Microsoft

Microsoft Intune Feedback

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos which you do not want to grant a license to Microsoft. See the “User Voice Terms of Service” link below for more information.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy email profile to Outlook for iOS/Android

    Instead of deploying a policy to configure the native email client, we need to be able to configure the (awesome) Outlook app

    1,893 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      117 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
    • Add PowerShell support to manage the service

      It would be nice if PowerShell was supported to manage the service.

      821 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        20 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

        As we move away from the Silverlight console and into the Azure Portal, we can now provide you with a Graph API for Intune, similar to the APIs you may be using with other Azure services. The Intune Graph API enables access to Intune information programmatically for your tenant, and the API performs the same Intune operations as those available through the Azure Portal.
         
        For more information, see https://graph.microsoft.io/en-us/docs/api-reference/beta/intune_graph_overview
         
        Here’s an example of using PowerShell to call Graph API for Azure Active Directory.
        https://blogs.technet.microsoft.com/paulomarques/2016/03/21/working-with-azure-active-directory-graph-api-from-powershell/
         
        If automation was your main priority and you don’t care if it’s PowerShell or not,  I encourage you to move your votes away from this and onto other items. I’ve created a new Graph category so you can tell us what other things you’d like to see regarding Graph automation.

      • Windows 10 Upgrades (1511) via Intune

        The Windows 10 1511 Upgrade is not available via Intune. We use Intune as our Update Management platform (small business).

        I thought that the Windows update functionality in Intune should be like a WSUS in the Cloud. With peer-Distribution in Windows 10 and in Intune before it should be possible to not overload our Internet line.

        If this should not work by design then please Microsoft state clearly which of your products is designed for which Scenario.

        651 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          48 comments  ·  PC Management  ·  Flag idea as inappropriate…  ·  Admin →
        • Automatically deploy Intune PC Client for Azure AD joined computers

          Not entirely sure if this belongs here, or in Azure AD, however....

          From reading the documentation, it appears that the for Windows 10 Enterprise PCs, they can be managed automatically upon joining the Azure AD domain as mobile devices only.

          For corporate issued PCs, it would aid SMBs greatly if adding the Intune PC Client can be done automatically upon joining the PC to Azure AD. This would lower IT department's involvement in issuing new devices, so that company administration could just buy (for example) a Surface Pro and hand it to a new employee, along with the Azure AD/Office…

          585 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            23 comments  ·  PC Management  ·  Flag idea as inappropriate…  ·  Admin →
          • Extend MDM MSI deployment

            I would like the MDM MSI deployment (to MDM enrolled Win8.1+ clients) to be extended. Currently, only single MSI's are supported, I'd like this to include MSI's with .cab's, MSP files to patch installed MSI apps, and to be able to deploy .exe installers.

            549 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              25 comments  ·  App Management (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
            • Push notification of user via sms, email or message on screen

              Abitity to warn a user via a custom notification via sms, email or message on screen.

              517 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                23 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
              • 451 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  40 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                • MFA doesn't work with Apple DEP with Intune

                  We have Intune included as part of our licensing with O365. Our company requires that MFA is enabled. This however does not work when using Apples Device Enrollment Program with Intune.

                  When a user has MFA enabled, when they are prompted for the username and password it is returned that the credentials are invalid.

                  We have tried to use an application password to work around this, however this does not appear to be supported either.

                  Ideally, as the enrolled DEP device is a known end point, while having MFA enabled, would it be possible to enable a logon to DEP/Intue…

                  327 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    10 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                  • Conditional access for on premise exchange and Outlook App

                    The below link was updated on the 17th of December. This still states that it is not possible with an on premise Exchange solution “The Microsoft Outlook app for Android and iOS (for Exchange Online only)”.
                    https://technet.microsoft.com/en-gb/library/dn818907.aspx

                    This is directly affecting our implementation of Intune throughout our organisation.

                    The Outlook App is used by many users and this would be blocked if we implement conditional access.

                    The business needs to know if this is going to be corrected in future updates or if we are going to have to look at alternative solutions.

                    Thanks

                    282 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      23 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Samsung Knox Mobile Enrollment

                      It would be nice if Microsoft Intune supported enrolling devices with the Samsung Knox Mobile Enrollment.

                      It would be great feature to help enroll Samsung Android devices into Intune Mobile Device Management.

                      280 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        12 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
                      • inventory of -all- installed software not just the software deployed through Intune or from the Store

                        Today very limited reports exists for MDM, there is no report for software inventory on Mobile devices.

                        270 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          19 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

                          Hopefully by now you’re seen our Data Warehouse feature that released recently. You can now get this data in console under Mobile Apps → Monitor → Discovered apps.There’s a table exposed in the data warehouse applicationInventories that exposes the same data.

                          We also have a listing of all managed apps and their installation status under Mobile Apps → Monitor → App install status."

                          Does that get you what you need? If not, what’s missing?

                        • Include Azure DRS in DEP Enrollment

                          Microsoft Partner here - One of the main reason's business's look to utilize Apple's DEP Programme is to streamline their enrolment into an MDM server. Using the traditional approach as a business requires end users to create an Apple account for the sole purpose of downloading the MDM enrolment app, in our case Intune and then follow a wizard.
                          Migrating 1000's of iOS devices using the company portal method in this manner is not affective so DEP is a god send to address this issue.
                          Unfortunately, when used with Intune and user affinity the credentials are passed to the MDM…

                          237 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            8 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Add a policy to prevent device unenrollment from Company portal

                            Companies provide devices to their employees and generally wants to make sure that these devices will always remain managed through Intune. It could be interesting to have a policy that prevent users to unenroll a device identified as a company device from the Intune company portal.

                            219 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              21 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Deploy unique computer certificates using Intune/SCEP/NDES

                              We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

                              The story behind this idea is as follows:

                              We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

                              206 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Make "Managed Browser" a "Conditional Access" rule for accessing Azure AD App Proxy

                                Many companies would like to make internal websites available to personal devices. Microsoft Intune has a managed browser app. I would be great if it could be set as an "Conditional Access" rule for some of the WebApps published using the Azure AD App Proxy.

                                + a "Conditional Access" that could define whether to allow "Personale (BYOD)", "Corporate", (Both - Personale + Corp.) or "Unknown"
                                Thanks to Adrian Hyde for the idea. Let's get the vote up

                                This post is also related to Azure AD App Proxy post:
                                http://feedback.azure.com/forums/169401-azure-active-directory/suggestions/9575541-make-managed-browser-a-conditional-access-rule

                                200 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  noted  ·  9 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
                                • Support for deploying App-V packages

                                  Right now people have to use the MSI packages generated by the App-V sequencer, rather than having native handling for the .AppV package format as SCCM does. This means that people have to resort to powershell scripting, or squeezing scripts into MST transforms in order to use App-V features such as custom configuration files or connection groups.

                                  Also the MSI packages are very unreliable since they were mainly created for test scenarios rather than live deployments - for example they fail to uninstall when an application is in use, and you have to remove the previous version manually before installing…

                                  196 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    noted  ·  5 comments  ·  App Management (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Ability to choose/configure Email client (i.e. Outlook) within mail policy

                                    A menu that allows you to select the default mail app or the outlook client for the type of mobile device, perhaps once outlook is selected a selection of options appropriate to the application

                                    177 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      29 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

                                      Since this has a lot of moving parts we’d like to get more detail on this.
                                      1) • Do you want end users to be able to access corporate email only through Outlook app on iOS/Android/Windows10?
                                      2) • Do they want to block all email access from any other 3rd party or native mail clients on mobile devices?
                                      3) • Once the Intune mail profile goes down to the device – do you want to block the user from creating any manual profiles?

                                    • sync contacts to local OS native apps/phone

                                      The Team of Intune and Outlook did a great job but we believe that there are still some limitations to overcome:
                                      - We need the capability to sync determined objects to local OS native apps/phone without limitations, like Contacts through Outlook for iOS. Outlook for iOS, for example, is a good application that provides mail and calendar features. However, since the contacts are not synced to the native OS phone, calls/SMS are not recognized.
                                      - We know we can use ActiveSync for contacts, however, in case of MAM, we wouldn´t allow ActiveSync in our mobile devices.

                                      166 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        noted  ·  5 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Support for InstallApplication

                                        InstallApplication is a native MDM command that allows for installing packages on the client upon enrollment.
                                        Support for InstallApplication is already in Airwatch and SimpleMDM and possible in more MDM solutions.

                                        See also:

                                        https://simplemdm.com/2017/03/07/deploy-munki-apple-dep-mdm/
                                        http://blog.eriknicolasgomez.com/2017/07/27/Custom-DEP-Part-7-Getting-started-with-AirWatch-9.1.3/

                                        162 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          3 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Deploy applications to Mac OS X

                                          Allow deploying of applications to Mac OS X, including from SCCM in unified configuration architecture.

                                          160 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            9 comments  ·  App Management (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →

                                            Hi, Michael,
                                            - In Standalone Intune, unfortunately, there is not yet support for deploying Mac apps. This is on the roadmap, but we don’t have dates to share at this time. Here’s a TechNet blog about our current Mac support and also how it applies to Hybrid. https://blogs.technet.microsoft.com/microsoftintune/2015/11/23/introducing-intune-support-for-mac-os-x-management/
                                            - Configuration Manager does support app deployment – instructions here. https://technet.microsoft.com/en-us/library/jj687950.aspx
                                            - Hybrid users can deploy apps in the same way as Configuration Manager if they use teh full Mac client, but it cannot be done with MDM yet.

                                          ← Previous 1 3 4 5 57 58
                                          • Don't see your idea?

                                          Feedback and Knowledge Base