Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add the possibility of assigning to corporate or personal devices

    It now is possible, by using groups to automaticaly fill that group with devices that have a certain ownership (corporate/personal). It would be great if that step could be eliminated and that it will be possible to just have a pull down menu per app/configuration profile/update policy/etc. where we have the possibility to assign those settings to personal or corporate devices.

    So as an addition to the possibility of adding group memberships or all users or devices.

    For example:
    Say that we have corporate and byo devices. We create 2 device configuration profiles. One for the corporate devices and one…

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. The status after applying the StartLayout configuration policy by Windows10 is displayed as "Not applicable".

    Currently, the content of XML set by StartLayout configuration policy ( 1) is reflected immediately in Windows10 device. However, we would inform you the inappropriate behavior that the status ( 2) after applying the policy does not become "Succeeded" instead of continues to be displayed as "Not applicable" when you check from the management screen.


    • 1 Microsoft Intune> Device configuration> Profiles> Create profile> Device restrictions> Start

    • 2 Microsoft Intune> Device configuration> Profiles> Created StartLayout policy> monitor> Device status> [Deployment Status] in the item list

    In addition, we confirmed that the event is reproduced as well by applying sample XML according…

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Force the synchronization of devices in an AAD group

    When I deploy an application to an Azure AD Group, I would like to
    Force the synchronization of every devices just with one click.
    Actually i need to synchronize each device one by one to force the sync.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Hardware Inventory for Mobile Devices Enrolled by Microsoft Intune and Configuration Manager

    At the moment the inventory we get from our more than 900 WP8 Phones is very limited.
    See also; https://technet.microsoft.com/en-us/library/dn469411.aspx

    Please implement a feature that we can see the following:

    Wi-Fi MAC
    Subscriber Carrier
    Phone Number (for company phones not only the last 4 digits. we need the complete number)

    Phone Number2 (for DUAL SIM phones)
    International Mobile Equipment Identity or IMEI (IMEI)
    Free Storage Space
    Total Storage Space
    Serial Number
    Model (f.e. Lumia 925)
    Manufacturer (f.e. NOKIA)
    Current Operator Name
    Data Roaming Enabled

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ping feature

    Insert a feature which allows you to "ping" devices from the Intune console, so you can verify if a device is reachable (e.g. for a sync).

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable ability to deploy internal PKI Certificates to devices via Intune

    Currently the architecture to deploy certificates to devices requires you to have the infrastructure in-place to do external certificates requests to the internal NDES. Typically done with multiple WAP's. Other competing products do not require this. They manage the certificate request process for you using its connection to your internal network. Intune should be able to proxy this request of do the request on behalf of the device and send it to the device as part of normal synch process. This would eliminate unnecessary hardware which is the whole reason of using cloud services.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow to add "Contacts" and Calendar as exemption in the "Viewing corporate documents in unmanaged apps" setting under device restriction.

    Please allow us to exempt "Contacts" and "Calendar" in the "Viewing corporate documents in unmanaged apps" setting under device restriction policy. Contacts does not sync with Native Contact apps and we do not want to disable the "Viewing corporate documents in unmanaged apps" restriction. Lots of users rely on this feature. We are even considering allowing email via activesync, which we actually do not want to do.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Make sure outlook is the only approved mail client

    Even though we have conditional access and MAM on all users, everyone can download Edison mail client and access their mail without enrollment.

    If we wish to restrict users from using Edison mail client, we have to disable EWS but then we lose access to other exchange online features, so we can´t do that.

    Microsoft says in their product commercials that you can restrict all other mail clients other that outlook, but I don´t see that is true since Edison mail client is able to connect. Try it yourself.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. View password configuration on enrolled devices

    We would like the ability to query Intune for password settings of enrolled devices. Settings include:


    • simple password

    • password length

    • inactivity until screen locks

    Currently, you can query Intune for information like:
    - phone number
    - serial number
    - discovered apps

    Why not password settings?

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China

    Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China. This is confirmed by Microsoft Support and escalation team. As per replied "This is due to Chinese government policies, this function is not fully functional in mainland China. Therefore the service cannot be guaranteed to work with all features".

    Unfortunately if a Enterprise Mobile Device Management solution cannot even effectively and reliably remote wipe a Corporate device when it is lost, which is instrumental and basic for managing Corporate mobile devices, it cannot be branded as a Enterprise MDM solution. We will now…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enrollment Quarantine

    Create a Quarantine for Enrolment, where an Admin can approve or deny enrollment for a device.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Lync Configuration Profile

    It would be useful to have a configuration profile which can be used to automatically fill in users details to connect to Lync on Windows phones/iOS Devices

    Something similar exists for email already where you can set the users username as the SAM address etc

    But nothing for Lync

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. General Enrollment Bundle packs

    Hello,
    So far, I see there is multiple solutions available like:
    MDM, MAM, Conditional Access, WIP, App Protection Policy, Azure RMS, Legacy Protocols, Modern Authentication etc.
    Would be great if we could have option to select like “Bundle Pack” for Enrollment in Device Management with Security behind, at least in Documentation level.
    As example now to setup nice MDM, but with some protection, we need go Azure, Azure RMS, Intune, Intune App Protection and everywhere we need enable something and read&search per product the description of “how to enable” this service and integrate with each other, this takes a lot…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Description field to Intune devices

    You should be able to add a description to any device in Intune.

    Customers could use this description field to e.g. differentiate test/pilot devices, department or put some other meaningful information (e.g. asset tags) about the devices.

    And it would be great to have multiple fields!

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Only Allowed Users based on AD Group, the ability to enroll in Intune

    It would be nice to be able to only allow users who are in a specific AD group (ex. Mobile-Access), to have the ability to enroll in Intune. All other users would not be allowed to enroll in Intune.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. activation lock status

    Please display the activation lock status (i.e. find my iphone/ipad) in the Azure/Intune admin portal. This would aid our asset management team. Kind regards,
    t.e.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. NativeScript Intune support

    It would be great if Microsoft provides out of the box Intune support for apps created thru NativeScript framework.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Unknown sources apk in Kiosk mode

    Need a way of installing unknown sources packages to a tablet that is in kiosk mode. Currently the only method is by posting the package to your own store but if someone has already used that package name it will not allow us to post it. Since we do not own that application and they HCHB does not publish it on the market we have no way of locking down devices and using their app. This works fine in other MDM solutions by simply putting in an allowance for the package name.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Control and/or set default email, contacts, calendar accounts

    An issue I often see with mobile devices is that the user doesn't realize which calendar they've selected for creating an event. They think it is the corporate calendar, maybe don't use any other calendar on the mobile device. They open the calendar, create an event, send it to work associates. The people they send the event to accept, and are made aware of the meeting. But the sender has unknowingly created this event on another calendar (maybe the icloud calendar) So on their PC Outlook does not get the event. Everyone else makes it to the meeting but they…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Device Compliance policy support Windows Edition

    Please support WIndows edition with compliance policy. Because there is no way to eliminate the Home Edition now. I would like to have access control by dividing Home, Pro, Enterprise

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base