The Get-ADUser cmdlet should optionally return a "PasswordExpirationDate" attribute that is derived from "msDS-UserPasswordExpiryTimeComputed" and shown in a friendly format.

This is already done for PasswordLastSet from pwdLastSet and perhaps other attributes.

Without this enhancement, we must parse and convert the time such as:
$user = Get-ADUser -Properties msDS-UserPasswordExpiryTimeComputed sAMAccountName
([datetime]::fromfiletime([int64]::parse(($user)."msDS-UserPasswordExpiryTimeComputed"))).tostring()

Or we resort to non-PowerShell tools:
net user sAMAccountName /domain

https://social.technet.microsoft.com/Forums/windowsserver/en-US/4f14412f-dd81-4b9a-b6b5-aa69100e87d0/intermittent-not-enough-space-errors-when-doing-ldap-queries-against-2019-domain-controller?forum=winservergen

Support other methods using MFA for Primary Authentication, based on what the user's preferences are (as setup in aka.ms/mfasetup)

000

000

Not being able to specify primary authentication method per relying party is something I run into all the time. Can you please fix this? More and more vendors support SAML-based authentication and ADFS but none of them have a way of requesting Certificate Authentication as a primary authentication method. I do not want to change this on a global level, because we have other relying parties which use WIA. I'm guessing you have everything you need for this already, please fix!

Change Get-ADFSAccountActivity to return all users in ADFS Activity database, like supporting a -All parameter. Then users can be searched using powershell of users that have triggered lockout or failed given amount of times. Currently users have to be retrieved one by one which is tedious at best

GPResult served us well when support was done manually on each client from the keyboard. What we need now is a cmdlet that we can use when remoting into a PC and get results that are applied to the PC, including polices that are not applied.

When set the Windows 10 to Dark Theme, change the color of Active Directory from the Server and from the Administrative Tools from Windows 10 to a Dark Theme also!

Add a feature to search and list all policies with a specific setting pending on the OU you have selected. pending on the OU you have selected.

AGPM is a great tool to delegate and keep control on our GPO infrastructure. But the scripting possibilities are very poor.
I suggest you to extend the powershell module for AGPM, and adding, at least, an Import-AGPMFromProduction Cmd-let that will allow us to automate updates into AGPM.

My use case is that people can still make some changes outside AGPM system (especially the link change, which cannot be controled directly by AGPM). This change are important to keep track, in my opinion. So I regularly manually import the GPO from production into AGPM.

Add-ADPrincipalGroupMembership gives an error if used in conjunction with $PSDefaultParameterValues to choose the Domain Controller.

Using this CMDLET with this variable produces an error that the user does not have permission to perform the specified operation.

When passing something like "?whr=customdomain.com" to the password reset page it picks up my company branding, great stuff.

However, the User ID section still carries an example text of "Example: user@contoso.onmicrosoft.com or user@contoso.com".

Could the passwordreset.microsoftonline.com pages be updated so that the domain passed by whr gets used in the example, so that the example would read (in this case): "Example: user@customdomain.com".

compte 0005859947 63 touggourt30002 algeria ccp

COMPTE N0005859947 63 TOUGGOURT 30002 ALGERIA

My customer experienced several outage during ADFS Toke Signing and Token Decryption certificates automatically renewing. Thus , they really hope that Microsoft PG can add alert functionality , if AutoCertificateRollover is true , when those two certificates are issued automatically by system and before promoted to Primary Certificates , will send alerts

When logging in through ADFS forms-based authentication, the user is only prompted to enter their credentials, they aren't given any way to know when the last time they did so was was. Many web sites offer this feature to allow a user to know when, from where, and from which device they last logged in to they can report any anomalies to the powers that be. ADFS should have such a feature.