Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Setup a notification message for intune to inform system admins about the expiry date of Apple APN certificate.

    Allowing the Apple iOS APN certificate to expire causes a lot of headache to system Admins, the users will have to enroll devices again. so there should be a notification option to remind admins to renew. and the notification (email, SMS, popup notice,...) should occur at least a month in advance.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Assign Device to User

    We use WCD to provision devices. One of the options is to AAD join/InTune enroll, but we don't get the option to assign the device to a user after the fact. This is creating a lot of overhead for us.

    It would be awesome to use WCD to provision the device, and AAD Join/InTune enroll to verify all policies come down BEFORE we hand off the device to the user.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. allow device pairing with iTunes

    There is no option to allow device pairing with iTunes. This is a problem whe you have more that 500 iphone managed with apple DEP program and some of these device need to use Itunes...

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Set DefaultApps only once with MDM Intune CSP Policy

    When setting default apps with the Policy CSP - ApplicationDefault, it's permanent.
    https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults

    If a user changes default PDF reader, it will be set for that session. If user gets logged out, or reboots the machine, the default from this CSP Policy will be applied again.

    I want to be able to set default apps just once, and later let the users configure their devices as they please. Freedom of choice etc.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Hardware Inventory for Mobile Devices Enrolled by Microsoft Intune and Configuration Manager

    At the moment the inventory we get from our more than 900 WP8 Phones is very limited.
    See also; https://technet.microsoft.com/en-us/library/dn469411.aspx

    Please implement a feature that we can see the following:

    Wi-Fi MAC
    Subscriber Carrier
    Phone Number (for company phones not only the last 4 digits. we need the complete number)

    Phone Number2 (for DUAL SIM phones)
    International Mobile Equipment Identity or IMEI (IMEI)
    Free Storage Space
    Total Storage Space
    Serial Number
    Model (f.e. Lumia 925)
    Manufacturer (f.e. NOKIA)
    Current Operator Name
    Data Roaming Enabled

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ping feature

    Insert a feature which allows you to "ping" devices from the Intune console, so you can verify if a device is reachable (e.g. for a sync).

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. The status after applying the StartLayout configuration policy by Windows10 is displayed as "Not applicable".

    Currently, the content of XML set by StartLayout configuration policy (* 1) is reflected immediately in Windows10 device. However, we would inform you the inappropriate behavior that the status (* 2) after applying the policy does not become "Succeeded" instead of continues to be displayed as "Not applicable" when you check from the management screen.

    * 1 Microsoft Intune> Device configuration> Profiles> Create profile> Device restrictions> Start
    * 2 Microsoft Intune> Device configuration> Profiles> Created StartLayout policy> monitor> Device status> [Deployment Status] in the item list

    In addition, we confirmed that the event is reproduced as well by applying sample…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Import the devices according to the deployment profile we create

    I think It would be great if we could import the devices according to the deployment profile we create.

    Ex: we provide Machine S/n, Win product ID and Hardware hash while importing the device and create a dynamic group in Azure AD with query ZTDID, which includes all the machines imported.

    Here we cannot segregate according to the department.

    If we could add Deployment group while importing the devices and that fit in to the deployment profile and then we add the Azure AD Group (Dynamic query enrollment profile) to the deployment profile, so whatever devices are there in dep…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China

    Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China. This is confirmed by Microsoft Support and escalation team. As per replied "This is due to Chinese government policies, this function is not fully functional in mainland China. Therefore the service cannot be guaranteed to work with all features".

    Unfortunately if a Enterprise Mobile Device Management solution cannot even effectively and reliably remote wipe a Corporate device when it is lost, which is instrumental and basic for managing Corporate mobile devices, it cannot be branded as a Enterprise MDM solution. We will now…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Be able to do all the things that Casper, AirWatch, and other MDM, MAM solution does with Intune

    There are a lot of lack of function in Intune.

    1. Able to assign and manage a share device
    2. Hard to deploy applications
    3. Can't manage app configuration
    4. Can't build app store or is not existence
    5. Reporting is not robust
    6. Can't control all Android devices effectively without Knox
    7. Not all apps are "enlighten" apps.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Lync Configuration Profile

    It would be useful to have a configuration profile which can be used to automatically fill in users details to connect to Lync on Windows phones/iOS Devices

    Something similar exists for email already where you can set the users username as the SAM address etc

    But nothing for Lync

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. General Enrollment Bundle packs

    Hello,
    So far, I see there is multiple solutions available like:
    MDM, MAM, Conditional Access, WIP, App Protection Policy, Azure RMS, Legacy Protocols, Modern Authentication etc.
    Would be great if we could have option to select like “Bundle Pack” for Enrollment in Device Management with Security behind, at least in Documentation level.
    As example now to setup nice MDM, but with some protection, we need go Azure, Azure RMS, Intune, Intune App Protection and everywhere we need enable something and read&search per product the description of “how to enable” this service and integrate with each other, this takes a lot…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow to add "Contacts" and Calendar as exemption in the "Viewing corporate documents in unmanaged apps" setting under device restriction.

    Please allow us to exempt "Contacts" and "Calendar" in the "Viewing corporate documents in unmanaged apps" setting under device restriction policy. Contacts does not sync with Native Contact apps and we do not want to disable the "Viewing corporate documents in unmanaged apps" restriction. Lots of users rely on this feature. We are even considering allowing email via activesync, which we actually do not want to do.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Priority settings for Intune device configuration settings

    It would be nice if it is possible to configure multiple settings and give the configuration profile a priority. For example;

    Default configuration - Win10 device restriction ( for all users)
    Custom configuration for a specific department ( for a specific group of users) Example, for the custom startpage of a specific window setting.

    It would be nice if it possible to give a priority to the device configuration profile. With this you can deploy always the default group to the user, when there is an additional deployment with a higher priority it is applying and will override the default…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Only Allowed Users based on AD Group, the ability to enroll in Intune

    It would be nice to be able to only allow users who are in a specific AD group (ex. Mobile-Access), to have the ability to enroll in Intune. All other users would not be allowed to enroll in Intune.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. PowerShell with Parameters

    Would be awesome if you could add the ability to pass parameters down to PowerShell scripts.

    Why?
    We have multiple customers running the exact same script, where ONE variable has to be changed according to the customer. Currently we have to create and maintain one script per unique customer. If we could pass parameters through Intune it would make this a whole lot easier and dynamic.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Automated User De-provisioning

    Currently the process is a manual one. We would like when a user account is disabled from Active Directory the user is unenrolled from Intune and all corporate data delivered via Intune is enterprise wiped from the device. Other MDM systems have this capability.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. activation lock status

    Please display the activation lock status (i.e. find my iphone/ipad) in the Azure/Intune admin portal. This would aid our asset management team. Kind regards,
    t.e.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Unknown sources apk in Kiosk mode

    Need a way of installing unknown sources packages to a tablet that is in kiosk mode. Currently the only method is by posting the package to your own store but if someone has already used that package name it will not allow us to post it. Since we do not own that application and they HCHB does not publish it on the market we have no way of locking down devices and using their app. This works fine in other MDM solutions by simply putting in an allowance for the package name.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add the possibility of assigning to corporate or personal devices

    It now is possible, by using groups to automaticaly fill that group with devices that have a certain ownership (corporate/personal). It would be great if that step could be eliminated and that it will be possible to just have a pull down menu per app/configuration profile/update policy/etc. where we have the possibility to assign those settings to personal or corporate devices.

    So as an addition to the possibility of adding group memberships or all users or devices.

    For example:
    Say that we have corporate and byo devices. We create 2 device configuration profiles. One for the corporate devices and one…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base