Microsoft

Microsoft Intune Feedback

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos which you do not want to grant a license to Microsoft. See the “User Voice Terms of Service” link below for more information.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 451 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      40 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    • Conditional access for on premise exchange and Outlook App

      The below link was updated on the 17th of December. This still states that it is not possible with an on premise Exchange solution “The Microsoft Outlook app for Android and iOS (for Exchange Online only)”.
      https://technet.microsoft.com/en-gb/library/dn818907.aspx

      This is directly affecting our implementation of Intune throughout our organisation.

      The Outlook App is used by many users and this would be blocked if we implement conditional access.

      The business needs to know if this is going to be corrected in future updates or if we are going to have to look at alternative solutions.

      Thanks

      282 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        23 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
      • inventory of -all- installed software not just the software deployed through Intune or from the Store

        Today very limited reports exists for MDM, there is no report for software inventory on Mobile devices.

        270 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          19 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

          Hopefully by now you’re seen our Data Warehouse feature that released recently. You can now get this data in console under Mobile Apps → Monitor → Discovered apps.There’s a table exposed in the data warehouse applicationInventories that exposes the same data.

          We also have a listing of all managed apps and their installation status under Mobile Apps → Monitor → App install status."

          Does that get you what you need? If not, what’s missing?

        • Add a policy to prevent device unenrollment from Company portal

          Companies provide devices to their employees and generally wants to make sure that these devices will always remain managed through Intune. It could be interesting to have a policy that prevent users to unenroll a device identified as a company device from the Intune company portal.

          219 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            21 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
          • Deploy unique computer certificates using Intune/SCEP/NDES

            We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

            The story behind this idea is as follows:

            We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

            206 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
            • Deploy printers

              Give us the option to deploy printers with Intune

              150 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
              • Extend the SCEP enrollment profile with additional Active Directory attributes

                At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

                119 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                • Allow Device Serial Number

                  Allow the use of Device Serial Number when assigning devices to a Intune Azure AD Device Group. We have thousands of iPads that are DEP enrolled and assiged the User-Agnostic Attribute. We also have multiple DEP profiles. These devices do not have users names or email addresses assigned to them. They all have the same device name also, i.e. iPad. Thus, there is no way to open an Azure AD Device Group and add a specific device to it because the only attribute(s) that make one iPad different from the other is: Serial Number, IMEI, or the Unique Identifier. None…

                  116 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                  • BYOD - Changing Intune Device Enrollment Limit to 1 for only a few users in Intune while allowing other users to enroll upto 5 devices.

                    We know by default in the intune tenant we can define “Mobile Device Enrollment Rules” that can allow up to a Maximum of 5 devices per user to be enrolled into intune. So in BYOD scenario the users are able to enroll up to 5 devices into Intune.

                    So in this BYOD scenario, sometimes we want to allow only certain users or User group to be able to enroll their devices but just 1 device into intune not 5 devices. While other users should be able to enroll up to 5 devices as configured under “Mobile Device Enrollment Rules” in…

                    78 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Retiring and deleting devices takes way too long

                      When working with a user on the phone, and we need to retire and reenroll a device, the process of retiring takes a very long time, which becomes frustrating for not only myself, but for the user who wants to get their problem resolved and get back to work. Please work to improve the speed for operations like this within the console,

                      66 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        14 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                      • Software Inventory for mobiles

                        As of today, there's no option for admins to view the currently installed apps on devices. only the ones that were installed via Intune. black\white listing doesn't really help because they are only after users has enrolled their devices. everything that happens before the enrollment doesn't show up.
                        this area requires an improvement

                        55 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          7 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

                          I’m moving this into ideas, since it’s something that doesn’t exist and could be considered. but one of the problems we run into is whether or not the operating system will let us tell what apps are installed. The OS can consider that privileged information and it may not let the management service know what is installed outside it’s sphere.

                          Then there’s whether the OS will let us actually prohibit an app as opposed to just telling you which devices have apps you’ve blacklisted. We work very closely with the manufacturers of the mobile OSs – we can ask, beg, tell them how much it hurts users – but at the end of the day, the OS manufacturer still makes the final call.

                          (This includes Windows and Windows Phone, by the way – even though we are “One Microsoft”, we are still different groups and priorities can vary when it…

                        • Copy files to mobile devices

                          Hey

                          Create feature to deploy files to devices.

                          I really need this feature on Android devices

                          52 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                          • The ability to block specific dangerous / malicious applications

                            The ability to block specific dangerous / malicious applications for iOS and Android. (competition can do it)

                            51 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              noted  ·  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Selective Wipe for Azure AD Joined devices

                              Please add the option to do a selective wipe on Azure AD Joined/Workplace joined devices.

                              Azure AD Join and MDM auto enrollment are enabled with Intune and Azure AD Premium. When a Windows 10 Mobile is started for the first time (OOBE) it is possible to “Sign in with a work account” to join Azure AD and auto enroll in Intune. (https://technet.microsoft.com/nl-nl/itpro/windows/manage/join-windows-10-mobile-to-azure-active-directory#how-to-join-windows-10-mobile-to-azure-ad). When a Windows Mobile device is configured this way Single Sign On works for Mail, Calendar, Edge and the Business Store, which is great. But when the Selective Wipe option is initiated from Intune it does…

                              47 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Mobile data monitoring and reporting

                                Nowadays with the amount of mobile data consumed by mobile devices only seems to increase, it would be great if Intune was able to monitor and report on mobile data usage across Mobile/Wifi and Roaming zones for each mobile device Intune manages. Windows and Android have this built into their OS's and iOS has a very good third party app you can use which works great.

                                It would also be great if this was supported for both Intune only and SCCM hybrid environments, perhaps with a dashboard or at least some decent SSRS reporting.

                                47 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  noted  ·  0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Push encrypted content to device

                                  Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

                                  In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

                                  39 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Event trigger to change policy like Camera on/off when on/off duty

                                    Anxiously desired feature to change policies triggered by event like NFC, Bluetooth, GPS, geo fencing or even an managed app. This is the TOP 1 frequently asked functions in BYOD scenario where employees needs to work in control area like manufacture, foundry, factory with IP rights protection. For example, IT needs to disable employee's camera on their BYOD cellphone in control area, but need to enable camera while employee is off duty leaving control area. Two management profiles locally and if the switching can be triggered by NFC/Bluetooth/managed app button may be needed to avoid users having no constant internet…

                                    39 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

                                      I’m not understanding the part about being triggered by NFC/Bluetooth/managed app button. Are you thinking users would swipe in or out with their phone? We’ve been discussing various geofencing and geolocation scenarios. Could on duty/off duty be a function of timing? Or timing plus location?

                                    • Delete Stale device records after a period of time

                                      I have devices that have not contacted intune in more than 300 days due to the devices being reinstalled or retired. There is a significantly large number. Give the ability, preferably automated, for devices to be removed from the DB after a predetermined number of days so that all the reporting fro licenses, malware, os, patches etc show data that is a little closer to correct.

                                      37 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Microsoft Intune NDES Connector with Symantec Managed PKI

                                        Enable Microsoft Intune NDES Connector to work with Symantec Managed PKI. This applies also for Configuration Manager NDES Connector/CRP.

                                        This is an imported feature request for large Enterprise customers, particular in financial industries. This request is on behalf of some Enterprise customers (25K) and Microsoft Alliance Partners

                                        34 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Mail Notification for Enrolled Devices

                                          I would like the ability to configure a mail notification when a new device is enrolled on the Intune portal. This will allow the admins to quickly categorise new devices as soon as they are enrolled.

                                          32 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 9 10
                                          • Don't see your idea?

                                          Feedback and Knowledge Base