Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Mobile data monitoring and reporting

    Nowadays with the amount of mobile data consumed by mobile devices only seems to increase, it would be great if Intune was able to monitor and report on mobile data usage across Mobile/Wifi and Roaming zones for each mobile device Intune manages. Windows and Android have this built into their OS's and iOS has a very good third party app you can use which works great.

    It would also be great if this was supported for both Intune only and SCCM hybrid environments, perhaps with a dashboard or at least some decent SSRS reporting.

    67 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Intune/Autopilot Windows Updates

    When deploying a device with Autopilot, they come shipped with older versions of Windows (1703). Some policies are only compatible with later versions of Windows. It would be great if Intune/Autopilot could initiate that OS update as part of the deployment.

    60 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. URL Filtering on PCs

    URL filtering on Mobile devices , Laptops, PCs

    since Intune has endpoint protection. we would like see a URL filtering function on the PCs /laptops and Mobile devices where Intune client should be able to block or allow websites defined in the policy.

    we are able block or allow website while the devices are on local network, but when it come to laptops, it is always moving with users so we don't have the control on it.

    currently url filter function is available in TrendMicro but it has limitations.

    Please consider this URL filter function for the future

    58 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. The ability to block specific dangerous / malicious applications

    The ability to block specific dangerous / malicious applications for iOS and Android. (competition can do it)

    51 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. noncompliant apps reports in Azure Portal

    When creating rule for "Restricted Apps", the tooltip says

    Device compliance can be viewed in the Restricted Apps Compliance report

    However, there is no such report available in the Azure portal as confirmed by support. In the classic console, this report is called "Noncompliant Apps Reports".

    Without such a report, the rule to specify noncompliant apps is actually useless. Please consider adding the feature to the new Azure portal to complete the migration.

    51 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Create a folder on the mobile device for company apps

    I would like to be able to create a folder, then install all my company managed apps into that folder. Keeping all company apps in the same location makes it easier for the user to find and easier for the help desk to support.

    49 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe.

    Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe. Currently these buttons are right next to one another and it is very easy to accidentally perform a full device wipe (factory reset) on a user's personal device - losing all data, versus the intent of just wiping the company data. Consider putting the "Factory reset" button in the "..." more section -- away from the primary choices.

    48 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Corporate vs Personal Device Policies / segregation

    Corporate vs Personal Device Policies / segregation - Today you can create policies for Corporate Owned and Personal Owned Devices. But if a user is part of both groups receiving Corporate Owned and Personal Owned Device policies, that user will receive most restrictive policies on his personal device as well. There needs to be a way to do this more effectively where a personal owned device should not be receiving corporate policies.

    47 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. access file server on on-premises network

    Will Microsoft deploy an application like secure context locker from AirWatch to access on-premises file server and links. Then, use container concept to protect the downloaded data on the application.

    40 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. There should be REST or SOAP API with Service Now Integration(intunes with Service Now Integration)

    Hi Team,

    As per me there should be REST or SOAP API in intunes with Service Now Integration.

    Now a days its the time of automation.

    Lot of things can be performed from service now itself but for that there should be predefined functions in intunes.

    Also in intunes there is on premise feature but it can be accomplished with SCCM only,as per me inbuilt feature should be there.

    Also Geo fencing feature is missing in intunes.

    Lot of things are there which I can suggest to microsoft.

    Thanks & Regards
    Sagar

    36 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Export and import custom MDM policies in the Azure Intune portal

    I have not seen the ability to export and import custom policies - both compliance and configuration policies - in the Azure Intune portal.

    We have many customers where we set up our standard policies, and we have to do this manually for all customers.

    The export function in the portal today just creates a csv of the view in the console, it does not export the actual policies - as far as I can see.

    35 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Microsoft Intune NDES Connector with Symantec Managed PKI

    Enable Microsoft Intune NDES Connector to work with Symantec Managed PKI. This applies also for Configuration Manager NDES Connector/CRP.

    This is an imported feature request for large Enterprise customers, particular in financial industries. This request is on behalf of some Enterprise customers (25K) and Microsoft Alliance Partners

    34 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Intune side loading of apps to Android for Work profile for development use

    With the device admin deprecation ensuring the adaptation of Android for Work the requirement to test applications within their Android for Work environment will become ever greater. Currently the only way to deploy an app to the AfW profile on Intune is by deploying via the Play Store. When developing an application it is not practical to do this for every time you wish to test your app. For testing and developing apps that make use of conditional access and security related features of Intune's protection it is important to have the ability to side load apps via USB to…

    33 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Profiles that use certificate based authentication should not be installed until the certificate is installed

    For configuration profiles that use certificate based authentication they should not be installed until the associated certificate is installed.

    We use certificate based authentication for e-mail using ActiveSync. This uses two different profiles; one is a profile with the e-mail configuration the other is a profile with the user certificate. The e-mail profile typically installs before the certificate profile, Once the e-mail profile is installed it prompts the user to enter their password. If they enter their password it uses their password instead of certificate based authentication.

    If we configure our e-mail profile to use certificate based authentication we need…

    33 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable intune to delete outlook profile from windows desktops and mac

    Currently intune can’t delete outlook profile on windows desktops and mac (I have already raised a ticket and confirmed [Ticket #:12377207]). When we use retire option it just don't delete cashed outlook profile from pc. (windows or mac)
    When it comes to mobile platforms such as android and ios, it just works fine as it should, and deletes the outlook profile very smoothly by intune using retire option.
    “Retire option” claims the following, yet looks somewhat misleading .
    "Are you sure you want to remove company data on this device? This will only remove company data managed by Intune. The…

    31 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Security and Event logging to SIEM and others via Syslog/PowerShell

    Ability to monitor what is happening with your devices and users.

    31 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Force Application/Policy Updates

    I need to be able to force application and configuration updates on devices, and not wait for the timers. Even through a "Sync" button was put in place, it still doesn't seem to invoke any immediate update to the devices.

    Since all of our devices are supervised and we control apps via VPP, if for some reason they don't get an app update, I have to either set the app to uninstall for the group and then reinstall, or reset the device (and then wait for the device to reconfigure).

    Optimal outcomes:

    1. A "Install Now" button that will immediately…

    30 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. The Defense Contractor Industry needs FIPS 140-2 Enforcement on all Mobile Devices.

    The Defense Contractor Industry needs FIPS 140-2 Enforcement on all Mobile Devices. IOS with Outlook Mobile and Intune is FIPS 140-2 compliant. Android is not. This will force all Defense Contractors to move to IOS devices if Intune and Outlook mobile cannot enforce FIPS 140-2 encryption at rest and in transit. All Defense Contractors must be FIPS 140-2 compliant by the end of 2017.http://www.natlawreview.com/article/cybersecurity-update-dod-releases-long-awaited-final-rule
    https://blogs.msdn.microsoft.com/azuregov/2016/09/15/how-microsoft-azure-government-enables-defense-industrial-base-companies-to-comply-with-new-dod-cyber-security-rules/

    30 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    released the week of Nov 6 – a new device restriction settings for Windows 10
    Password – settings to enable FIPS and the use of Windows Hello devices secondary devices for authentication
    Does that get you close?

  19. Add device information to reporting (MAC, Phone number, IMEI, SIM)

    The information when you click on a device is VERY limited.

    We use MAC addresses to allow access to our corporate wifi. With BES I can get this easily. Intune....nothing. This means I need to ask each user to gather their MAC address.

    Other things that are missing that should be easily gathered:

    Phone number
    IMEI
    SIM

    There are more but this is the important one.

    While I hate using BES it seems to consistently beat Intune in the simplest of things that should be part of the starting tool set for any MDM.

    For us this needs to be…

    29 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide a method for changing Web Clips after deployment

    We deployed a web link to our managed Android tablets and now need to change the URL in the web link. It appears that we can not edit the link OR force remove the old web link and push out a new one. Please provide this functionality as right now our only option is to un-enroll the tablets and re-enroll them.

    29 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base