Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Corporate vs Personal Device Tagging - automatic

    Have a configurable default for a device to be registered as Corporate (without having to do IMEI upload / DEP / etc). As it seems, to get all the inventory I want/need, I'll need to tag every device as corporate owned, regardless if the user brought it in as a BYOD.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Intune API Create Notification Templates & Locations

    Extend the Intune Graph API extend to allow the creation of Notification Templates via JSON, as it appears these can only be created in the Azure Portal at the moment. The same for Locations too:

    https://docs.microsoft.com/en-us/intune/actions-for-noncompliance

    You can presently link to existing NotificationTemplateIDs but not create a new template (as far as I can tell):

    https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/api/intune_deviceconfig_devicecomplianceactionitem_create

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Distributing an In-House documents, Intune doesn't have feature available that company can share their documents to end users on ios devices

    Make in-house documents available in self-service for the user to Install using Microsoft Intune. Documents like knowledge sharing for example or any pdf files which IT administrator can share on end devices.

    Thanks,

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Intune side loading of apps to Android for Work profile for development use

    With the device admin deprecation ensuring the adaptation of Android for Work the requirement to test applications within their Android for Work environment will become ever greater. Currently the only way to deploy an app to the AfW profile on Intune is by deploying via the Play Store. When developing an application it is not practical to do this for every time you wish to test your app. For testing and developing apps that make use of conditional access and security related features of Intune's protection it is important to have the ability to side load apps via USB to…

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Force Application/Policy Updates

    I need to be able to force application and configuration updates on devices, and not wait for the timers. Even through a "Sync" button was put in place, it still doesn't seem to invoke any immediate update to the devices.

    Since all of our devices are supervised and we control apps via VPP, if for some reason they don't get an app update, I have to either set the app to uninstall for the group and then reinstall, or reset the device (and then wait for the device to reconfigure).

    Optimal outcomes:

    1. A "Install Now" button that will immediately…

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Deploy printers

    Give us the option to deploy printers with Intune

    697 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    29 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    You can deploy AirPrint settings for Mac and iOS – https://docs.microsoft.com/en-us/intune/air-print-settings-ios-macos

    You can configure some printer settings under device restrictions for Windows 10 – https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10

    But I’m hearing from a few people that this still doesn’t really help users get to local printers, and that seems the original intent. (@Henrik, if you’re getting this, please weigh in!)

    We won’t call this one complete. I’m switching this to “noted”, meaning we know you want it. Thanks again for the feedback!

  7. Enable MDM Device Configuration Profile settings to "Reset to Default" not just "Not Configured"

    System: Intune on Azure portal

    If you push a setting out you are mostly given two options: a [Block]/[Not configured] or [Allow]/[Not Configured]

    Solution: There should ALSO be a choice to [Reset to device default]

    i.e. [Allow]/[Not Configured]/[Set to default]

    Example Scenario:
    Create Windows 10 device restriction profile, in "Settings -> General->Manual unenrollment" you can set [Block] or [Not Configured].

    If set it to block, wait for it to get applied.
    Then you change the value from [Block] to [Not Configured] the "Block" still applies because [Not Configured doesn't SET anything, it just leaves it as is, which is currently…

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Device Compliance policy support Windows Edition

    Please support WIndows edition with compliance policy. Because there is no way to eliminate the Home Edition now. I would like to have access control by dividing Home, Pro, Enterprise

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe.

    Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe. Currently these buttons are right next to one another and it is very easy to accidentally perform a full device wipe (factory reset) on a user's personal device - losing all data, versus the intent of just wiping the company data. Consider putting the "Factory reset" button in the "..." more section -- away from the primary choices.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Users to be automatically signed into the Company Portal App after enrollment from DEP.

    From Out-of-Box, After enrolling into Intune and having Company Portal deployed as 'required', it would be good if users where automatically signed into the Company Portal App and skip the need for a secondary login phase.

    I don't know the purpose of this.

    It should know whether or not the device is Manually or automatically enrolled.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Repeated EMS/Intune trials in same AAD please

    I had a 90 day EMS trial so I could do some blogging and presenting at UGs and conferences. My trial expired, I seemingly can't have another one. I see lots of similar suggestions from 2015 which were noted but it seems no easier other than we now have 90 days not 30. I have MSDN Enterprise so I can trial any MS product I like for as long as I like with repeated installs - except EMS.
    I checked with some MVP friends, they each have a full license. How are non-MVPs expected to test, blog, speak and promote…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Set DefaultApps only once with MDM Intune CSP Policy

    When setting default apps with the Policy CSP - ApplicationDefault, it's permanent.
    https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults

    If a user changes default PDF reader, it will be set for that session. If user gets logged out, or reboots the machine, the default from this CSP Policy will be applied again.

    I want to be able to set default apps just once, and later let the users configure their devices as they please. Freedom of choice etc.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Provide the availability of Location Provider to the Devices from Intune.

    If the other than [Lost Mode] in Monitoring Mode via iOS, I hope the feature will be implemented that enables setting the Location Provider to the devices by Intune.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. support Linux MDM like OS X

    Could we have a Linux MDM like OS X?

    309 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Option to delete device from AAD when deleting it from Intune and automate lifecycle

    We use the option to automatically join a device to MDM when performing joining it to AAD. Currently when we delete a device from MDM, it is automatically removed from MDM (and the device certificate is revoked in our PKI). However we still need to manually remove the device from AAD. We would like an option to also automatically remove the AAD registration. It would be great when it was also possible to clean the registration from the Off365 Office Installs (portal.office.com/Account#Installs). Adding rules to automatically cleanup inactive stations (eg based on #days inactive or user account disabled) also eases…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow bulk device wipe and removal from Intune

    Intune currently requires that the Admin clicks through several dialogs and prompts in order to remove company data and then remove the device. When there are twenty or hundreds of devices, this can be time consuming

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make sure outlook is the only approved mail client

    Even though we have conditional access and MAM on all users, everyone can download Edison mail client and access their mail without enrollment.

    If we wish to restrict users from using Edison mail client, we have to disable EWS but then we lose access to other exchange online features, so we can´t do that.

    Microsoft says in their product commercials that you can restrict all other mail clients other that outlook, but I don´t see that is true since Edison mail client is able to connect. Try it yourself.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add Firewall enabled status to Windows 10 Compliance Policies

    Large corporations who wish to enable a BYOD workforce may be hesitant to proceed without more device compliance options in order to grant or deny access based on a devices compliance status.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Preview of notifications on lock screen iOS/Knox

    It would be a great Security benefit if we got the ability to Block Notifications from showing preview content on the Lock screen. MFA one-time codes and preview of emails are readable from the Lock screen.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Mail Notification for Enrolled Devices

    I would like the ability to configure a mail notification when a new device is enrolled on the Intune portal. This will allow the admins to quickly categorise new devices as soon as they are enrolled.

    101 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base