Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Auto-configure OneDrive for Business via MDM/Intune

    I'd like to remove the need for a user to have to enter their UPN when launching Onedrive for Business for the first time on an Intune enrolled device (similar to a mail profile, but for OneDrive for Business). Seems to be an obvious ask to keep Microsoft tools all auto configured when enrolled

    169 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. allow creation of dynamic groups based on user + device criteria

    I can create dynamic user groups eg all users where department equals Sales

    I can create dynamic device groups eg all devices where device Type equals iPad

    What I would like to be able to do is create a dynamic group that matches all iPads for users that are part of the Sales group.

    This allows for greater granularity scoping policies and app assignments in Intune where i may issue multiple iOS devices to the Sales team and need to manage their iPad and iPhone separately.

    138 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow a shared device where users can log in and log out of devices.

    Have a shared device configuration where users can check in and check out of a device it will grad specific policies for the user while they are checked into the device.

    For example it will allow them to download e-mail when they are checked into the device.

    129 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Intune Licensed Users/Assigned Users and not licensed

    We've been told that we're unable to pull a list of Assigned and not licensed users. It would be very helpful if Intune Administrators had the ability to export a list of either Intune Licensed Users/Intune Licensed Enabled Users or Intune Licensed Disabled Users.

    Specifically talking to the Assigned Users graph at Home > Apps > Monitor - App protection status page in your Microsoft Endpoint Manager admin center.

    The only solution we have at this point is to go one by one for hundreds if not thousands of users

    82 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Include search button/search option for member serach under Groups-> Members in Intune Console

    User search criteria under group members is quite difficult, as we have to click on "load more" for couple of times if group has couple of hundred users and search with browser (Chrome/ IE) search option(Ctrl+F).
    No Console search option to find user is member of group at the movement.

    76 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Be able to manually/schedule sync Dynamic Device Groups.

    Dynamic Device Groups are syncing at 'random' times. It would be nice if manual synchronization of Dynamic Device Groups would be possible. We are using DDG's for deploying applications and policies to iPhones. Customers are experiencing that they sometimes have to wait up to 24 hours for applications to deploy because the DDG's are not synchronizing. If it would be possible to manually or schedule synchronization this would be a major help.

    66 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide a few seats (15-25 users maybe) to MSDN subscribers

    Currently, if an IT professional wants to either test Windows intune features or demo the features to potential customers, you have to sign up for a trial. Features change so often though, and (my customers anyway) often want to see what the product does and you end up signing up for multiple trials and rebuilding your lab/ PoC environment. My MSDN subscription includes $150 of Azure Credit, Intune should be there as well

    41 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →

    Azure credits work differently than trial accounts, as you’ve seen.

    One thing some people don’t realize is, we have no limit to the number of trial Intune tenants you can create for a single email address. Believe me, I’ve created dozens on my Microsoft email address. We don’t care how many you create, though there is a limit that each tenant can have only one trial account. I know, it means you have to keep recreating environments, but at least it lets you see what’s new any time you want.

    If you are a Microsoft Partner, we have benefits that help with this. You can check out https://wpc.microsoft.com.

  8. Restrict who can login to a device based on user group

    I would like an option to restrict who can login to a Windows 10 computer based on user groups. Or if using kiosk mode restrict logging in completely. But for example I have teacher devices that I do not want students to be able to login to. It would be useful to restrict this based on user groups.

    38 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. 36 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add the ability for a nested group in Local Admin Access in AAD

    Currently there is only the option to add individual users in the following blade for local Administrator access on AAD joined devices.

    https://portal.azure.com/#blade/Microsoft_AAD_IAM/DevicesMenuBlade/DeviceSettings/menuId/

    Can we add the option to add groups into this for easier user management of devices.

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. More dynamic device attributes

    There are only a few limited device attributes that can be used for dynamic device groups in Azure. Please can you add some more? A few of interest personally would be.

    • Dynamic device group for DEP Enabled (non DRS joined devices) - As DEP Enrolment in Intune does not DRS register, an attribute to collect all affected devices (for reporting and remediating would be ideal)
    • Device Threat Level – an attribute to pull back all devices with a specific threat level, i.e. High, Medium, Low, None (as per screenshot showing it working in ConfigMgr)
    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Increase the limit of the number of DEM accounts for 1 Intune tenant

    Please increase the limit of the number of DEM accounts for 1 Intune tenant,
    We need this feature because we want to simplify account management and reduce operational load.

    The target users are working in industrial and distributors in each country.
    The following flow is assumed.
    ① A global administrator will provide a DEM account to the site administrator at each site and have the device registered with Intune
    ② Then distribute the device registered to the end user

    The user logs in to the device with a local account and uses it, and the site administrator manages the device…

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Removing links from web app widget

    It would be great to have a feature for deleting links that are deployed on web app of management portal.

    The reason is I have deployed wrong links on multiple mobile phones and now I cannot remove links unless I unenroll them and enrol them .again

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Configure Trusted Sites in Edge Chromium Via Intune

    We need to be able to set Trusted Sites in Intune. Lawyers do not like having to click to trust a website's Security Certificate; they call the HelpDesk every time, Even if they have been to that page a hundred times. Right now Intune's OMA-URI settings only work with IE, we need it to translate to Edge Chromium as well.

    17 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. On the All Devices page, give me the ability to view by employees AD name.

    Currently we can view by the device name but this value is setup by the user on their phone. Normally is a nick name or a shortname, like Johns iPhone. I want to view by the employees AD name so that it's easy to find someone.

    16 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Block Users without an Intune License

    I would like conditional access to be able to block users without a valid Intune license instead of just ignoring the policies.

    16 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Office 365 Admins access to Device Management menu without the need to be a Global Admin

    I have a number of admins and as I need them to manage mobile devices, I need to make then Global Admins.

    Please provide an option to make this more granular

    14 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Intume MDM User Lifecycle Mangement

    To retire/Wipe data once a Intune MDM user leave the organization needs Global Admin or Intune Admin rights. Ideally this should be a helpdesk routine task. There is no Powershell command available to automate this task too. From a User lifecycle management this is a major drawback as we manage Airwatch and MobileIron also which has RBAC to do this

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Automated user profile migration

    I know that we have intune/device management to allow us to create policies to get profiles how we like, but when first migrating users to intune we have to sign them into their new user profiles and then manually migrate all their historic preferences and settings to minimize the disruption (This is the same if we're coming from no management, from a domain environment, or from a hybrid environment. As it stands we're manually using profwiz to drag items across to minimize the disruption.
    I'm aware we can use known folders, but this only moves files, not settings.

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Kiosk mode password

    Kiosk Mode automatic login is not compatible with the default Microsoft EAS (Exchange Active Sync) settings. It no longer works with the default kiosk user mode in Intune that logs in with no password. Windows 10 now requires all users to have a password or administrative auto login is disabled. The Kiosk user is also asked to set a password to these EAS requirements. This breaks the most important aspect to Kiosk mode.
    Please add a setting to kiosk mode that allows auto login but allows the administrator to check a box for a randomly created password per system or…

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base