Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Log Analytics-intune

    log analytics- add intune app data and device configuration policy data so that we can create dashboards to show for groups of users what apps they have installed and for those same groups of users the compliance policy status.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enrollment Restriction Allow/Block/Not Configured

    Add "Not Configured" to Enrollment Restrictions settings on all "profiles" except the default.
    This will allow us to make group-based restriction, for example:
    Default allow only Windows (MDM)
    If part of group "Android MDM" then the user can enroll Android phones
    If part of the group "macOS MDM" user can enroll macOS device.
    If the user is part of both groups then macOS and Android can be enrolled.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Preventing Factory Wipe Loophole

    As far as I can see, there is no way to prevent users from factory wiping iOS managed devices. In our environment, we are using DEP to enroll our devices, and then have device restrictions that prevent the user from performing a factory wipe from the Settings. However, if a user puts in an incorrect PIN, the device will factory wipe. I do not see a way to turn this off, only to adjust the number of incorrect PIN inputs from 2-11. Can there be an option added which will allow the device to be locked instead of wiped?

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. a way to search the corporate device identifiers list also by description not only by the code of the device

    give us a way to search the corporate device identifiers list also by description not only by the code of the device, with filters and sorting also on the description it would be easier to manage the device lists

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Policy Sets should support all object types

    The policy sets are a very cool feature but do not support some object types which would be really helpful:
    - PowerShell Scripts
    - Win32 and MSI Applications
    - Security Baselines

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide the feature to deploy third-party wildcard cert or self-signed cert to Android via Intune

    Trusted certificate profiles have always been meant for Root and Intermediate CA certificates. Can we make it available to use Intune trusted cert profile to deploy 3rd wildcard cert & self-signed to devices?

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Include column for last logged on user and last logged on datetime in All Devices blade.

    Please include the user's UserPrincipalName that last logged on a device and the last logged on in datetime in the columns of the Windows devices blade (https://endpoint.microsoft.com/#blade/MicrosoftIntuneDeviceSettings/DevicesWindowsMenu/windowsDevices).

    Preferably also viewable on the device blade itself, together with the Primary user and Enrolled by user.

    This data is already available in Microsoft Graph: https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-loggedonuser?view=graph-rest-beta

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Automatically group devices

    Hi Team of Microsoft,

    I hope in this momento you are well.

    I have a question

    ¿How can I group devices in intune automatically and not manually if you have almost 8000 mobile devices distributed in 80 groups,
    without using the device category option?

    Thank you for your help

    Greetings

    Zoi!!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. to have information about classification of application (4+,12+,17+)

    have the classification of an app to be able to filter (for example in discovered app ) to see if users installs application 17+
    and to do somes kpis..

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Intune Device exports fewer columns

    Previous exports fielded over 30 columns. Has anything changed recently?

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Disabling an Intune user or removing the license should automatically trigger a device retire

    Because we are a big company several users leave the company each month. The user will be disabled and the Intune license will be removed automatically. This also breaks the connection between Intune and the device and unfortunately the company data like mails, calendar and contacs are still remaining on the device. Because of broken connection between Intune and the device it's not possible to trigger a manual retire of business data and must be done directly from the device. The same situation exists if a device will be deleted in Intune without doing a retire or wipe before.

    It…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. It would be good if more languages are available

    Multiple languages which are most speaking languages around the world.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Gui Intune Backup

    Please make a way in the GUI to backup individual or all device configuration profiles and security configurations. This should be available in the commercial and government cloud. I want to be able to create offline backups of my configurations within Intune and import them in to any one of my tenants.

    Currently Using third party powershell modules it is possible to back up configurations using Graph on the commercial side but it is not possible to do on the gov cloud. This is a painful process and I don't like having to resort to third party PS modules.

    I…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Auto update the enrolled devices ownership based on corporate device identifiers

    The corporate devices identifiers listed before devices enrollment allows them automatically flagged as owned by company : Ownership = "Corporate".

    The enrolled devices ownership are also well flagged for devices enrolled by using Apple DEP, Samsung Knox or other corporate programs.

    Update the enrolled devices ownership is a manual task and can only be performed for devices one by one (no bulk capabilities) unfortunatly.

    A soft-match capability between "listed corporate devices" and "enrolled devices details" will be very helpfull and a good improvement from Intune.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Do not auto install iOS LOB apps upon update of exiting application when set as "Available"

    If you deploy an iOS LOB app as "Available for enrolled devices" the user needs to go to company portal to install. However, once that application is deployed and you update it, it then automatically deploys without prompting of user. This will disrupt someone using the app and force the new version. This does not happen with Android devices. If set as "available" and not "required" it should respect that attribute always.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Corporate & Personal policy on a single user

    It looks like there is a limitation on Intune with a user based policy. If a user is setup with a user based policy to have access to our corporate data on a work phone, that same user cannot have access to emails on a personal mobile phone.

    We have tried to differentiate Corporate policy and Personal policy in Intune. One user is allowed to have a work phone with the Corporate policy is applied through Intune. That same user would like to have emails on their personal phone, but Intune does not recognise this ownership as personal.

    Ideally, there…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Describe the details of "Failed" in "Restricted apps"

    When "Prohibited apps " is set in "Restricted apps" in iOS device restrictions, if "Prohibited apps" is installed, the profile status becomes "Failed".
    There are no details of "Failed",so it is difficult to understand why it fails.
    Could you please describe the details of "Failed" ?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Trigger Webhook or Microsoft PowerAutomate/Flow when Device is non-compliant

    Currently only a mail can be sent to the admin or end-user which only contains generic information, not even what is not compliant. Several customers have the request to generate a ticket in their management tool. It would be great if a Flow can be triggered with a payload of at least User, device name, non compliant settings.
    With that the customers can create ticket, improve mails to the customer or even create some automatic remediation tasks.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Dynamic Device Categories

    It would be nice to be able to automatically set category during enrollment based on other criteria such as the user job title, department or just by the upn.

    By doing this the user does not need to select category manually and we can automate groups and profiles based on this.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base