Security and Assurance

Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Security and compliance in datacenters, private cloud and hosting environments.
  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow to set user rights for windows services in services.msc

    Please add a "Security" tab for services in services.msc to be able to give specific users/groups the right to start and stop a service.

    This would make it easier to have less users with admin priviledges on the systems.

    Currently I have to use process explorer to archive this.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow (g)MSA accounts to be used with task scheduler gui

    Currently you have to use PowerShell to set a (g)MSA account in task scheduler. This is not very user friendly. After every change in the GUI you have to enter valid credentials - but you can't specify a (g)MSA. So you have to enter a dummy account and change it to the (g)MSA later with Powershell :/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  3. ADFS Management Console missing from RSAT

    As Windows Server 2016 Core no longer supports Minimal UI I setup a management server for remote management. Installed all the management tools, but not there is no MMC for ADFS.

    63 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  4. Provide easy to use PowerShell cmdlets for managing File and folder permissions (ACLs)

    PowerShell Get-Acl and Set-Acl (to set permissions on folders/files) currently in Windows Server are extremely hard to use and do not offer nearly the same level of functionality in older commands like ICACLS.EXE. It would be great if you could manage ACLs for folders and files using an easier to use set of PowerShell cmdlets, like we can do with SMB shares. Something like Get-ItemAccess, Grant-ItemAccess, Revoke-ItemAccess, Deny-ItemAccess and Remove-ItemAccess would be great!

    54 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  5. Make a SUDO equivalent for elevating to an Administrator without runas.

    Runas works OK, but SUDO on Linux works well for allowing administrators to elevate for a one time only commands.

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  6. Fix secedit in nano server

    secedit is broken in nano server (checked both TP3 and TP4) and it simply doesn't work. I have asked about it @nano server forum as well without any response so far.
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/894a3a8f-64f4-4605-b1ff-9698a53814db/issues-running-secedit-on-nano-server?forum=NanoServer

    There is absolutely no way to harden a nano server once it is deployed. can it be fixed? or is there new way to work with local security policy on nano server that I am unaware of?

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide native PowerShell cmdlets for managing local security policy

    There is no way to either view or manage local security policy using PowerShell. It is possible to install a utility such as secedit.exe and make calls out to it, but this should be functionality that resides within native PowerShell cmdlets.
    This would greatly ease server management, and in particular allow for viewing settings that would otherwise not be available to people without using a GUI tool.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management tools  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base