Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. issue and assign device based certificate

    InTune only assigns user-based certificates. Ideally it would be great if InTune could issue and assing device based certificates. This ensures that a unique certificate is assigned to the device. Other MDM solutions offer this because it is a more secure option. It also allows the ability to revoke a specific certificate as well as being able to clearly manage and track the device even outside of InTune for other services such as VPN connections.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Corporate device identifier custom fields and pre configuration

    We are currently running a MDM by another vendor and are migrating Intune. On our current MDM we can take a CSV and fill it full of custom columns. Then we query that list to have it automatically assign to groups, configure device names, and run actions against.
    Having this greatly reduces the amount of ongoing maintenance that is required by the system as most devices are pre-configured and assigned whatever they require. It would be great if this was built into the “Corporate device identifier” function.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. I would like to see containerization feature

    so that all things managed by intune come under one umbrella for User friendliness and easy to manged and apply the protection ,better separation of user personal data and corporate data,currently whatever apps,links are install via intune displayed on user screen rather than within one Intune container

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Is it possible to give a name to the device in the deplying proces, instead of heaving to deal with a given name the deployment proces gener

    Is it possible to give a name to the device in the deplying proces, instead of heaving to deal with a given name the deployment proces generated. We like to give the device a meaning name. We disabled the possibility to change the device name for a standard user (not admin). In the past there was an opportunity to change a device name in intune, but this opportunity has disappeared a half year ago.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Paging Capability

    The UN needs Intune to provide:
    1) Basic Paging or voice-to-voice and group live audio paging to Skype for Business users. All users of the system can participate in making and receiving basic pages.

    2) Advanced Notification or a full-featured emergency notification solution that gives the operator the ability to reach an unlimited number of Skype for Business users with text and live or pre-recorded audio messages. Its features include emergency call monitoring, recording and notification. When an emergency number is dialed from the central Intune portal, a text and audio broadcast can immediately be sent to the a team,…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Some IMEIs are coming up with spaces and the corporate identifiers only allow specif format of IMEIs to be uploaded so this causes issues

    Some IMEIs are coming up with spaces and the corporate identifiers only allow specif format of IMEIs to be uploaded so this causes issues with identifying corporate devices since the IMEIs don't match.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Assigning Default Enrollment Profiles based on Platform

    Now that Intune can assign a default enrollment profile (https://docs.microsoft.com/en-us/intune/device-enrollment-program-enroll-ios#assign-a-default-profile), we need a way of:

    a) creating different enrollment profiles based on platform type

    b) assigning these profiles (or not) to those specific platforms as default

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability for Intune admin to see the last run time as well as invoke a retry for all scheduled automation within Intune

    Currently there is a sync button that allows for an administrator to manually invoke a synchronization from the Apple DEP portal into Intune. However there are other automations that occur in Intune that ad admin does not have visibility to.

    I think that most actions which occur in the background on a scheduled basis that should have their run time displayed to the admins, and also should have a button to re-run the automation on an adhoc basis.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Notification/URL call when provisioning process is completed

    It would be great to have a kind of visual indication that "provisioning process" after an enrollment has been fully completed.

    This is because of following reasons :
    - when an employee enrolls his machine at OOBE, it is difficult for himself to know when exactly he can unplugs his device from network, while having his device "fully ready to use". This is to avoid stress that sth is still is progress, as asking employees to closely watch Task Manager (or Event Viewer!) for activity, is not sth realistic.
    - User certificate might be provisioned on the device using the…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. automated enrollment when staging PC's with MDT

    Automated enrollment when staging PC's with MDT would be a great feature. The possibility to add an extra step to an MDT task sequence. i know that there is a GPO for domain joined devices to auto enroll but for AAD only devices i don't think there is anything available

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add the feature to prevent the fraudulent use of security groups using different MDM Authority

    ■Description:
    We would inform you that there are customers who are using the environment with MDM Office 365 and Intune in parallel.

    Originally, it is not preferred to use the security group to multiple MDM Authority.
    Despite it, some of the customers have used the security groups to enroll in MDM Office 365 policy enrollment destination by applying Intune policies that had been used before.
    As a result, the unexpected behavior happened then the security group got damaged eventually.

    To prevent the fraudulent use of security groups using multiple MDM Authority, we hope the feature will be added that allows…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Automatically identify owner of device during enrollment.

    I am missing the ability to automatically identify the owner of the device during enrollment. It is most likely that the person enrolling the device is the actual owner of the device. The users have to go through a lot of steps to enroll their phones. To install apps from the company portal a user needs to be identified on the device. When this do not happen automatically, the user need to go through even more steps to install apps. I opened a ticked with Microsoft, but the case got resolved with the following note : This is by Design…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Make Device Limit Restriction work with AAD join

    Device Limit Restriction does not work with AAD join, only workplace join.
    Why seperate these and leave AAD join out of a great feature that already exist?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Antivirus status to Windows 10 Compliance Policies

    Large corporations who wish to enable a BYOD workforce may be hesitant to proceed without more device compliance options in order to grant or deny access based on a devices compliance status.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Implement the functionality to unblock the Intune registered devices.

    I would like to inform you that another company's MDM service have the availability to unblock by users arbitrary and remove the registered devices by the administrator after approval as well. However, there is no function available that can be controlled to remove the registered device in Intune service so far.

    In order to continue operating smoothly when transferring to Intune, please implement the functionality to control the Intune registered devices as well.

    Thank you for your consideration.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Disable USB access to Phone

    Disable USB access to Phones, so that corporate phone can be secured.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. reset password in windows logon computer registerd in hybrid azure ad

    There is a great functionality in the resent release version of Windows 10 (1709) that allows in a computer registered in Azure AD Join change the password from the Windows Logon Screen, anyone knows what kind of restriction presents to doesn't allow it in a computer register as Hybrid Azure AD, When we can have this option available, waiting for your comments,

    Recards
    Camilo Narvaez

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to remove/customize which pages are displayed when enrolling

    We’d like the ability edit/remove the language (or just the option to remove the pages individually) on the first two pages of enrollment, "Set up Company Access" and "What can Company see?”.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Can you attach a screen shot of what you want to change, on all platforms you’d want to change it? Some screens in enrollment are controlled by the Operating System and some aren’t, so it helps to have pictures. Or if not that, if you can include the exact text for each platform, that would work.
    Thanks!

  19. Client updates status, without needing extra agent or service

    WUfB updates
    Intune update policy
    not MOMS but Intune for update status from our clients

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Only Allowed Users based on AD Group, the ability to enroll in Intune

    It would be nice to be able to only allow users who are in a specific AD group (ex. Mobile-Access), to have the ability to enroll in Intune. All other users would not be allowed to enroll in Intune.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base