You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/fundamentals/whats-new.md
+191Lines changed: 191 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,6 +32,197 @@ Azure AD receives improvements on an ongoing basis. To stay up to date with the
32
32
This page is updated monthly, so revisit it regularly. If you're looking for items older than six months, you can find them in [Archive for What's new in Azure Active Directory](whats-new-archive.md).
33
33
34
34
35
+
## December 2022
36
+
37
+
### Public Preview - Windows 10+ Troubleshooter for Diagnostic Logs
38
+
39
+
40
+
41
+
**Type:** New feature
42
+
**Service category:** Audit
43
+
**Product capability:** Monitoring & Reporting
44
+
45
+
This feature analyzes uploaded client-side logs, also known as diagnostic logs, from a Windows 10+ device that is having an issue(s) and suggests remediation steps to resolve the issue(s). Admins can work with end user to collect client-side logs, and then upload them to this troubleshooter in the Entra Portal. For more information, see: [Troubleshooting Windows devices in Azure AD](../devices/troubleshoot-device-windows-joined.md).
46
+
47
+
48
+
---
49
+
50
+
### General Availability - Multiple Password-less Phone Sign-in for iOS Devices
51
+
52
+
53
+
54
+
**Type:** New feature
55
+
**Service category:** Authentications (Logins)
56
+
**Product capability:** User Authentication
57
+
58
+
End users can now enable password-less phone sign-in for multiple accounts in the Authenticator App on any supported iOS device. Consultants, students, and others with multiple accounts in Azure AD can add each account to Microsoft Authenticator and use password-less phone sign-in for all of them from the same iOS device. The Azure AD accounts can be in the same tenant or different tenants. Guest accounts are not supported for multiple account sign-in from one device.
59
+
60
+
61
+
End users are not required to enable the optional telemetry setting in the Authenticator App. For more information, see: [Enable passwordless sign-in with Microsoft Authenticator](../authentication/howto-authentication-passwordless-phone.md).
62
+
63
+
64
+
---
65
+
66
+
### Public Preview(refresh) - Updates to Conditional Access templates
Conditional Access templates provide a convenient method to deploy new policies aligned with Microsoft recommendations. In total, there are 14 Conditional Access policy templates, filtered by five different scenarios; secure foundation, zero trust, remote work, protect administrators, and emerging threats.
75
+
76
+
In this Public Preview refresh, we have enhanced the user experience with an updated design and added four new improvements:
77
+
78
+
- Admins can create a Conditional Access policy by importing a JSON file.
79
+
- Admins can duplicate existing policy.
80
+
- Admins can view more detailed policy information.
81
+
- Admins can query templates programmatically via MSGraph API.
82
+
83
+
84
+
For more information, see: [Conditional Access templates (Preview)](../conditional-access/concept-conditional-access-policy-common.md).
85
+
86
+
87
+
---
88
+
89
+
### Public Preview - Enabling customization capabilities for the conditional error messages in Company Branding.
90
+
91
+
92
+
93
+
**Type:** New feature
94
+
**Service category:** Other
95
+
**Product capability:** End User Experiences
96
+
97
+
Updates to the Company Branding functionality on the Azure AD/Microsoft 365 login experience, to allow customizing conditional access (CA) error messages. For more information, see: [Company Branding](../fundamentals/customize-branding.md).
98
+
99
+
100
+
---
101
+
102
+
### Public Preview - Admins can restrict their users from creating tenants
103
+
104
+
105
+
106
+
**Type:** New feature
107
+
**Service category:** User Access Management
108
+
**Product capability:** User Management
109
+
110
+
The ability for users to create tenants from the Manage Tenant overview has been present in Azure AD since almost the beginning of the Azure portal. This new capability in the User Settings blade allows admins to restrict their users from being able to create new tenants. There is also a new [Tenant Creator](../roles/permissions-reference.md#tenant-creator) role to allow specific users to create tenants. For more information, see [Default user permissions](../fundamentals/users-default-permissions.md#restrict-member-users-default-permissions).
111
+
112
+
113
+
---
114
+
115
+
### General availability - Consolidated App launcher (My Apps) settings and new preview settings
116
+
117
+
118
+
119
+
**Type:** New feature
120
+
**Service category:** My Apps
121
+
**Product capability:** End User Experiences
122
+
123
+
We have consolidated relevant app launcher settings in a new App launchers section in the Azure and Entra portals. The entry point can be found under Enterprise applications, where Collections used to be. You can find the Collections blade by selecting App launchers. In addition, we have added a new App launchers Settings blade. This blade has some settings you may already be familiar with like the Microsoft 365 settings. The new Settings blade also has controls for previews. As an admin, you can choose to try out new app launcher features while they are in preview. Enabling a preview feature means that the feature is turned on for your organization, and will be reflected in the My Apps portal and other app launchers for all of your users. To learn more about the preview settings, see: [End-user experiences for applications](../manage-apps/end-user-experiences.md).
124
+
125
+
126
+
---
127
+
128
+
### Public preview - Converged Authentication Methods Policy
129
+
130
+
131
+
132
+
**Type:** New feature
133
+
**Service category:** MFA
134
+
**Product capability:** User Authentication
135
+
136
+
The Converged Authentication Methods Policy enables you to manage all authentication methods used for MFA and SSPR in one policy, migrate off the legacy MFA and SSPR policies, and target authentication methods to groups of users instead of enabling them for all users in the tenant. For more information, see: [Manage authentication methods for Azure AD](../authentication/concept-authentication-methods-manage.md).
137
+
138
+
139
+
---
140
+
141
+
### General Availability - Administrative unit support for devices
142
+
143
+
144
+
145
+
**Type:** New feature
146
+
**Service category:** Directory Management
147
+
**Product capability:** AuthZ/Access Delegation
148
+
149
+
You can now use administrative units to delegate management of specified devices in your tenant by adding devices to an administrative unit, and assigning built-in and custom device management roles scoped to that administrative unit. For more information, see: [Device management](../roles/administrative-units.md#device-management).
150
+
151
+
152
+
---
153
+
154
+
### Public Preview - Frontline workers using shared devices can now use Edge and Yammer apps on Android
155
+
156
+
157
+
158
+
**Type:** New feature
159
+
**Service category:** N/A
160
+
**Product capability:** SSO
161
+
162
+
Companies often provide mobile devices to frontline workers that need to be shared between shifts. Microsoft’s shared device mode allows frontline workers to easily authenticate by automatically signing users in and out of all the apps that have enabled this feature. In addition to Microsoft Teams and Managed Home Screen being generally available, we are excited to announce that Edge and Yammer apps on Android are now in Public Preview.
163
+
164
+
For further guidance on deploying frontline solutions, see: [frontline deployment documentation](https://aka.ms/frontlinewhitepaper).
165
+
166
+
167
+
For more information on shared-device mode, see: [Azure Active Directory Shared Device Mode documentation](../develop/msal-android-shared-devices.md#microsoft-applications-that-support-shared-device-mode).
168
+
169
+
170
+
For steps to setup shared device mode with Intune, see: [Intune setup blog](https://techcommunity.microsoft.com/t5/intune-customer-success/enroll-android-enterprise-dedicated-devices-into-azure-ad-shared/ba-p/1820093).
171
+
172
+
173
+
---
174
+
175
+
### Public preview - New provisioning connectors in the Azure AD Application Gallery - December 2022
176
+
177
+
178
+
179
+
**Type:** New feature
180
+
**Service category:** App Provisioning
181
+
**Product capability:** 3rd Party Integration
182
+
183
+
We've added the following new applications in our App gallery with Provisioning support. You can now automate creating, updating, and deleting of user accounts for these newly integrated apps:
For more information about how to better secure your organization by using automated user account provisioning, see: [Automate user provisioning to SaaS applications with Azure AD](../app-provisioning/user-provisioning.md).
189
+
190
+
191
+
---
192
+
193
+
### General Availability - On-premises application provisioning
194
+
195
+
196
+
197
+
**Type:** Changed feature
198
+
**Service category:** Provisioning
199
+
**Product capability:** Outbound to On-premises Applications
200
+
201
+
Azure AD supports provisioning users into applications hosted on-premises or in a virtual machine, without having to open up any firewalls. If your application supports [SCIM](https://techcommunity.microsoft.com/t5/identity-standards-blog/provisioning-with-scim-getting-started/ba-p/880010), or you've built a SCIM gateway to connect to your legacy application, you can use the Azure AD Provisioning agent to [directly connect](../app-provisioning/on-premises-scim-provisioning.md) with your application and automate provisioning and deprovisioning. If you have legacy applications that don't support SCIM and rely on an [LDAP](../app-provisioning/on-premises-ldap-connector-configure.md) user store, or a [SQL](../app-provisioning/tutorial-ecma-sql-connector.md) database, Azure AD can support those as well.
202
+
203
+
204
+
---
205
+
206
+
### General Availability - New Federated Apps available in Azure AD Application gallery - December 2022
207
+
208
+
209
+
210
+
**Type:** New feature
211
+
**Service category:** Enterprise Apps
212
+
**Product capability:** 3rd Party Integration
213
+
214
+
In December 2022 we have added the following 44 new applications in our App gallery with Federation support
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments