Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Managed homescreen rotate

    Managed homescreen needs to be able to rotate. (when using tablets)

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add AAD user to the Local Administrators group of specific devices via API

    We need the ability to assign specific AAD user(s) to the Local Administrators group of specific devices via API.

    As of now, you can assign AAD users to a Device Administrators role (as shown in the screenshot attached), but it adds that user as a Local Admin to ALL Azure devices. This is not good, not good at all.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. devices organization

    we should be able to organize Devices in Intune just like devices in AD by group or Organization Unite

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Intune - Default Calendar/Contact/Mail Account on iOS devices

    The ability to set the default calendar/contacts/mail account when an iOS device is enrolled with Intune.

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow only specific Android manufacturers for enrollment - block others

    Ability to allow only specific Android manufacturers devices for full enrollment.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Assign policies and apps to users but not all devices of the users targeted

    I have a customer that deploys applications based on User Groups. So per application there is a usergroup (e.g. ap_notepad) but that user has multiple devices with the same os (in this case Windows).

    Intune tells me not to mix device and user based groups for exclusions. But what I would like to see is the possiblility to target an application to a user group and exclude certain devices.

    For example: Application A is assinged to the usergroup APAPPLICATIONA. The user has his normal device for everyday work where the application should be installed mandatory. He also has…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Use MDM configuration for Multiple Domains using single Intune console which organization uses common mail server for all 5 Domains.

    How to use MDM configuration for multi-domains which organization utilize single Intune console and company uses common mail server for multiple domains however there is no federation between those multi-domains.

    Any one can assist me how can we integrate Intune for multi-domains environment?
    Here is the situation which company uses different domains login ID for windows login but common mail server foe E-mail transaction want to go for EMS/MDM/MAM deployment using Intune.

    Please let me know if you have defined solution or work around solution to achieve this requirement.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. power management for windows device (at least)

    Should be great to have power mangement directly in intune instead of a csp with admx. (which i Don't understand).
    Some others mdm solutions provide this. So why not intune ? (at least for Windows devices).

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Enable use of BitLocker authentication requiring preboot keyboard input on slates

    Hello,
    Would be good to integrate in Endpoint Protection BitLocker setcion an option for "OSEnablePrebootInputProtectorsOnSlates" (Enable use of BitLocker authentication requiring preboot keyboard input on slates),
    Else if you use Tablet, then when the Windows Recovery Environment is not enabled and this policy is not enabled, you cannot turn on BitLocker on a device that uses the Windows touch keyboard.

    But to enable this "OSEnablePrebootInputProtectorsOnSlates" need push PowerShell script to devices, as BitLocker-CSP missing this too....

    Or option via BitLocker-CSP to control this setting.

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Custom message when locking devices

    displaying a custom message on screen when a device is locked due to it being lost/stolen. This would apply to all devices similar to how remote lock works on iCloud, FindMyPhone for android and Samsung devices
    i.e. "This device belongs to X company, please call +01 xxxx-*** to return device"

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Disable as a policy configuration option in addition to Enable and Not configured

    Most settings only have the option to either Enable or leave Not Configured. When a profile is removed, the settings remain in place on Windows systems. Applying a profile that sets these same settings to Not Configured does nothing. If we could instead set them to Disabled we could then overwrite the settings that were left behind like we can currently do in Group policy.

    Currently the only supported workaround I can find is to retire then re-enroll the device. This is not a feasible solution.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Import supported GPO directly into MDM policy

    We are doing a project for supported policies going from GPO, to Intune MDM Policy. One of the things that would be immensely helpful is the ability to put create an XML document and import multiple settings in at once.

    This would allow us to build entire polices offline and import them in when ready rather than doing one setting at a time.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Please allow OPPO devices to be managed by Intune.

    Please allow OPPO devices to be managed by Intune.

    The below article tells that OPPO devices are not supported.
    https://docs.microsoft.com/en-us/intune-user-help/your-device-appears-encrypted-but-cp-says-otherwise-android

    Please consider these devices at the earliest.

    Thanks,.

    52 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow administrators to choose our own password restrictions

    As per the Technical Support team, it is currently impossible to have an alphanumeric password with 0 non-alphanumeric characters. I don't understand why the system is configured this way, but it certainly would be nice if I had the option to choose my own password restrictions.


    Hello Ryan,

    This email is to follow up.

    Got the answer from the escalation team about the non-alphanumeric password for the compliance policy, they found out this:

    The compliance policy is working as it should be in Intune when setting the option to 0, what they explain me is, if you set this to…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Misspelling in MDM Authority notification

    After selecting "Configuration Manager MDM Authority" under Choose MDM Authority, there is a misspelling in the notification that pops up. Please see attached image.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. General Enrollment Bundle packs

    Hello,
    So far, I see there is multiple solutions available like:
    MDM, MAM, Conditional Access, WIP, App Protection Policy, Azure RMS, Legacy Protocols, Modern Authentication etc.
    Would be great if we could have option to select like “Bundle Pack” for Enrollment in Device Management with Security behind, at least in Documentation level.
    As example now to setup nice MDM, but with some protection, we need go Azure, Azure RMS, Intune, Intune App Protection and everywhere we need enable something and read&search per product the description of “how to enable” this service and integrate with each other, this takes a lot…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. ability to hide Device Categories

    I would like the ability to hide Device Categories. I use them with dynamic groups in order to provision devices. I have a standard group to 'build' a Kiosk device because Apple permissions force me install apps then give them permissions (such as camera). I then switch the category to something that has a KIOSK policy applied.

    The issue is I really do not want the users seeing 30 categories when they enroll their devices.

    Please add a check box that 'hides' the category during enrollment, but allows an admin to change to that category to get policies.

    Yes, you…

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Hidden Categories

    I would like the ability to hide Device Categories. I use them with dynamic groups in order to provision devices. I have a standard group to 'build' a Kiosk device because Apple permissions force me install apps then give them permissions (such as camera). I then switch the category to something that has a KIOSK policy applied.

    The issue is I really do not want the users seeing 30 categories when they enroll their devices.

    Please add a check box that 'hides' the category during enrollment, but allows an admin to change to that category to get policies.

    Yes, you…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to limit number of enroll devices to only 1 per platform e.g. 1 or PC and 1 for mobile (either iOS and Android) in BYOD scenario

    Ability to limit number of enroll devices to only 1 per platform e.g. 1 or PC and 1 for mobile (either iOS and Android) in BYOD scenario in order to manage corporate resources.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Missing device enrollemt history

    Improvedevice enrollment / introduce Retired category

    I miss the possibility to retire a device and to keep it in a special view. In case of compliance requests, it could be possible to find easily all users which used the device before.
    And finally if the phone was registered with the serial number and the new user registered it with IMEI, teh retired flag would avoid that the new user fails with the registration. Unfortunately in the moment intune overwrites a device only in the case that it will be registered again with the same identifier used before. intune should check…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base