Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sync status and compliancy when DEP enrolled as shared device

    The device status and compliancy is not synced when dep enrolled as a shared device without company portal. If the company portal would work on it and fix the issue, it would still require a user to log in, which is unwanted on a shared device.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. allow admins to add notes to inventory

    We have tons of valuable devices and lots of "events" occur with these units.

    Some are stolen, lost, broken, loaners, unknown... all kinds of etc.

    If we could group these items and use Intune to add minor notes....

    Intune would also become a valuable inventory tool.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    @Jamie, thanks for the heads up, I merged the requests. I personally think this request is different than the “management name” field, because I would assume a larger field for more info. But if you and @Tony feel like it fulfills what you were asking for, I can call it complete

  3. Allow only specific Android manufacturers for enrollment - block others

    Ability to allow only specific Android manufacturers devices for full enrollment.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Automated User De-provisioning

    Currently the process is a manual one. We would like when a user account is disabled from Active Directory the user is unenrolled from Intune and all corporate data delivered via Intune is enterprise wiped from the device. Other MDM systems have this capability.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Increase the device check-in limit (current 25/hr)

    While enrolling devices for a customer we ran into an issue where the device would stop receiving commands from Intune.

    After support looked into the logs the found a limit of 25 check-in's over a 1 hour timespan and suggested a uservoice to get support to increase this number.

    Impact;
    Intune Service has a throttling limits of maximum of 25 checks in an hour. This may include the check-ins initiated from install request of available apps + end user clicking checking compliance from the company portal + regular device check ins as per schedule.

    Support can identify this issue by…

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Management Name discoverable during search to add members device manually to a group

    The addition of the Management Name was very helpful, but the name that gets entered into that field needs to be discoverable by searches. In particular, I have a group that I would like to manually add some devices to, but I am unable to search by the Management Name to be able to add them.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Update AD msds-isManaged flag or delete on premise device when device is remote wiped

    Enterprise customers leveraging AD Connect with Device Write back and ADFS for Access Control cannot block authentication from devices removed from Intune because it does not update Azure AD when the device is Remote Wiped.

    When a device is wiped in the Intune console, Azure AD should receive an update indicating that the device is no longer managed, this should sync to on-premise. Alternatively, the device object should be removed form Azure AD deleting the object from the On-Premise AD as well.

    This way, a compromised device cannot successfully authenticate to ADFS even though the admin has remote/wiped the device.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. 7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Corporate Device Identifiers: Bulk Delete Via Web UI

    Admins can currently ADD bulk corporate device identifiers via the Web UI and a CSV file (imei,device details). It would be nice to have the same ability to DELETE corporate device identifiers using a CSV file (imei's). We currently do yearly mass device replacements (30-50% of total inventory), and manually search each corporate device identifier in the Web UI, and deleting it, is very inefficient. With some work, this function is somewhat available via Graph, but having it available via the Admin Web UI would be ideal.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Ability to manage multiple device profiles for a dedicated user, also to manage profiles/policies ranking

    Most of MDM solutions are providing a way to deploy different type of devices (different profiles/policies/apps..) for a single user. Currently the only real method is to either use Category tags or dynamic device groups. Category tags are limited and is currently not supporting all types of enrollment (not working with Android Enterprise full Corporate-owned fully managed devices, using Intune app instead of Company portal, manual action by an IT required in the console to set a category tag then). Second option is dynamic device groups that are also limited in scope as some objects are user-based only and cannot…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add AAD user to the Local Administrators group of specific devices via API

    We need the ability to assign specific AAD user(s) to the Local Administrators group of specific devices via API.

    As of now, you can assign AAD users to a Device Administrators role (as shown in the screenshot attached), but it adds that user as a Local Admin to ALL Azure devices. This is not good, not good at all.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Provide a way to audit EDP logs for BYOD Devices

    Provide a method to audit changes in file status from Work to Personal on MDM joined devices when Allow Override is enabled.

    The solution will be to advise the users that logging will be enabled and that only the EDP logs related to WIP management will be captured for audit purposes. We will then push syslog-NG provided by a company called Balabit. This will use a TLS certificate and an external service to receive the logs. Reports will be generated and logging events will be captured for devices.

              It would be nice if Microsoft could automate a similar process moving
    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Create API to remote wipe Devices

    Whenever someone leaves the company we need to develop one central application to remove access and remote wipe their device without going to the Intune portal

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Intune Device exports fewer columns

    Previous exports fielded over 30 columns. Has anything changed recently?

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add an identifier to MFA text that allows user to match with MFA screen

    We receive multiple MFA texts and screens at the same time or within a very short time frame. Can something be added to the pop up screen and the text to be able to match the correct code with the correct screen?

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Describe the details of "Failed" in "Restricted apps"

    When "Prohibited apps " is set in "Restricted apps" in iOS device restrictions, if "Prohibited apps" is installed, the profile status becomes "Failed".
    There are no details of "Failed",so it is difficult to understand why it fails.
    Could you please describe the details of "Failed" ?

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Intune Managers to customize the Audit Log retention

    The Audit Log found within Intune > Devices > Audit Logs has a default record retention of 30 days. Intune administrators should have the ability to customize how far back the audit log goes.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Are the Samsung Gear 3 (WATCHES) able to be Managed by INTUNE?

    Working with one of Our clients we need to have a group of Watches that can be assigned to a specific user but managed by an MDM to control assignment, set profiles and apps and report analytics.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Limit visibility of Device enrollment categories to groups/users

    For most of my users, I do not want them to ever see a choice to select device categories.
    But for some smaller, more specific groups of users or devices it is required that they select from a list of limited categories during enrollment.

    One example would be enrolling a Kiosk/POS device - a specific user in an allowed group setting up a Kiosk device could have visibility to a limited list of categories to which they are authorized - without cluttering the enrollment process for the majority of users

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Use Intune to pre-configurate Apple ID into IOS devices

    We want to pre-configurate Apple ID into IOS devices via Intune, then end users will not be able to use or sign-in their own Apple IDs. Could Intune develop this function?

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
1 2 5 7 9 16 17
  • Don't see your idea?

Feedback and Knowledge Base