Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Privileges missing in UserRights CSP

    You already offer to configure some privileges through the Policy CSP : https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-userrights.

    But some of them are missing, like :

    •Allow logon Through Terminal Services
    •Deny logon as a batch job
    •Log on as a batch job
    •Log on as a service
    •Remove computer from docking station
    •Replace a process level token
    •Shut down the system

    Could you please add them to Intune?

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Push mail profile with custoom properties to iOS and Android

    We want to deploy multiple mail profiles (native mail app) other than the users own. For example if user A is allowed to use the mailbox of user B we want to push the mailbox of user B to user A's device. Therefore we need custom user properties where these settings come from and the possibility to link these custom properties within device configuration policy.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. dynamic group rules needs Management Name device attribute associated with it

    With the inclusion of the Management Name property, I believe a device attribute should be created that is associated with it allowing Dynamic Group Rules functionality. I would like to create dynamic group criteria based on the Management Name I associate with a device. For example: (device.managementName -contains "MyCustomManagementName")

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ability to run report on version of company portal app

    Considering there are versions of the company portal app out there that won't even allow the user to log in before it get updated

    Considering when reaching out for support for Intune one of the main questions they ask when troubleshooting is the version of the company portal app on the device

    For the above reasons and more it would be nice to be able to run a report or somehow determine from the admin console what version of the company portal app your devices are running.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Malware protection status on Win10 MDM side (feature parity with intune client)

    As the Correct Way of Managing Windows 10 devices seems to be AAD + MDM it would be VERY useful to have at least some of the abilities the intune client has - the ability to see events related to malware.

    Viruses and Trojans are in my experience this is the most common issue with PCs... still.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide the availability of Location Provider to the Devices from Intune.

    If the other than [Lost Mode] in Monitoring Mode via iOS, I hope the feature will be implemented that enables setting the Location Provider to the devices by Intune.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add capability to customize device friendly name for MDM

    We would like to be able to set device friendly name within the Intune Portal to display a custom device entry name based on criteria we set. An example would be {userprincipalname} - {DeviceIMEI}

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. allow admins to add notes to inventory

    We have tons of valuable devices and lots of "events" occur with these units.

    Some are stolen, lost, broken, loaners, unknown... all kinds of etc.

    If we could group these items and use Intune to add minor notes....

    Intune would also become a valuable inventory tool.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    @Jamie, thanks for the heads up, I merged the requests. I personally think this request is different than the “management name” field, because I would assume a larger field for more info. But if you and @Tony feel like it fulfills what you were asking for, I can call it complete

  9. Configure an application whitelist

    Provide the ability to configure an application whitelist and block the Apple App Store for a selected group of users. This has come up as a regulatory requirement for our organisation.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Dynamic device group for DEM

    Create a dynamic device group for the enrolled device using DEM account:-
    if you enroll different device platforms and os versions using device enrollment manager account up to 1000 device, you may need to group all those devices in one group so?
    Yeah you can create a group contains this account but I am talking about devices.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Activate Compliance status with COSU (Company Owned Single Use)

    Activate Compliance status with COSU (Company Owned Single Use)

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Prioritise InTune Policy Deployment

    It would be great to be able to prioritise policy deployment in InTune.

    For example, I would like to have the WiFi policy apply before the email policy and the application deployment. This would save a lot of time and costs with regards to bandwith (over 1 GB of data on MS Office applications alone!)

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Distributing an In-House documents, Intune doesn't have feature available that company can share their documents to end users on ios devices

    Make in-house documents available in self-service for the user to Install using Microsoft Intune. Documents like knowledge sharing for example or any pdf files which IT administrator can share on end devices.

    Thanks,

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automated User De-provisioning

    Currently the process is a manual one. We would like when a user account is disabled from Active Directory the user is unenrolled from Intune and all corporate data delivered via Intune is enterprise wiped from the device. Other MDM systems have this capability.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Management Name discoverable during search to add members device manually to a group

    The addition of the Management Name was very helpful, but the name that gets entered into that field needs to be discoverable by searches. In particular, I have a group that I would like to manually add some devices to, but I am unable to search by the Management Name to be able to add them.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Upgrade Windows 10 OS Edition from Home to Pro

    First, we try to do Azure AD Join for 300 Dell Laptop's with Windows 10 Home Edition (OEM), but there is no option for same and suggested to upgrade to Pro Edition.

    Secondly, tried to do upgrade OS from Home to Pro through Intune, but no luck; and got the answer from Microsoft saying that "by design that you cannot upgrade form Home to pro edition using Intune".

    Only Device Enrollment can be done, but not Azure AD Join.

    By looking into above mentioned case study - requesting the Microsoft team to see for permanent solution to resolve the issue.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Update AD msds-isManaged flag or delete on premise device when device is remote wiped

    Enterprise customers leveraging AD Connect with Device Write back and ADFS for Access Control cannot block authentication from devices removed from Intune because it does not update Azure AD when the device is Remote Wiped.

    When a device is wiped in the Intune console, Azure AD should receive an update indicating that the device is no longer managed, this should sync to on-premise. Alternatively, the device object should be removed form Azure AD deleting the object from the On-Premise AD as well.

    This way, a compromised device cannot successfully authenticate to ADFS even though the admin has remote/wiped the device.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. CRM Online Compliance Policies

    I'd like to see a CRM Compliance policy like there is with SharePoint and Exchange.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Corporate Device Identifiers: Bulk Delete Via Web UI

    Admins can currently ADD bulk corporate device identifiers via the Web UI and a CSV file (imei,device details). It would be nice to have the same ability to DELETE corporate device identifiers using a CSV file (imei's). We currently do yearly mass device replacements (30-50% of total inventory), and manually search each corporate device identifier in the Web UI, and deleting it, is very inefficient. With some work, this function is somewhat available via Graph, but having it available via the Admin Web UI would be ideal.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to manage multiple device profiles for a dedicated user, also to manage profiles/policies ranking

    Most of MDM solutions are providing a way to deploy different type of devices (different profiles/policies/apps..) for a single user. Currently the only real method is to either use Category tags or dynamic device groups. Category tags are limited and is currently not supporting all types of enrollment (not working with Android Enterprise full Corporate-owned fully managed devices, using Intune app instead of Company portal, manual action by an IT required in the console to set a category tag then). Second option is dynamic device groups that are also limited in scope as some objects are user-based only and cannot…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
1 2 5 7 9 18 19
  • Don't see your idea?

Feedback and Knowledge Base