Microsoft

Microsoft Intune Feedback

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos which you do not want to grant a license to Microsoft. See the “User Voice Terms of Service” link below for more information.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy email profile to Outlook for iOS/Android

    Instead of deploying a policy to configure the native email client, we need to be able to configure the (awesome) Outlook app

    1,358 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      83 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
    • Force device check-in

      I feel like I'm unable to manage the devices properly when I can't force a device check-in. For instance, if I change a configuration I can't force the users device to check-in and tell him "Try now", instead I have to wait for the standard cycle to trigger the device and my response has to be "wait till tomorrow and see if it works, if not - tell me" and I have to do the same over again.

      I would also like to have a policy to change the default cycle like most MDM's have.

      491 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        24 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
      • No option to enter a WiFi password when creating a WiFi profile with wpa or wep security

        Pushing out an iOS WiFi profile that contains wpa or wep security is useless without a password. When I attempt to create a WiFi profile and select wpa (any type) or wep I does not give me the option to enter a password. We have WiFi password that is shared among multiple sites and we do not want to distribute it to employees so they can't use it to connect personal devices.

        Every other MDM I have used has the option to enter a password.

        Is this expected or is this a bug??

        This may be a make or break…

        298 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          23 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →

          I can confirm that this is now planned, though I don’t have details to share about timing right now. Thank you for your feedback, especially people who were willing to get on a call with us and tell us more about your scenarios. It made a huge difference!
          Cathy

        • 297 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            25 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
          • Conditional access for on premise exchange and Outlook App

            The below link was updated on the 17th of December. This still states that it is not possible with an on premise Exchange solution “The Microsoft Outlook app for Android and iOS (for Exchange Online only)”.
            https://technet.microsoft.com/en-gb/library/dn818907.aspx

            This is directly affecting our implementation of Intune throughout our organisation.

            The Outlook App is used by many users and this would be blocked if we implement conditional access.

            The business needs to know if this is going to be corrected in future updates or if we are going to have to look at alternative solutions.

            Thanks

            218 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              17 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
            • Manage iOS updates via MDM

              Manage iOS updates via MDM. Apple has supported managing iOS operating system updates since iOS9 was released. Please add this functionality to Intune. Without the ability to manage the iOS updates we have no way to ensure devices are kept up to date and are adequately secured with the latest iOS security and bug fixes.

              218 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                10 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
              • Geo-Fencing & Time-Fencing Feature

                The ability to apply/remove policies based on location that could be Country, Subnet, or even Wifi Network. Also, apply/remove policies based on time. For instance, disabling Facebook while on working hours and enabling it back out of working hours.

                205 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  15 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                • Software Inventory and Reporting

                  Today very limited reports exists for MDM, there is no report for software inventory on Mobile devices.

                  204 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    15 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                  • Samsung Knox Mobile Enrollment

                    It would be nice if Microsoft Intune supported enrolling devices with the Samsung Knox Mobile Enrollment.

                    It would be great feature to help enroll Samsung Android devices into Intune Mobile Device Management.

                    160 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      3 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                    • Deploy unique computer certificates using Intune/SCEP/NDES

                      We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

                      The story behind this idea is as follows:

                      We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

                      151 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        3 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                      • Ability to choose/configure Email client (i.e. Outlook) within mail policy

                        A menu that allows you to select the default mail app or the outlook client for the type of mobile device, perhaps once outlook is selected a selection of options appropriate to the application

                        150 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          29 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →

                          Since this has a lot of moving parts we’d like to get more detail on this.
                          1) • Do you want end users to be able to access corporate email only through Outlook app on iOS/Android/Windows10?
                          2) • Do they want to block all email access from any other 3rd party or native mail clients on mobile devices?
                          3) • Once the Intune mail profile goes down to the device – do you want to block the user from creating any manual profiles?

                        • Apple DEP with MFA Enabled

                          We have Intune included as part of our licensing with O365. Our company requires that MFA is enabled. This however does not work when using Apples Device Enrollment Program with Intune.

                          When a user has MFA enabled, when they are prompted for the username and password it is returned that the credentials are invalid.

                          We have tried to use an application password to work around this, however this does not appear to be supported either.

                          Ideally, as the enrolled DEP device is a known end point, while having MFA enabled, would it be possible to enable a logon to DEP/Intue…

                          140 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            7 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                          • Contacts in Local Phone

                            The Team of Intune and Outlook did a great job but we believe that there are still some limitations to overcome:
                            - We need the capability to sync determined objects to local OS native apps/phone without limitations, like Contacts through Outlook for iOS. Outlook for iOS, for example, is a good application that provides mail and calendar features. However, since the contacts are not synced to the native OS phone, calls/SMS are not recognized.
                            - We know we can use ActiveSync for contacts, however, in case of MAM, we wouldn´t allow ActiveSync in our mobile devices.

                            127 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              noted  ·  5 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                            • Kiosk mode to allow more than one app to be used for total lockdown environments (Android)

                              Kiosk mode to allow more than one app to be used for total lockdown environments. Currently only allows one app on Android and this is restrictive.

                              107 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                10 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                              • Allow blocking of iOS update

                                I want the ability to block updating to the newest iOS version. I have users who don't listen when I send out an email blast to not update their devices but I still get users who either don't read or just ignore the email. I want the ability to set the highest version that I want available and to disable updating to the newest version until I release it. Same type of deal as when I have to approve Windows updates.

                                100 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  6 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →

                                  We always have problems when it comes to updates and mobile phones because unlike desktop OS, the carriers have most of the control and the platform vendor has the rest.

                                  What we do offer now is the ability to use Conditional Access to block based on min or max OS version, so if they upgrade (even when you tell them not to) they can be shut out.

                                  There’s a brief reference in this blog post to releasing it in hybrid, https://blogs.technet.microsoft.com/microsoftintune/2016/01/06/coming-soon-support-for-new-windows-10-features-apple-vpp-for-business-and-more/ and standalone went live in the latest updates.

                                  What do you think – would you call this complete based on having some admin control, or would you hold out for the PC-like experience of blocking updates, even if it’s something that would have to come from someplace other than Intune?

                                • Include a prompt to the end-user during enrollment if it is a corporate/personal device

                                  Include a prompt to the end-user during enrollment if it is a corporate/personal device. So we later can deploy different certificates/wi-fi profiles, apps e.t.c to only corporate owned devices.
                                  Also make it possible to set this in the Company Portal

                                  94 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    1 comment  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Sync Exchange contacts with local device contacts

                                    To allow the use of SMS and caller ID,contacts contained within the Exchange ActiveSync contacts configuration needs to be accessible to the local device, the ability to configure a profile to just allow the synchronizing of contact or the export of contacts from the outlook managed app to the device is necessary. Email access cannot be allowed outside of the managed apps.

                                    88 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      noted  ·  4 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add a policy to prevent device unenrollment from Company portal

                                      Companies provide devices to their employees and generally wants to make sure that these devices will always remain managed through Intune. It could be interesting to have a policy that prevent users to unenroll a device identified as a company device from the Intune company portal.

                                      88 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        5 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Allow Device Serial Number

                                        Allow the use of Device Serial Number when assigning devices to a Intune Azure AD Device Group. We have thousands of iPads that are DEP enrolled and assiged the User-Agnostic Attribute. We also have multiple DEP profiles. These devices do not have users names or email addresses assigned to them. They all have the same device name also, i.e. iPad. Thus, there is no way to open an Azure AD Device Group and add a specific device to it because the only attribute(s) that make one iPad different from the other is: Serial Number, IMEI, or the Unique Identifier. None…

                                        71 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Support for Chromebook/Chrome O/S devices

                                          Support for Chromebook/Chrome O/S devices so they can be managed in BYOD scenarios, i.e. setup for Wireless, mail profile, security etc...

                                          68 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            2 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 16 17
                                          • Don't see your idea?

                                          Feedback and Knowledge Base