Microsoft now offers the ability to link an Azure Active Directory (AAD) work account and a personal Microsoft account (MSA). With this change, AAD users with a linked MSA account can now earn Microsoft Rewards points for Microsoft Bing searches done in their browser or Windows search box while signed in with their AAD account. This expanded Rewards eligibility was made based on user feedback.
The ability to link accounts will be enabled by default so account linking is available to an organization’s employees, but still requires employees to opt-in. The choice to link accounts is in an employee’s hands, and they need to take action to connect their AAD and MSA accounts.
Account linking will not change any group policies. Personal and work searches will not be linked, and there is no change to how searches are stored. Microsoft’s principles for data security and privacy in the enterprise still hold, which ensures that confidential organizational information including search history will not be collected on AAD accounts even after accounts are linked. Microsoft will not collect any new data for targeted advertising as a result of this change.
When will this happen
- Admin control (via PowerShell) available now.
- Account linking will be enabled no earlier than December 11, 2022 and will honor enabled/disabled settings.
How this will affect your organization
For enterprises with account linking enabled, employees with an AAD and MSA account can opt into account linking through entry points such as Microsoft Edge and Microsoft Bing.
When account linking is enabled, employees won’t need to switch between their MSA and AAD accounts to earn Microsoft Rewards, which helps with employee productivity by keeping employees signed in with their AAD account. Employees with a personal Microsoft account will earn rewards for searches that they’re already doing while signed into their AAD, and these points can be redeemed for rewards, including donations to nonprofits.
What you need to do to prepare
You can turn off the account linking default using the PowerShell script below, which needs to be run by December 11. After December 11, you can turn off account linking in the Microsoft 365 Admin Center.
Disable account linking for your tenant using the following steps:
- Download this PowerShell script (download link)
- Open an instance of the PowerShell script in admin mode
- Run the following command first
- Run the PowerShell script
- Follow the instructions the script prompts
- The cmdlet will prompt you to sign in with your AAD account
- Once signed in, it will disable account linking for your tenant
- If you have any issues, please re-run the script, if the issue persist, please contact support
Employees can enable or disable account linking from Profile preferences in Edge Settings, the Microsoft Start Management Experience, and Bing Identity Control.
- Read the FAQ for employees.
- Read the admin FAQ.
- Read about Microsoft Search in Bing’s enhanced privacy and security measures
Message ID: MC466201
Action required by: 2022-12-11
Product: Azure Active Directory, Microsoft 365 admin center, Microsoft Edge, Microsoft Search
Platform: World tenant, Online