing basis. To stay up to date with the
32
32
This page is updated monthly, so revisit it regularly. If you're looking for items older than six months, you can find them in [Archive for What's new in Azure Active Directory](whats-new-archive.md).
33
33
34
34
35
+
## November 2022
36
+
37
+
### General Availability - use Web Sign-in on Windows for password-less recovery with Temporary Access Pass
38
+
39
+
40
+
41
+
**Type:** Changed feature
42
+
**Service category:** N/A
43
+
**Product capability:** User Authentication
44
+
45
+
For users who don't know or use a password, the Temporary Access Pass can now be used to recover Azure AD-joined PCs when the EnableWebSignIn policy is enabled on the device. For more information, see: [Authentication/EnableWebSignIn](/windows/client-management/mdm/policy-csp-authentication#authentication-enablewebsignin).
46
+
47
+
48
+
---
49
+
50
+
### Public Preview - Workload identity Federation for Managed Identities
51
+
52
+
53
+
54
+
**Type:** New feature
55
+
**Service category:** Managed identities for Azure resources
56
+
**Product capability:** Developer Experience
57
+
58
+
Developers can now use managed identities for their software workloads running anywhere, and for accessing Azure resources, without needing secrets. Key scenarios include:
59
+
60
+
- Accessing Azure resources from Kubernetes pods running on-premises or in any cloud.
61
+
- GitHub workflows to deploy to Azure, no secrets necessary.
62
+
- Accessing Azure resources from other cloud platforms that support OIDC, such as Google Cloud.
63
+
64
+
For more information, see:
65
+
-[Configure a user-assigned managed identity to trust an external identity provider (preview)](../develop/workload-identity-federation-create-trust-user-assigned-managed-identity.md)
-[Use an Azure AD workload identity (preview) on Azure Kubernetes Service (AKS)](/azure/aks/workload-identity-overview)
68
+
69
+
70
+
---
71
+
72
+
### General Availability - Authenticator on iOS is FIPS 140 compliant
73
+
74
+
75
+
76
+
**Type:** New feature
77
+
**Service category:** Microsoft Authenticator App
78
+
**Product capability:** User Authentication
79
+
80
+
Authenticator version 6.6.8 and higher on iOS will be FIPS 140 compliant for all Azure AD authentications using push multi-factor authentications (MFA), Password-less Phone Sign-In (PSI), and time-based one-time pass-codes (TOTP). No changes in configuration are required in the Authenticator app or Azure portal to enable this capability. For more information, see: [FIPS 140 compliant for Azure AD authentication](../authentication/concept-authentication-authenticator-app.md#fips-140-compliant-for-azure-ad-authentication).
81
+
82
+
83
+
---
84
+
85
+
### General Availability - New Federated Apps available in Azure AD Application gallery - November 2022
86
+
87
+
88
+
89
+
**Type:** New feature
90
+
**Service category:** Enterprise Apps
91
+
**Product capability:** 3rd Party Integration
92
+
93
+
In November 2022, we've added the following 22 new applications in our App gallery with Federation support
You can also find the documentation of all the applications from here https://aka.ms/AppsTutorial,
98
+
99
+
For listing your application in the Azure AD app gallery, please read the details here https://aka.ms/AzureADAppRequest
100
+
101
+
102
+
---
103
+
104
+
### General Availability - New provisioning connectors in the Azure AD Application Gallery - November 2022
105
+
106
+
107
+
108
+
**Type:** New feature
109
+
**Service category:** App Provisioning
110
+
**Product capability:** 3rd Party Integration
111
+
112
+
We've added the following new applications in our App gallery with Provisioning support. You can now automate creating, updating, and deleting of user accounts for these newly integrated apps:
For more information about how to better secure your organization by using automated user account provisioning, see: [Automate user provisioning to SaaS applications with Azure AD](../app-provisioning/user-provisioning.md).
118
+
119
+
120
+
---
121
+
122
+
### Public Preview - Dynamic Group Pause Functionality
123
+
124
+
125
+
126
+
**Type:** New feature
127
+
**Service category:** Group Management
128
+
**Product capability:** Directory
129
+
130
+
Admins can now pause, and resume, the processing of individual dynamic groups in the Entra Admin Center. For more information, see: [Create or update a dynamic group in Azure Active Directory](../enterprise-users/groups-create-rule.md).
131
+
132
+
133
+
---
134
+
135
+
### Public Preview - Enabling extended customization capabilities for sign-in and sign-up pages in Company Branding capabilities.
136
+
137
+
138
+
139
+
**Type:** New feature
140
+
**Service category:** Authentications (Logins)
141
+
**Product capability:** User Authentication
142
+
143
+
Update the Azure AD and Microsoft 365 sign in experience with new company branding capabilities. You can apply your company’s brand guidance to authentication experiences with pre-defined templates. For more information, see: [Configure your company branding](../fundamentals/customize-branding.md).
144
+
145
+
146
+
---
147
+
148
+
### Public Preview - Enabling customization capabilities for the Self-Service Password Reset (SSPR) hyperlinks, footer hyperlinks and browser icons in Company Branding.
149
+
150
+
151
+
152
+
**Type:** New feature
153
+
**Service category:** Directory Management
154
+
**Product capability:** Directory
155
+
156
+
Update the company branding functionality on the Azure AD/Microsoft 365 sign in experience to allow customizing Self Service Password Reset (SSPR) hyperlinks, footer hyperlinks and browser icon. For more information, see: [Configure your company branding](../fundamentals/customize-branding.md).
157
+
158
+
159
+
---
160
+
161
+
### General Availability - Soft Delete for Administrative Units
162
+
163
+
164
+
165
+
**Type:** New feature
166
+
**Service category:** B2B
167
+
**Product capability:** B2B/B2C
168
+
169
+
Administrative Units now support soft deletion. Admins can now list, view properties of, perform ad hoc hard delete, or restore deleted Administrative Units using Microsoft Graph. This functionality restores all configuration for the Administrative Unit when restored from soft delete including: memberships, admin roles, processing rules, and processing rules state.
170
+
171
+
This functionality greatly enhances recoverability and resilience when using Administrative Units. Now, when an Administrative Unit is accidentally deleted, it can be restored quickly to the same state it was at time of deletion. This removes uncertainty around how things were configured, and makes restoration quick and easy. For more information, see: [Soft deletions](../fundamentals/recover-from-deletions.md#soft-deletions).
172
+
173
+
174
+
---
175
+
176
+
### Public Preview - IPv6 coming to Azure AD
177
+
178
+
179
+
180
+
**Type:** Plan for change
181
+
**Service category:** Identity Protection
182
+
**Product capability:** Platform
183
+
184
+
With the growing adoption and support of IPv6 across enterprise networks, service providers, and devices, many customers are wondering if their users can continue to access their services and applications from IPv6 clients and networks. Today, we’re excited to announce our plan to bring IPv6 support to Microsoft Azure Active Directory (Azure AD). This will allow customers to reach the Azure AD services over both IPv4 and IPv6 network protocols (dual stack).
185
+
For most customers, IPv4 won't completely disappear from their digital landscape, so we aren't planning to require IPv6 or to de-prioritize IPv4 in any Azure Active Directory features or services.
186
+
We'll begin introducing IPv6 support into Azure AD services in a phased approach, beginning March 31, 2023.
187
+
We have guidance below which is specifically for Azure AD customers who use IPv6 addresses and also use Named Locations in their Conditional Access policies.
188
+
189
+
Customers who use named locations to identify specific network boundaries in their organization need to:
190
+
1. Conduct an audit of existing named locations to anticipate potential impact.
191
+
1. Work with your network partner to identify egress IPv6 addresses in use in your environment.
192
+
1. Review and update existing named locations to include the identified IPv6 ranges.
193
+
194
+
Customers who use Conditional Access location based policies to restrict and secure access to their apps from specific networks need to:
195
+
1. Conduct an audit of existing Conditional Access policies to identify use of named locations as a condition to anticipate potential impact.
196
+
1. Review and update existing Conditional Access location based policies to ensure they continue to meet your organization’s security requirements.
197
+
198
+
We'll continue to share additional guidance on IPv6 enablement in Azure AD at this easy to remember link https://aka.ms/azureadipv6.
199
+
200
+
201
+
---
202
+
35
203
## October 2022
36
204
37
205
### General Availability - Upgrade Azure AD Provisioning agent to the latest version (version number: 1.1.977.0)
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments