What's New in Azure Active Directory for November 2022

Reading Time: 3 minutes

Azure Active Directory

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for November 2022:


What’s Planned

IPv6 coming to Azure AD Public Preview

Service category: Identity Protection
Product capability: Platform

With the growing adoption and support of IPv6 across enterprise networks, service providers, and devices, many customers are wondering if their users can continue to access their services and applications from IPv6 clients and networks. This month, Microsoft is excited to announce their plan to bring IPv6 support to Azure AD. This will allow organizations to reach the Azure AD services over both IPv4 and IPv6 network protocols (dual stack).

For most organizations, IPv4 won't completely disappear from their digital landscape, so Microsoft isn’t planning to require IPv6 or to de-prioritize IPv4 in any Azure AD features or services.

Microsoft will begin introducing IPv6 support into Azure AD services in a phased approach, beginning March 31, 2023.


What’s New

Workload Identity Federation for Managed Identities Public Preview

Service category: Managed identities for Azure resources
Product capability: Developer Experience

Developers can now use Managed Identities (MIs) for their software workloads running anywhere, and for accessing Azure resources, without needing secrets. Key scenarios include:

  • Accessing Azure resources from Kubernetes pods running on-premises or in any cloud.
  • GitHub workflows to deploy to Azure, no secrets necessary.
  • Accessing Azure resources from other cloud platforms that support OIDC, such as Google Cloud.


Dynamic Group pause functionality Public Preview

Service category: Group Management
Product capability: Directory

Admins can now pause, and resume, the processing of individual dynamic groups in the Entra Admin Center.


Enabling customization capabilities for the Self-Service Password Reset (SSPR) hyperlinks, footer hyperlinks and browser icons in Company Branding Public Preview

Service category: Directory Management
Product capability: Directory

This feature updates the company branding functionality on the Azure AD and Microsoft 365 sign in experience to allow customizing Self Service Password Reset (SSPR) hyperlinks, footer hyperlinks and browser icon.


Enabling extended customization capabilities for sign-in and sign-up pages in Company Branding capabilities Public Preview

Service category: Authentications (Logins)
Product capability: User Authentication

This feature updates the Azure AD and Microsoft 365 sign in experience with new company branding capabilities. Admins can apply the organization’s brand guidance to authentication experiences with pre-defined templates.


Authenticator on iOS is FIPS 140 compliant General Availability

Service category: Microsoft Authenticator App
Product capability: User Authentication

Authenticator version 6.6.8, and higher, on iOS is FIPS 140 compliant for all Azure AD authentications using push multi-factor authentications (MFA), Password-less Phone Sign-In (PSI), and time-based one-time pass-codes (TOTP). No changes in configuration are required in the Authenticator app or Azure portal to enable this capability.


Soft Delete for Administrative Units General Availability

Service category: Directory Management
Product capability: Directory

Administrative Units (AUs) now support soft deletion. Admins can now list, view properties of, or restore deleted AUs using the Microsoft Graph. This functionality restores all configuration for the AU when restored from soft delete, including memberships, admin roles, processing rules, and processing rules state.

This functionality greatly enhances recoverability and resilience when using AUs. Now, when an AU is accidentally deleted it can be restored quickly to the same state it was at time of deletion-removing uncertainty around how things were configured and making restoration quick and easy.


New provisioning connectors in the Azure AD Application Gallery

Service category: App Provisioning
Product capability: 3rd Party Integration

We've added the following new applications in our App gallery with Provisioning support. You can now automate creating, updating, and deleting of user accounts for these newly integrated apps:


New Federated Apps available in Azure AD Application gallery

Service category: Enterprise Apps
Product capability: 3rd Party Integration

In November 2022, Microsoft has added the following 22 new applications to the Azure AD App gallery with Federation support:


What’s Changed

Use Web Sign-in on Windows for password-less recovery with Temporary Access Pass General Availability

Service category: N/A
Product capability: User Authentication

For users who don't know or use a password, the Temporary Access Pass (TAP) can now be used to recover Azure AD-joined devices when the EnableWebSignIn policy is enabled on the device.

Author: Sander Berkouwer

Sander Berkouwer is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.