Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Update AD msds-isManaged flag or delete on premise device when device is remote wiped

    Enterprise customers leveraging AD Connect with Device Write back and ADFS for Access Control cannot block authentication from devices removed from Intune because it does not update Azure AD when the device is Remote Wiped.

    When a device is wiped in the Intune console, Azure AD should receive an update indicating that the device is no longer managed, this should sync to on-premise. Alternatively, the device object should be removed form Azure AD deleting the object from the On-Premise AD as well.

    This way, a compromised device cannot successfully authenticate to ADFS even though the admin has remote/wiped the device.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Hybrid Exchange on-prem and Office 365 deployments no longer supported with Intune?

    It seems that hybrid deployments of Exchange and Office 365 are no longer supported together in the latest version of Intune- we are currently doing an Intune rollout moving from Mobile Iron but now there is no support for using on premise and Office 365 outlook connectors- we were planning on moving to fully Office 365 but now this has hampered our migration strategy going forward.

    Are you currently developing this?
    Is there a release date?

    Thank you
    James

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add option to block Jailbroken/Rooted devices

    At my company and probably many others we have listed in our mobile device policy that jailbroken and/or rooted devices are not accepted. In Microsoft Intune's compliancy policy you can also state that an device is incompliant if it's jailbroken/rooted however its still accepted and it gets its certificate profiles and such.

    Is it possible to create an option within Microsoft Intune when an user tries to enroll an jailbroken and/or rooted device that they receive an notificiation that enrollment is blocked for jailbroken/rooted devices?

    it would make my job as Microsoft Intune responsible alot easier then playing policeman for…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add group(s) as a field in the Mobile Device inventory Report

    Right now there is no way to determine what group(s) the device belongs to in the Mobile Device inventory Report. So much for organizational reporting.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. mobile device fingerprint integration with Active Directory

    for corporate users with ADFS and Intune MDM, it would be great if we could move away from users having to regularly (weekly) enter their AD credentials and start using their fingerprint on devices where fingerprint reading is supported.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. add report or log which shows compliance Mobile Management in Office365.

    We have implemented mobile management and rolled out policies to IOS and non-IOS devices. However there is no report or log which shows compliance or any transgressions. At the very least, the Compliance Report should show this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow manually place device in quarantine

    Allow an administrator to manually place a device in quarantine in Intune standalone without needing to remotely selective wipe the device.

    Some circumstances may occur that you want to block access to corporate data. (virus, billshark, misusage device, based on inventory)

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Woudl like the service to automatically select custom Terms & Conditions based on the language used on the device.

    We know that we can have customized Terms & Conditions, and we know that we can assign these by user groups. What we want is to query the language used on the device and automatically select the appropriate, pre-loaded language. This would overcome any risk of the wrong language to be displayed if IT doesn't properly assign the right T's & C's based on the language used.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Kevin – are you asking for this for standalone Intune, or hybrid (ConfigManager+ Intune), or both? It’s definitely something we’ve been interested in doing. Configuration Manager currently does something similar with apps, where you can have metadata in multiple languages for the same app, and the client OS picks the right one. Intune standalone doesn’t have any type of language infrastructure. So I was curious which configuration you were most concerned about.

  9. OS X screensaver activation time is set wrong


    1. OS X 10.11, OS X 10.11.2 (at least)

    2. Apply policy that sets screensaver activation time to 1 (or 5)

    3. Apply policy that sets password lock time to 1

    4. Ensure Password Policy is downloaded (Settings -> Profiles -> Password ..)

    5. Go to Settings -> Screensaver

    6. Screensaver activation time is greyed out and shows "20 min"

    7. Wait for screensaver to activate.......

    I can reproduce this with at least two OS X 10.11.x devices I have for testing.

    Not to sound like a douche but I have currently 6 different tickets open with MS Support regarding various policies which do not apply correctly,…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Exchange Online Policy syncing issue

    We are facing delay(3-5 hrs) in replication after user is been added to security group , while removing from security group is immediate action within (5 min), need to minimize this time for this one way syncing issue -- waiting for Microsoft to debug this problem.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Full automatic Intune Exchange Active Sync configuration

    Hello,

    My company Exchange ActiveSync configuration uses :
    - user email
    - user password
    - Exchange Activesync server name
    - domain name
    - login name

    In order to have a full automatic Exchange ActiveSync configuration, I hope to have the following workflow :
    - to setup the Intune exchange configuration with user variables like for example $SAMAccountname, $password, $email
    - to set the "domain" parameter that is not an available parameter for now !
    - to set other parmeters like server name, ssl.
    - While enrollment, all Exchange configuration can be set automaticaly from a mix of fixed parameters (server…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Use a group to allow or block registering a device with Intune.

    I would like to have the ability to block users from registering a device or connecting to the Outlook app for mobile devices unless they are in a specific group. I can enforce compliance rules, but if they meet the compliance requirements they get in. I want to block all access unless they get final approval from management and then I can add them to the group that allows access.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, David, are you talking about standalone Intune, or hybrid with Configuration Manager? In hybrid you pick the group you want and configure that on the Intune connector, so for hybrid, we already have what you’re asking for. But not for standalone.

  13. CRM Online Compliance Policies

    I'd like to see a CRM Compliance policy like there is with SharePoint and Exchange.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Upgrading to New Device Allows Unmanaged Access

    I'm new to Intune and have confirmed with my 3rd party vendor the "feature" I'm about to describe is currently functioning properly. In my opinion this needs to change.

    I don't know the behavior with Android yet, this was only just discovered with an iPhone device.

    User gets new phone, backs up old phone, activates new phone, performs restore.

    The management policy did not get loaded to the new device, but Outlook app was installed. User was only asked for credentials and was then allowed unmanaged access to corporate email.

    I'm sure there are issues with how iPhones do restores…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Lync Configuration Profile

    It would be useful to have a configuration profile which can be used to automatically fill in users details to connect to Lync on Windows phones/iOS Devices

    Something similar exists for email already where you can set the users username as the SAM address etc

    But nothing for Lync

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Save Passwords in configuration profiles

    For iOS and 1 or 2 Android devices we can now push configuration policies. I want to be able to include the user password (as entered when signing into the Company Portal app for email, contacts, calendar, Outlook accounts.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. My Apps

    If you configure the "My Apps" application on iOS and you close and reopen the App; you need to reconfigure everything again

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Corporate Yammer in the Outlook app or pushed in an app group.

    In Outlook MS has added integration with OneDrive. I would like to add Yammer to this. Along with the ability to configure OneDrive and Yammer accounts from the Outlook app.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. retire/wipe and report

    It would be nice if I could instead of retire and wipe mobile devices at same time, to have the choice to either retire or wipe as well as retire/wipe. Also once the device is retired, I would like to run a report that would show me the devices that were previously managed by intune and who they belonged to, instead of losing that information

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Integrate Microsoft Intune with bing for geolocalization the device

    Many clients in projects, ask for me about how to localize the device, I think that this integration between Microsoft Intune and Bing It would be a very useful thing

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base