Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Setup a notification message for intune to inform system admins about the expiry date of Apple APN certificate.

    Allowing the Apple iOS APN certificate to expire causes a lot of headache to system Admins, the users will have to enroll devices again. so there should be a notification option to remind admins to renew. and the notification (email, SMS, popup notice,...) should occur at least a month in advance.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add a policy to prevent device unenrollment from Company portal

    Companies provide devices to their employees and generally wants to make sure that these devices will always remain managed through Intune. It could be interesting to have a policy that prevent users to unenroll a device identified as a company device from the Intune company portal.

    977 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    87 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Intune needs to flag on-premises services such as Exchange as corporate data

    Intune is able to recognizes online services such as Exchange Online and Skype for Business as corporate data. However when using on-prem services such as Exchange, Intune does not see this as corporate work data. This does not allow you to have the data encrypted and selectively wiped.

    Surely Intune is intelligent enough to pick up that a account that it was enrolled with and then used in a managed application is corporate,

    Please add this feature so the mobile management can be consistence across on-prem and cloud,

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Intune PC enrolled as Mobile device - Unable to Generate Harware Information, Updates information and Malware Information.

    I know Microsoft still has not rolled out feature for PC enrolled as mobile device in Intune to Generate Hardware, Updates and Malware Reports. We need this data as part of compliance and status check. Currently we are only using Intune and we would like to know when this feature will be rolled out for end users. Checked with Microsoft support team and they do not have an ETA when this feature will be available. Please keep us posted on when this feature will be available.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. "Device cap reached" error message - No devices enrolled

    User gets error device cap reached, but Intune admin consol and Azure AD shows 0 devices.

    Error is caused by the device trying to enroll 5 times without succeeding. The user is then capped until MS Intune server que is purged.

    This must be a design flaw.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Intune's policy "Number of repeated sign-in failures to allow before the device is wiped" is not woking.

    I’m testing Intune’s policy "Number of repeated sign-in failures to allow before the device is wiped”.
    It is not working properly.


    • Windows 10 Client is just reboot, not wiped.

    • When change number of setting, number before reboot is changed but just reboot.

    • After remove policy, windows 10 doesn’t require reboot with many sign-in failures.

    Environment is below
    * Tested Windows 10 build is 10586.494
    * OMA-DM based management.
    * Intune environment is just created for this test(evaluation)
    * Windows 10 device is workplace joined.
    * Just remote wipe command is working fine..

    Anyone have idea about this?
    I suspect this…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Retiring and deleting devices takes way too long

    When working with a user on the phone, and we need to retire and reenroll a device, the process of retiring takes a very long time, which becomes frustrating for not only myself, but for the user who wants to get their problem resolved and get back to work. Please work to improve the speed for operations like this within the console,

    316 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    25 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China

    Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China. This is confirmed by Microsoft Support and escalation team. As per replied "This is due to Chinese government policies, this function is not fully functional in mainland China. Therefore the service cannot be guaranteed to work with all features".

    Unfortunately if a Enterprise Mobile Device Management solution cannot even effectively and reliably remote wipe a Corporate device when it is lost, which is instrumental and basic for managing Corporate mobile devices, it cannot be branded as a Enterprise MDM solution. We will now…

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ping feature

    Insert a feature which allows you to "ping" devices from the Intune console, so you can verify if a device is reachable (e.g. for a sync).

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Intune email alert to admins on user device enrollment

    Provide ability to create email alert to admins when a user enrolls a new device in Intune. This will allow admins to be notified and then make sure the device has been added to the proper Intune policies. It will also allow for security tracking on new devices that are being added to the environment for accessing Office 365.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Changing status to Noted since Heena is a PM on the team. Also, bumping her question so it will go out to supporters:

    Can you please elaborate on how Admins plan to target policies to these devices? Will they do user targeting or device targeting? If user targeting, can they target these policies to the user group prior to any devices being enrolled?

  11. BYOD - Changing Intune Device Enrollment Limit to 1 for only a few users in Intune while allowing other users to enroll upto 5 devices.

    We know by default in the intune tenant we can define “Mobile Device Enrollment Rules” that can allow up to a Maximum of 5 devices per user to be enrolled into intune. So in BYOD scenario the users are able to enroll up to 5 devices into Intune.

    So in this BYOD scenario, sometimes we want to allow only certain users or User group to be able to enroll their devices but just 1 device into intune not 5 devices. While other users should be able to enroll up to 5 devices as configured under “Mobile Device Enrollment Rules” in…

    113 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Push encrypted content to device

    Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

    In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

    228 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    20 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. allow device pairing with iTunes

    There is no option to allow device pairing with iTunes. This is a problem whe you have more that 500 iphone managed with apple DEP program and some of these device need to use Itunes...

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Provide a method for changing Web Clips after deployment

    We deployed a web link to our managed Android tablets and now need to change the URL in the web link. It appears that we can not edit the link OR force remove the old web link and push out a new one. Please provide this functionality as right now our only option is to un-enroll the tablets and re-enroll them.

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Remove duplicates

    Every time when you rebuild (reinstall Windows and Intune client) a corporate PC witch was already managed by Intune a duplicate computer record is added to Intune database. Now we manually removing duplicates every month. Can you automate it?

    301 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  16 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Use of nested security groups in O365 MDM

    With a synced environment the use of nested security Groups would be usefull.
    I open already a Case for this and the answer is that is not supported in the Moment.
    Maybe you can Support it in the future.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. URL Filtering on PCs

    URL filtering on Mobile devices , Laptops, PCs

    since Intune has endpoint protection. we would like see a URL filtering function on the PCs /laptops and Mobile devices where Intune client should be able to block or allow websites defined in the policy.

    we are able block or allow website while the devices are on local network, but when it come to laptops, it is always moving with users so we don't have the control on it.

    currently url filter function is available in TrendMicro but it has limitations.

    Please consider this URL filter function for the future

    91 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Create a folder on the mobile device for company apps

    I would like to be able to create a folder, then install all my company managed apps into that folder. Keeping all company apps in the same location makes it easier for the user to find and easier for the help desk to support.

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Set a device as corporate/personal from the console or AD using AD Writeback.

    Currently a device needs to be pre-enrolled by IMEI/Serial or enrolled by a Device Enrollment Manager to be a corporate device. As this is just a flag in Intune, we should be able to toggle Corporate/Personal after enrollment. Preferably via some sort of API, but possibly through AADConnect/AD.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable ability to deploy internal PKI Certificates to devices via Intune

    Currently the architecture to deploy certificates to devices requires you to have the infrastructure in-place to do external certificates requests to the internal NDES. Typically done with multiple WAP's. Other competing products do not require this. They manage the certificate request process for you using its connection to your internal network. Intune should be able to proxy this request of do the request on behalf of the device and send it to the device as part of normal synch process. This would eliminate unnecessary hardware which is the whole reason of using cloud services.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
1 2 9 11 13 16 17
  • Don't see your idea?

Feedback and Knowledge Base