Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Mobile data monitoring and reporting

    Nowadays with the amount of mobile data consumed by mobile devices only seems to increase, it would be great if Intune was able to monitor and report on mobile data usage across Mobile/Wifi and Roaming zones for each mobile device Intune manages. Windows and Android have this built into their OS's and iOS has a very good third party app you can use which works great.

    It would also be great if this was supported for both Intune only and SCCM hybrid environments, perhaps with a dashboard or at least some decent SSRS reporting.

    64 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      noted  ·  0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    • URL Filtering on PCs

      URL filtering on Mobile devices , Laptops, PCs

      since Intune has endpoint protection. we would like see a URL filtering function on the PCs /laptops and Mobile devices where Intune client should be able to block or allow websites defined in the policy.

      we are able block or allow website while the devices are on local network, but when it come to laptops, it is always moving with users so we don't have the control on it.

      currently url filter function is available in TrendMicro but it has limitations.

      Please consider this URL filter function for the future

      58 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
      • The ability to block specific dangerous / malicious applications

        The ability to block specific dangerous / malicious applications for iOS and Android. (competition can do it)

        51 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          noted  ·  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
        • noncompliant apps reports in Azure Portal

          When creating rule for "Restricted Apps", the tooltip says

          Device compliance can be viewed in the Restricted Apps Compliance report

          However, there is no such report available in the Azure portal as confirmed by support. In the classic console, this report is called "Noncompliant Apps Reports".

          Without such a report, the rule to specify noncompliant apps is actually useless. Please consider adding the feature to the new Azure portal to complete the migration.

          51 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
          • Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe.

            Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe. Currently these buttons are right next to one another and it is very easy to accidentally perform a full device wipe (factory reset) on a user's personal device - losing all data, versus the intent of just wiping the company data. Consider putting the "Factory reset" button in the "..." more section -- away from the primary choices.

            48 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
            • Corporate vs Personal Device Policies / segregation

              Corporate vs Personal Device Policies / segregation - Today you can create policies for Corporate Owned and Personal Owned Devices. But if a user is part of both groups receiving Corporate Owned and Personal Owned Device policies, that user will receive most restrictive policies on his personal device as well. There needs to be a way to do this more effectively where a personal owned device should not be receiving corporate policies.

              38 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
              • access file server on on-premises network

                Will Microsoft deploy an application like secure context locker from AirWatch to access on-premises file server and links. Then, use container concept to protect the downloaded data on the application.

                37 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                • Create a folder on the mobile device for company apps

                  I would like to be able to create a folder, then install all my company managed apps into that folder. Keeping all company apps in the same location makes it easier for the user to find and easier for the help desk to support.

                  36 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                  • Microsoft Intune NDES Connector with Symantec Managed PKI

                    Enable Microsoft Intune NDES Connector to work with Symantec Managed PKI. This applies also for Configuration Manager NDES Connector/CRP.

                    This is an imported feature request for large Enterprise customers, particular in financial industries. This request is on behalf of some Enterprise customers (25K) and Microsoft Alliance Partners

                    34 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                    • There should be REST or SOAP API with Service Now Integration(intunes with Service Now Integration)

                      Hi Team,

                      As per me there should be REST or SOAP API in intunes with Service Now Integration.

                      Now a days its the time of automation.

                      Lot of things can be performed from service now itself but for that there should be predefined functions in intunes.

                      Also in intunes there is on premise feature but it can be accomplished with SCCM only,as per me inbuilt feature should be there.

                      Also Geo fencing feature is missing in intunes.

                      Lot of things are there which I can suggest to microsoft.

                      Thanks & Regards
                      Sagar

                      33 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                      • Profiles that use certificate based authentication should not be installed until the certificate is installed

                        For configuration profiles that use certificate based authentication they should not be installed until the associated certificate is installed.

                        We use certificate based authentication for e-mail using ActiveSync. This uses two different profiles; one is a profile with the e-mail configuration the other is a profile with the user certificate. The e-mail profile typically installs before the certificate profile, Once the e-mail profile is installed it prompts the user to enter their password. If they enter their password it uses their password instead of certificate based authentication.

                        If we configure our e-mail profile to use certificate based authentication we need…

                        33 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                        • Export and import custom MDM policies in the Azure Intune portal

                          I have not seen the ability to export and import custom policies - both compliance and configuration policies - in the Azure Intune portal.

                          We have many customers where we set up our standard policies, and we have to do this manually for all customers.

                          The export function in the portal today just creates a csv of the view in the console, it does not export the actual policies - as far as I can see.

                          32 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Security and Event logging to SIEM and others via Syslog/PowerShell

                            Ability to monitor what is happening with your devices and users.

                            31 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Intune side loading of apps to Android for Work profile for development use

                              With the device admin deprecation ensuring the adaptation of Android for Work the requirement to test applications within their Android for Work environment will become ever greater. Currently the only way to deploy an app to the AfW profile on Intune is by deploying via the Play Store. When developing an application it is not practical to do this for every time you wish to test your app. For testing and developing apps that make use of conditional access and security related features of Intune's protection it is important to have the ability to side load apps via USB to…

                              30 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Add device information to reporting (MAC, Phone number, IMEI, SIM)

                                The information when you click on a device is VERY limited.

                                We use MAC addresses to allow access to our corporate wifi. With BES I can get this easily. Intune....nothing. This means I need to ask each user to gather their MAC address.

                                Other things that are missing that should be easily gathered:

                                Phone number
                                IMEI
                                SIM

                                There are more but this is the important one.

                                While I hate using BES it seems to consistently beat Intune in the simplest of things that should be part of the starting tool set for any MDM.

                                For us this needs to be…

                                29 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Add option to block Jailbroken/Rooted devices

                                  At my company and probably many others we have listed in our mobile device policy that jailbroken and/or rooted devices are not accepted. In Microsoft Intune's compliancy policy you can also state that an device is incompliant if it's jailbroken/rooted however its still accepted and it gets its certificate profiles and such.

                                  Is it possible to create an option within Microsoft Intune when an user tries to enroll an jailbroken and/or rooted device that they receive an notificiation that enrollment is blocked for jailbroken/rooted devices?

                                  it would make my job as Microsoft Intune responsible alot easier then playing policeman for…

                                  28 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Provide a method for changing Web Clips after deployment

                                    We deployed a web link to our managed Android tablets and now need to change the URL in the web link. It appears that we can not edit the link OR force remove the old web link and push out a new one. Please provide this functionality as right now our only option is to un-enroll the tablets and re-enroll them.

                                    28 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Repeated EMS/Intune trials in same AAD please

                                      I had a 90 day EMS trial so I could do some blogging and presenting at UGs and conferences. My trial expired, I seemingly can't have another one. I see lots of similar suggestions from 2015 which were noted but it seems no easier other than we now have 90 days not 30. I have MSDN Enterprise so I can trial any MS product I like for as long as I like with repeated installs - except EMS.
                                      I checked with some MVP friends, they each have a full license. How are non-MVPs expected to test, blog, speak and promote…

                                      28 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                      • The Defense Contractor Industry needs FIPS 140-2 Enforcement on all Mobile Devices.

                                        The Defense Contractor Industry needs FIPS 140-2 Enforcement on all Mobile Devices. IOS with Outlook Mobile and Intune is FIPS 140-2 compliant. Android is not. This will force all Defense Contractors to move to IOS devices if Intune and Outlook mobile cannot enforce FIPS 140-2 encryption at rest and in transit. All Defense Contractors must be FIPS 140-2 compliant by the end of 2017.http://www.natlawreview.com/article/cybersecurity-update-dod-releases-long-awaited-final-rule
                                        https://blogs.msdn.microsoft.com/azuregov/2016/09/15/how-microsoft-azure-government-enables-defense-industrial-base-companies-to-comply-with-new-dod-cyber-security-rules/

                                        27 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Option to delete device from AAD when deleting it from Intune and automate lifecycle

                                          We use the option to automatically join a device to MDM when performing joining it to AAD. Currently when we delete a device from MDM, it is automatically removed from MDM (and the device certificate is revoked in our PKI). However we still need to manually remove the device from AAD. We would like an option to also automatically remove the AAD registration. It would be great when it was also possible to clean the registration from the Off365 Office Installs (portal.office.com/Account#Installs). Adding rules to automatically cleanup inactive stations (eg based on #days inactive or user account disabled) also eases…

                                          27 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base