Microsoft admin centers - I can't be the only one bothered by this on a daily basis
Posted by Jaymesned@reddit | sysadmin | View on Reddit | 111 comments
A billion (trillion?) dollar company can't keep simple consistency correct on one of their most used pages? I know, this is same old for Microsoft. But c'mon.
alluran@reddit
The fastest, most responsive admin center for Microsoft I've found is claude code ;)
Ohrgasmus1@reddit
how so?
my claude helps but is also often confused.
do you ask, or do you have an kinda api connection and you just give claude a task?
whats your workflow?
alluran@reddit
it's able to use az to achieve most things I've needed to do
I've also gotten it to build out tools to do my commonly completed tasks as MCPs and connected them to our instance (gated behind entrance roles for every tool)
basically, if I need the output to be repeatable, I get it to write code to do it, and provide it as an MCP tool, or a skill.
if I just need a report/aggregation of some adhoc data - I've gotten it to build the tools to expose the raw data, and let it crunch it at call time
Anything particularly dangerous in production is heavily gated, and actual writes to prod DBs / changes to live servers are hard-blocked because I haven't given it the credentials to the server - I've given it access to a tool that can perform the action, and that tool has been written with specific guards to block those actions at multiple levels.
ledow@reddit
Microsoft products aren't built to be used. They're built to exist.
The amount of legacy shite in EVERY SINGLE INTERFACE EVER is just an indication of that.
Give me a week at Microsoft and free reign, and there are a THOUSAND interface changes I would make that nobody on Earth would complain about doing. Because they need doing. And it would make everything more consistent. And it's just NEVER been done in all the decades I've been using their products.
I'll throw one out there and you tell me if you know it:
- That when you load up Active Directory Users & Computers, and search, that the DEFAULT is not to search by computer names too. And that if you then go into change it to include Computers, it clears the search you already had and you have to type it in again.
That one has been in there for DECADES now, and it affects anyone who uses that tool and I guarantee you that even MS techs have spend decades screaming at that when it happens. But they've never deemed it important enough to do anything about it because it would mean making a change to a critical utility, and "that's the UI guy's job" and he's too busy on Entra web portals, etc. and doesn't want to change a 30-year-old tool because that's really the "programmer's job", and so on.
Similar things happen in the Entra web interfaces and all over the place. Sharepoint is an HORRENDOUS MESS of UI paradigms. So unintuitive and horrible, you can spend years teaching people how to manage the various settings which are all buried in arcane menus that involve going back decades in UI interfaces to get the ONLY place where that setting exists. Even in things like Powershell, there are inconsistencies in where parameters need to go or what they're called or even hyphenation of commands ("Get-ItemProperty", etc.)
I have a theory that nobody at MS who programmes those tools or is responsible for their UI has EVER ACTUALLY USED THEM, especially not as a core part of their jobs. Because if they had, they would similarly be driven mad and would just fix them. I bet that, somewhere, there's a bunch of MS techs who constantly put in feature request for basic UI/UX changes and they just repeatedly keep getting ignored because they "don't want to change the way it works for users" while users are SCREAMING OUT for some consistency and intuitiveness in their interface.
ChadTheLizardKing@reddit
100% agree.
I would love to know who is sitting on the "Turning off the double-clicking the edge of a cell in Excel takes you to the end of a table" setting also turning off OLE in its entirety.
Jirkajua@reddit
We have moved you to the new and improved admin interface :)
No you can't change that setting in the new interface :)
No we can't just simply give you a toggle to switch between the old and the new one, you need to find it by clicking through 300 hyperlinks and outdated MS docs :)
Just use this EXO cmdlet that doesn't even exist anymore :)
CaptainZhon@reddit
I felt this
jfoust2@reddit
Also the name of this product line has changed to either a name used by some other product or a term so generic it resembles another product or concept.
Jirkajua@reddit
Entratune Copilot 365 by Azure AD
And it's just sharepoint reskinned once again
Arudinne@reddit
Fixed that you for you.
longlivemsdos@reddit
dont get me started on contextual help hyperlinks that go to 404.
I've seen it for both old panels (why can't they just flag it as legacy rather than deleting) and new panels (at which point not even community guides exist yet either so your s*t out of luck)
sitting_not_sat@reddit
So true! Or, again in ADUC not being able to look at an object's attributes from the search results and having to go to the actual OU where the object is to be able to do that, but also needing to have 'advanced' view on to be able to see the object tab on the object in the search results to even know where the damn object is..
takeurpillsalice@reddit
It's a bit hacky but if you open the object from member of you can then view/edit the attributes. Helps if you have a test group or an old unused group to add them to if the groups the object has loads of other objects in it so it's easy to find.
CaptainZhon@reddit
It’s janky not hacky
Evil_K9@reddit
From search, open the object you want to see, then in its Member Of tab open a group, close the original pane. Then in the groups members tab open the original object and you'll get the attributes tab. At least saves you from having to navigate through AD folders.
silentstorm2008@reddit
Omg, whyyyyyy.
JerikkaDawn@reddit
And the entire MMC resetting when you turn on advanced, causing you to have to start over.
jfoust2@reddit
Do you mean all the out-of-date documentation that search engines and AI find when you try to solve problems?
longlivemsdos@reddit
I miss when they had their doco on a different subdomain for easy google search fu.
Sometimes forums work but I want to follow the official guides
SVD_NL@reddit
Ugh, SPO. I can't get over how tacked-on that product still feels after all these years. They literally have the old SP authorization system, but automatically map it to default groups you see in the interface, and if it's a Team Site (not to be confused with Team Site) those groups map to MS365 group permissions too, but only one-way. One of my customer tenants is a joy, because those default groups are completely borked. So i either A manually create groups for every SP site and map the permissions in the classic interface 5 layers deep into "more settings" links, and in the process kind of break the regular admin interface, or B use their convoluted mess and hope it'll continue to work.
Sharing settings are a mess. Sure, global settings that can be further restricted on a per-site basis makes sense. Sensitivity labels complicate things, but it is a seperate feature so it kinda makes sense that it's not fully integrated. But did you also know there's even more site sharing settings that are hidden in a menu after visiting the site itself? Yes! And what do these settings control? well, here you can change the perfectly sensible default that guest members with edit permissions are able to share to new guests as well!
Of course you can sort of mitigate this by changing your guest access level, and by changing your guest permissions in Entra to lock it down furter. Of course you've done this, right? Microsoft never mentions this in their tenant setups, their secure scores, or other guidance, but it's got some very important controls hidden in 3 seperate sub-menus.
Don't get me started on the bloody API. Graph for sharepoint is basically useless, so you're stuck with using PnP (which is a community tool, you could ofc do raw API calls...), but that tool exposes the whole sharepoint structure, so to get what you need you need to learn about the on-prem SP structure, and then learn how MS invisibly mapped that structure to SPO.
hisheeraz@reddit
Its a nightmare every single time to get around to the screen I want. So I have bookmarked
itskdog@reddit
We're new to Intune, and trying to guide my manager to the admin centre always takes a few minutes because of the "Microsoft" next to it. (Especially as I have everything I use often bookmarked now, I'll just say "Admin centre, show all, then Intune")
The fact it's alphabetical on the full page but not the sidebar is also kinda infuriating.
Flaky-Gear-1370@reddit
Intune really is a pile of shit considering how heavily used it is
Works when it feels like it, useless error codes and the recommended way of distributing applications involves downloading a random command line tool and packaging it up for literally no reason it couldn’t be done direct in the UI/powershell
jake04-20@reddit
It really is surprisingly janky lol. Go to github and download the intunewin32 command line tool to repackage for "reasons."
Flaky-Gear-1370@reddit
Oh and for the love of god don’t use the Msi feature to package up an msi
KingOfYourHills@reddit
Line of business app? It's the most reliable way to deploy an msi I find, however they negate this reliability by not allowing you to configure any dependencies, supercedence or custome detection rules. Supposedly those features are "on the road map"
itskdog@reddit
That's recommended against as it fouls up the ESP if you deploy both Win32 and LOB as they both try to access TrustedInstaller at the same time.
KingOfYourHills@reddit
I just meant it was annoying that you need to package an msi as win32 if you need a dependency. That's interesting though as we've had issues with the installer processes colliding and some apps taking a couple of tries to install. So you shouldn't assign a device group to both win32 and LoB apps then?
itskdog@reddit
If you're using Autopilot or the ESP, you shouldn't mix & match LOB and Win32.
itskdog@reddit
Or at least just upload a ZIP and do the rest in the web UI. I don't see why we need to list the file to be executed in the IntuneWin when you have to enter the command line in the portal anyway.
halap3n0@reddit
I created a free chrome extension to help with this, it has all the admin centers, it also finds and reuses open tabs if you already have it open. https://chromewebstore.google.com/detail/365-launch/kffnfclkjjchinphebodgljihahbgpmm
pc_load_letter_in_SD@reddit
This is nice! Great work. Will leave a 5 star review
halap3n0@reddit
Thanks! It has take quite a bit of work, review appreciated.
pc_load_letter_in_SD@reddit
Review completed!
halap3n0@reddit
Amazing thanks so much
Substantial-Fruit447@reddit
I just don't bother any more and just tell people to enter "aka.ms/Intune" into the address bar
TeramindTeam@reddit
i feel this on a spiritual level. honestly half the time i just bookmark the direct links to the specific portals i need cuz the main dashboard is just a maze of redirects and broken ui elements. its been like this for years so i doubt itll change anytime soon
ManWithoutUsername@reddit
I think you're being overly simplistic in your statement.
Microsoft is incapable of maintaining any consistency across its products.
If it weren't for the fame it gained decades ago and its market dominance, a company like this would be bankrupt in no time.
FreakySpook@reddit
I'm doing a lot of consulting helping it teams prepare and migrate to HyperV or Azure Local at the moment and the one thing that everyone agrees is just the inconsistency across the toolsets to manage it, is definitely a learning curve.
PowerShell, MMC, WAC, WAC VM Mode, SCVMM, ARC.....
Amomynou5@reddit
Don't forget SCCM:
SMS -> SCCM -> MEMCM -> MECM -> MCM
GinormousHippo458@reddit
This seems a good reason to investigate, try, and study Linux. I only did after becoming so frustrated with Microsoft's terrible execution and mess of half baked and overly complicated software and services.
bigbramel@reddit
So you went from commercially supported half-baked and over complicated software to unsupported half-baked and over complicated software?
Linux has in this department the exact same problems as Microsoft, just different causes. So many forks onto forks onto forks and need another piece of software to make it work.
Fallingdamage@reddit
From a budget standpoint, it IS nice that you can spin up countless Linux servers in an environment to compartmentalize roles and do testing without needing to buy thousands of dollars in licensing for every server you put in production. Asking for $1500 to 'try something' kindof sucks with MS server licensing. Probably one reason small shops put all their services on a single server.
Cooleb09@reddit
Preach
And the only project that conssitenly tries to un-fuck this mess (SystemD) gets flak for being too 'all encompassing'.
And so many open sourceb projects are jsut half baked garbage, or no-one can be bothered writing docs, or the open-source (core) bit is just cucked and you need to pay the equivalent of a comerical product anyway for an 'enterprise' version to make is useable in a business setting. Or it was good and then someone bought it (perforce/puppet).
And then there's all the distro's like Debian etc that fuck with upstream stuff so bad in the interest of carrying their own tehcnical debt forward, that not only do things not work right, you can't even rely on the upstream docs or forums/git issues for help.
And of all the virtualisation projects for linux... none of them has solved the shared storage problem (no you'r scuzzy 3 node Ceph cluster with single digit IOPS that shoots itself in the head trying to rebalance itself every time a node goes out doesn't count). VMFS was a pretty damn nice magic bullet for anyone running FC or iSCSI storage.
GenericRedditor12345@reddit
You still have to pay for enterprise features in both situations so that seems a bit reductive. Sounds like you’re conflating open source in general with Linux enterprise tooling. Also running a 3 node ceph PVE cluster in production that has been bulletproof so far. 40Gb mesh between them though. The Winprise or Linprise discussion is highly dependent on use case.
QuerulousPanda@reddit
ah like having SAML only be available for enterprise, that shit is fucking obnoxious
bigbramel@reddit
Meh, I find this the least problematic. It's just the commercial open source version of Microsoft's free stuff for education. Good enough for homelab or small business, but you need to pay for it if you want to use it in a commercial setting.
FreakySpook@reddit
I like Linux and use it a lot, but when your organisation has decades of technical debt that is certified to only run on VMware or HyperV and 90% of the virtual systems the organisation runs is Windows, and the organisation is already licensed for HyperV via their very expensive enterprise agreement, learning & migrating to Linux is not a simple exercise.
simple1689@reddit
MMC....ah good times. Love you MMC!
Pazuuuzu@reddit
Ferretau@reddit
I look at it like this, they don't want bloggers to have information that can be used in the future so move and change everything all the time to ensure information you can find is always out of date.
MyFlowerBurner@reddit
The website design MS chooses in general infuriates me. Having a button that is 'Review & Save' on the penultimate page overlap with 'Cancel' (with no verification) on the final page is... unforgivable
red_fury@reddit
I had to get a surface replaced/repaired under warranty just recently. The surface service repair portal in my environment was blocked, so I went to my local IAM office... Even after opening two tickets with MS they weren't able to figure out why I had no access to the portal. So I just go to the consumer support phone number and fall on bent knees begging for help. I get it but to replace it with a reman surface laptop under warranty it cost me $140... I'm sorry if I have to open three tickets with your SOFTWARE company to replace your absolute shit hardware, how in the fuck do you think you will compete with Lenovo? This doesn't even mention the fact that I submitted our tax exempt documentation 4 times with them before they even realized they were charging us sales tax. Even after that I had to work with two invoicing authorities both claiming they never received our payment. It took 8 weeks to turn around this one piece of hardware. In 08 we were talking about companies being "too big to fail", at this point Microsoft is "too big to succeed".
RAVEN_STORMCROW@reddit
OMFG. Get used to it.
12354645789234@reddit
I'm more annoyed by Defender portal. What's the point in letting you pin items when they aren't going to be persistent.
Saueso@reddit
Fuck power apps
cwk9@reddit
Zero consideration to how that was supposed to be managed long term. It's the wonky orphaned VBA laced Excel file all over again.
ReputationNo8889@reddit
Same for Power Automate. Like there is no "Company Owned" concept and so many people build business critical tools with it. How on earth is "have a service user" the right answer for such a tool...
bobdobalina@reddit
They should really just have a button that brings you to azure logic apps
CeC-P@reddit
And now it's Spanish for some reason. Vaminos a Entra Algo!
McGarnacIe@reddit
What bothers me most these days, especially this past month is just how damn slow it is to load every single bloody page.
QuerulousPanda@reddit
or the page actually loads, but the important part you actually need just sits there blank for an unknown length of time before it finally populates the data (or doesn't, depending on mood)
AnalTwister@reddit
Anybody notice that every time you try to login or access anything it's like 5 fucking redirects and sometimes it make you do it twice?
DanielWW2@reddit
Yes and its infuriating.
MaritimeStar@reddit
I'm constantly wasting time looking for things in the admin the have moved. It's like they just make superficial changes in order to create the illusion of having a working development team.
Tricky-Service-8507@reddit
Assuming because they have money they care was the first issue
devloz1996@reddit
Seems like sidebar was ordered manually, based on perceived importance of execs at the time. As for the names, they suck even harder in other languages - for example, when Entra brand dropped, their translators treated it like word "entry" instead of untranslatable.
But who knows, maybe they will improve it with their new big-density sidebars (dense as in Outlook 2016 mailbox folders dense), that recently started occur on some M365-style admin centers (not Entra-style) at a rate not bigger than 1-5%.
Valdaraak@reddit
I'll tell you what bothers me more than anything:
Shit on the sidebar isn't alphabetical and there's no way to make it. Why do I have to ctrl-f to find a menu quickly?
zenjabba@reddit
I'll be honest and just say use the API endpoints for as much as possible. I've given up trying to use the UI for most of the things.
LaDev@reddit
It always amazes me how everything is hobbled together with shit integrations between teams that likely don't even know each other. I have a strong feeling half the terrible experiences is just some junior engineering ingesting another team's API.
karatetoes@reddit
In a similar vein, It is both laughable and depressing that it takes unaffiliated community resources just to map Microsoft's own products features efficiently (and tbh....better).
(Zero affiliation) https://m365maps.com/
g2g079@reddit
Unaffiliated my ass.
maxxpc@reddit
Even worse then. The dude can build it in his “off time” and Microsoft can’t provide proper licensing and capability maps themselves.
Almost like it’s on purpose.
Cooleb09@reddit
Thats an upgrade to your E7 license.
notapplemaxwindows@reddit
Dude works for MS and gets to build this on company time, while aided by colleagues. It's really not a "community built" project. But its still amazing.
Kardinal@reddit
Also: https://cmd.ms/ https://www.mso.run/ https://msportals.io/
teriaavibes@reddit
Well guy works for Microsoft; you can hardly call that unaffiliated.
Still impressive that someone did it tho.
Kardinal@reddit
Not really. I know what I want and it's pretty easy to find. Also bookmarks.
Would I prefer more consistency? Yes.
Is it worth two calories to be unhappy about? No way in hell.
OsitoPandito@reddit
I think every admin knows what to look for....doesn't mean it can't be better
jfoust2@reddit
/u/Kardinal has a very specific job that doesn't change, so it's easy to find the same thing over and over. Some admins need to find new things tomorrow morning.
Royal_Bird_6328@reddit
Bookmarks are the way to go- why bother going through a portal to access something else when a bookmark is easier
Different-Maize1114@reddit
I sometimes feel like they fired their designer & UX employees and let ChatGPT (the first versoin from few years ago) to run their UX. I'm not a designer and it feels like they are making so many strange mistakes
korewarp@reddit
I've been nose first in the M364 eco system since 2022, and I've lost track of how many times they've changed, moved, redesigned, rebranded things.
I know tech has accelerated in all sectors, but c'mon....
Allofthemistakesmade@reddit
Last week I pushed a new Meetings policy in the "new" Teams admin portal. That broke, and didn't allow whitelisted customers to join anymore.
Until I configured the same damn policy in the 'old' admin center, then it was fine. Smh.
Slovenly0@reddit
They changed the defender portal recently as well. Its like playing Micro$oft Roulette everytime you login into "Microsoft Co-pilot Cloud with Co Pilot Admin Co Pilot Centre".
Anyone else still bothered they changed the office.com portal to take 30 times more effort to get the Installer or App portal?
hotfistdotcom@reddit
Makes me furious. They change product names constantly and their support pages are perpetually out of date.
What was defender plan 2? Just defender? EOP? Something before that, and I swear it changed like 3 times in a year at one point.
Meanwhile teams updates 10-5000 times per day and has never one single time added anything I need or want or have even seen when literally all anyone wants is a chat and calling and meeting app that just works. Which it used to. So good. And now it does not. But hey, at least it's trying to be sharepoint, somehow worse than sharepoint
pistodj@reddit
I completely understand the frustration.
The Microsoft Admin Centre sometimes seems designed to waste your time: one thing is in one portal, names change, menus move around, and just when you finally remember where to find something… yet another update comes along.
However, in my opinion, it’s not just a Microsoft problem. Many ICT vendors do the same thing: firewalls, backups, EDR, cloud dashboards, virtualisation systems… all with their ‘new interface’ where half the functions have been moved, the other half is still in the old UI, and the documentation is often out of date.
The fun really starts after the updates: buttons have vanished, items have been renamed, paths have changed, and you end up wasting 20 minutes looking for something that used to take 30 seconds.
Microsoft certainly deserves the criticism, but the problem is broader: too many vendors keep redesigning administration tools as if they were consumer apps, whilst those who use them for work just want stable, consistent and predictable interfaces. It almost seems as if, unless they “refresh the GUI”, there’s no reason to charge...
Claidheamhmor@reddit
And Copilot can't find anything. Try to ask Copilot to, say, take you to the admin page for showing capacity usage, and you may never get there. It doesn't know which interfaces are in use, where the links go, what menu items there are, or anything.
Public_Warthog3098@reddit
Microsoft has been inconsistent like this since the beginning of time. It's what gives them character.
DominusDraco@reddit
They are just warming up, soon to add copilot to each of those admin center names.
Ihaveasmallwang@reddit
They’ve added copilot to pretty much everything except Visio. It might actually be useful there.
jake04-20@reddit
I just took the time to make a "Admin Center" bookmark folder with each admin center labeled by "Intune", "Entra", "Exchange", "Security", "Teams", "Sharepoint", etc. and exclusively use that.
bjc1960@reddit
I just with PIM would be consistent.
slimeyena@reddit
nothing will change unless we all start dripfeeding the C-suite alternatives
innatangle@reddit
Unpopular opinion I'm sure, but while MS could be better, they're light years ahead of other companies when it comes to admin portals. Then again, I cut my teeth on NT4.0 so I've got a good understanding of the evolution of their products.
Opposite_Bag_7434@reddit
Ha, most of this is deliberate. Makes it look like things are always new because they are always changing.
…
Kirihuna@reddit
I recently found out you can drag and rearrange the sidebar of Intune fwiw.
progenyofeniac@reddit
I feel like this needs a “first time?” meme. But yeah, it’s extremely stupid that admin centers seem to be designed by entirely disconnected and uncoordinated teams.
scytob@reddit
Correct, it’s because each is it is own team and no one is driving consistent. That’s not an excuse, someone should be. It’s the same in partner center where I spend most of my life, and all the teams point fingers at each b other.
Such_Field_3294@reddit
Every time they "unify" something it just adds another portal that's slightly different from the rest. At this point I think the inconsistency is load-bearing and theyre afraid to touch it
iamMRmiagi@reddit
Yeah, their UI/UX is lame and has a ton of quirks. Never noticed this though.
ifq29311@reddit
its just sorted alphabetically on the right screen, and most likely by usage frequency on the quick access pane
iamLisppy@reddit
I dont believe its by frequency on the left since I definitely go into Microsoft Intune, Identity, and SharePoint the most with Security the top most selection. Im sure I can move them around but im so used to where they are now haha
XInsomniacX06@reddit
Think outside of your sysadmin role. You’re employed by a company that makes money using the product. No product no money. No job.
Bogus1989@reddit
lol…
things have changed so many times in windows 11, and i dont use it much at work, since im involved in much more complex things…
i gave up trying to navigate gui, i only know how to access things by cli poweshell or shortcut keys
Fit_Prize_3245@reddit
Trillion in english, billion in spanish.
Asleep_Spray274@reddit
Imagine getting upset at a page layout. Dude, you actually spent time to make an image off it. Seriously dude. Go outside once in a while
NightH4nter@reddit
gotta keep designers busy
crwoo@reddit
they should start with crimping ethernet cables and then move up, would be a nice straight line.
LowEloSlut@reddit
Yes its ridiculous.
zcubed@reddit
I submit feedback to them frequently about how frustrating it is to use their product and how some one has to tell Satya that his ideas are stupid. Satya is the new Ballmer. Nothing will change but it makes me feel better.