Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Non Admin Intune Joing

    The ability to join Non-local Admin machines to Intune MDM is something that needs to be allowed. In our case we have 500+ Windows 10 endpoints which are not managed and are not and do not planned to be joined to Azure AD, Local AD, or Hybrid AD.
    But we do need to manage them with Intune, so this is not allowed, and giving users all over the county admin rights to the machine is not an option. There should be a way to push the Intune MDM management joining without interrupting the current account state

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to Quickly Remove a Profile or App

    In other MDMs, I have the ability to quickly remove and then potentially re-add a profile or app from a specific device. This is often necessary in iOS, in particular, in order to correct an issue with a profile or a failed app deployment. Currently, in InTune, I use a very convoluted process where I setup a group just for temporary exclusions. Then I add a user/device to that group and assign that group to the profile as an exclusion. This is all VERY slow, however. It's almost unusable.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Can we have more Android settings in Android enterprise enroll like Battery settings and all the different settings we have in Android.

    There is no way to deploy the custom device configuration policy for the Android enterprise fullymanaged and dedicated devices. I have been searching for a setting to change the battery indicator from Graphics to % in number but could not find any settings within Intune. It would be great if PG team can review all the android device settings and launch the settings in a device restriction or probably launch the device feature category for the android enterprise enrolled devices.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. The ability to cancel a retire request on an Android phone.

    It should be possible to cancel a retire request on an Android phone. I've put out a request to retire an Android Phone. Somehow, this went wrong and it seems it's now in a perpetual pending state...

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Lock or block specific settings from being changed

    Our school utilizes Clever which requires the camera to scan QR codes for student logins. We have had some students that disable the camera to use the excuse that they can't log in. Although there are fixes and workarounds for this I was thinking it would be nice to have some settings locked in an on or off position (depending on what is necessary) so that the end-user can't alter them.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Company Portal app notifications badges

    Company Portal app should notify a user via an app badge count when they receive an MDM notification. For example,
    1) For an admin manually pushed notification from the console.
    2) A device non-compliance notification/warning generated from the system.
    3) A new version of a published app available to the device/user.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Microsoft Teams without Intune enrollment

    We use MaaS360 MDM in order to use the native Mail application for iPhones. Currently there is no way to separate Microsoft Teams while also assigning and protecting O365 SharePoint Online. In order to use Teams on mobile devices, we are forced to switch our users to Intune and use Outlook as their mail client or we would need to exclude the users from the policy which is not ideal.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to control Intune Management Extension execution Flow

    IT Pro needs the ability to customize the execution flow of the Intune Management extension on a per ESP page basis.

    Scenario:
    Org A has 10 different user departments targeted with each targetd with a different ESP with required configuration.

    For some departments, Applications need to execute before scripts, for other departments scripts need to execute before applications.

    If IT Pros could modify the execution flow for each scenario, it would allow Org's to sequence execution alot better instead of having to use the Microsoft determined execution flow.

    Instead of being told 'package the script as an app and make…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide validation for MDM Baseline policy configuration

    In the MDM Security Baseline > Device Installation, there are two polices that allow you block and remove the installation of devices by device identifier or class. In our experience, if you set "Remove matching hardware devices" to "Yes" but remove all the items on the block list, the policies do not get applied properly to devices and result in errors showing in Assignment Status. If I'm right about this, then Endpoint Manager should alert the user if they have created a policy that will result in an error if deployed.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Please enable block screen shot for iOS device

    Screenshot Blocking feature works for other devices than Apple device. Please enable this feature on Priority.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Migrate android device administrator to Android Enterprise

    There should be an ability to migrate a fully managed corporate owned device from 'android device administrator' to 'Android Enterprise' without going through hard-reset route. In the current climate with Covid, this can save considerable amount of time for everyone and not risking users from visiting office sites just to move over to new Android enterprise profile.

    The whole process can take more than 1hr with hard-reset for each device with re-authentication. The process exists for byod work profile, but not for full corp owned devices.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. MS tunnel 2 different VPN group needs 2 internal server MS Tunnel

    In intune Device > Configuration profiles > VPN profile must be configured to configure MS tunnel client application for devices. Here we can allow some applications access to this tunnel. Also we must choose/set MS Tunnel Site here.

    but if i need to use more than one VPN profile for some different groups of devices and those groups has must have different applications and different accesses through this VPN tunnel, than i need to create other Site for this mstunnel profile yes?

    and if we need another site, than i must install another server for ms tunnel or i can…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Passcode reset for Android enterprise device

    Passcode reset for Android enterprise device must have SYNC tab available

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allowed root or jailbroken devices

    The detection by MS can already be bypassed, please allow it to be enabled.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow devices with root access

    The detection by MS can already be bypassed, please allow it to be enabled.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Please tell us what is gonna happen with MS Tunnel

    ... and when it will be general available!

    THX

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Notes tab

    Integrate a note or draft section directly to the endpoint portal where we can add a note, warning, comment or write a next step action without the need to leave your portal.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Creating a Device Dynamic Group with "DeviceTrustType" attribute

    In some environments it is useful to have the ability to create a dynamic group with the attribute DeviceTrustType. Unfortunately this is currently not possible, because this attribute is not supported..

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Android Dedicated Devices (KIOSK) Enrollment in China

    We have few android devices in China region which needs to be enrolled as KIOSK devices.

    As per the MS documentation, we can just have the Android Device Administrator option as enrollment method for devices in Non-GMS regions. And to set up KIOSK, we would need Android Enterprise enrollment which is not supported in China.

    Is there any other way, we can enroll these devices as dedicated KIOSK devices.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base