Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Use of nested security groups in O365 MDM

    With a synced environment the use of nested security Groups would be usefull.
    I open already a Case for this and the answer is that is not supported in the Moment.
    Maybe you can Support it in the future.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Setup a notification message for intune to inform system admins about the expiry date of Apple APN certificate.

    Allowing the Apple iOS APN certificate to expire causes a lot of headache to system Admins, the users will have to enroll devices again. so there should be a notification option to remind admins to renew. and the notification (email, SMS, popup notice,...) should occur at least a month in advance.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Selective Wipe for Azure AD Joined devices

    Please add the option to do a selective wipe on Azure AD Joined/Workplace joined devices.

    Azure AD Join and MDM auto enrollment are enabled with Intune and Azure AD Premium. When a Windows 10 Mobile is started for the first time (OOBE) it is possible to “Sign in with a work account” to join Azure AD and auto enroll in Intune. (https://technet.microsoft.com/nl-nl/itpro/windows/manage/join-windows-10-mobile-to-azure-active-directory#how-to-join-windows-10-mobile-to-azure-ad). When a Windows Mobile device is configured this way Single Sign On works for Mail, Calendar, Edge and the Business Store, which is great. But when the Selective Wipe option is initiated from Intune it does…

    106 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add ability to run a report for a specifc period of time

    Most reporting I have seen allows you to run a report for a certain period of time.

    This needs to be added. Especially when people are tracking enrollments it would allow you to run a report on a specific day, week, month, or whatever.

    This is a pretty basic part of reporting and would be great if it could be added.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Split activation time and date into two separate columns in reporting

    When running a report on all the users that have been added to Intune I see the EAS activation time column. Since that column has the date and then the time, unless you do some manipulation to the data in Excel you can't sort it by date of activation.

    This could be easily fixed by splitting the columns into EAS Activation Date and EAS Activation Time.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Option to disable renaming mobile device

    Renaming mobile devices is great for user experience, but in some scenarios it will be great that default name should be not allowed for easy recognition from administrator side.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ping feature

    Insert a feature which allows you to "ping" devices from the Intune console, so you can verify if a device is reachable (e.g. for a sync).

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Intune's policy "Number of repeated sign-in failures to allow before the device is wiped" is not woking.

    I’m testing Intune’s policy "Number of repeated sign-in failures to allow before the device is wiped”.
    It is not working properly.


    • Windows 10 Client is just reboot, not wiped.

    • When change number of setting, number before reboot is changed but just reboot.

    • After remove policy, windows 10 doesn’t require reboot with many sign-in failures.

    Environment is below
    * Tested Windows 10 build is 10586.494
    * OMA-DM based management.
    * Intune environment is just created for this test(evaluation)
    * Windows 10 device is workplace joined.
    * Just remote wipe command is working fine..

    Anyone have idea about this?
    I suspect this…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. There should be REST or SOAP API with Service Now Integration(intunes with Service Now Integration)

    Hi Team,

    As per me there should be REST or SOAP API in intunes with Service Now Integration.

    Now a days its the time of automation.

    Lot of things can be performed from service now itself but for that there should be predefined functions in intunes.

    Also in intunes there is on premise feature but it can be accomplished with SCCM only,as per me inbuilt feature should be there.

    Also Geo fencing feature is missing in intunes.

    Lot of things are there which I can suggest to microsoft.

    Thanks & Regards
    Sagar

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Introduce MDM patterns

    I would suggest to introduce standard (settings) patterns for small customers like us (in my opinion the number of settings, the impact of each of the setting and the potential interference with other settings is much too big and too complex).
    Another option is to introduce wizards to define settings for the different types of devices by asking whether or not a device type is allowed and with what level of security (low/medium/high) predefining a number of standard settings.
    I think that will help in reducing the potential number of incidents and requests.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Adding users to Mobile Device Management Issue - Enrollment Problems

    Hi

    We are in the process of setting up Office 365 Mobile Device Management. We've created a MDM policy, created a security group and associated this group with the newly created MDM policy. We have added about 10 users to run as a pilot test.

    There has been a number of scenarios which have occurred whilst setting end user devices up.


    1. Add the user to the security group associated against MDM policy. The user receives the enrollment email, and email stos syncing with Office 365 mailbox on device until they successfully complete the enrollment process

    This is what you expect…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. "Device cap reached" error message - No devices enrolled

    User gets error device cap reached, but Intune admin consol and Azure AD shows 0 devices.

    Error is caused by the device trying to enroll 5 times without succeeding. The user is then capped until MS Intune server que is purged.

    This must be a design flaw.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. We would like to be able to wipe EAS profiles on devices remotely using selective wipe

    We'd like to be able to remove EAS profiles from mobile devices that are associated with the user / device that we are retiring from Intune. Currently this works only with iOS, and only if the profile was pushed down as part of policy. We'd like to be able to remotely wipe EAS profiles created by the user in the native mail app, based upon the domain name when doing remote selective wipe. Currently the only option is either the 15-step Exchange, export, delete, re-sync, block, change password option, or the full wipe, which customers will not tolerate.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Extend the possibility to control CSR Information in certificate profiles

    We need more granularity when it comes to Certificate Profiles for instance many companies have Cisco ISE on their network and depending on the information that the certificate presents to the ISE Instance the client is put in a network segment. As we only can Control common name we are not able to segment devices due to this. Adding more Templates doesnt help as the common name would be the same.

    So an example could be that you make it possible to control the the OU attribute (or any other) to make it possible to configure different attributes per Certificate…

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Unable to remove a user from O365 MDM

    After testing O365 MDM, we removed all policies, devices and users from the MDM group that was created for testing. However, 6 months later, the test user is still being prompted to enroll in MDM when logging into OneDrive for Business app on any mobile device. I opened a support ticket and they put the user back into the MDM group and put the group into the global MDM policies exception list. That stopped the alerts to the user to enroll but said that you cannot remove a user from O365 MDM once they have been enrolled previously. So now…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, Glen, I talked to our engineering team and they said that doesn’t sound right – if you take the user out of the group, the policy should not be applied and the user should not get prompted to enroll. (And much as we’d love you to buy Intune, we don’t want you to do it just to resolve this issue!)

    Would you be able to give me the support case number so I can look into this?

  16. Outlook Mobile should be part of Selective Wipe

    Outlook Mobile should have company data wiped with Selective Wipe feature.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Deploy a user certificate with approval

    I can deploy user certificate by using Intune, SCCM, my CA and NDES server, but my security rules determinates that all user certificates must be approved by security team. Pleas add such funkcionality.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. allow device pairing with iTunes

    There is no option to allow device pairing with iTunes. This is a problem whe you have more that 500 iphone managed with apple DEP program and some of these device need to use Itunes...

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. LG GATE

    Is there some timeline to support all LG GATE functions like with Android for Work or Samsung KNOX?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Apple Configurator 2 MDM Server Url is too long

    In the instructions from Article https://docs.microsoft.com/en-us/intune/deploy-use/ios-setup-assistant-enrollment-in-microsoft-intune
    states to use the URL created in the Microsoft Intune Admin Console when we tried to use that url we received an error "unable to reach the server. When we used a google shortner, for the url apple was able to reach the server. The URL that is being generated in Intune for the Apple 2Connector is too long for apple to read.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base