Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Please tell us what is gonna happen with MS Tunnel

    ... and when it will be general available!

    THX

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add "Primary User" column in Intune devices blade

    Please add an option to select "Primary User" in the Intune devices blade..

    Currently you can only see the "Enrolled user". If a device is given to another user to enrol and keep, this information is unreliable.

    I know you can click on the device and it will show the "Primary user" there, but it doesn't help for bulk reporting.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow devices with root access

    The detection by MS can already be bypassed, please allow it to be enabled.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allowed root or jailbroken devices

    The detection by MS can already be bypassed, please allow it to be enabled.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow User Name in Device Name Template

    Under an enrollment profile, you can set a device name template to rename all devices being added. I'd like to have the option of adding a username in the front of the device type. This way, instead of seeing "iPhone" in my device list, I'll be able to see something like "JSmith iPhone"

    296 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    29 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow Dual messenger to work on fully managed enrolled devices

    Appreciate if Microsoft could look into this issue as it will convenient many users who are using 2 SIM card (work and personal) else we have to carry to phones with us. Thank you in advance.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. COBO - Add the ability to create different COBO profile with different profil name

    With COPE or KIOSK profile in intune it is possible to create different enrolment profile (with its specific name, its specific QR code and specific enrolment token). This give the ability to create dynamic group based on those profiles (profile name) to provide different configuration, restriction, conformity configuration.
    We would like to have the same possibility with COBO enrolment type.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Remote Lock Needs to be Faster

    Remote Lock of sub 10 seconds is ideal. When initiating a remote lock of the device Intune conducts a software inventory. This causes the remote lock feature to slow to the point where it can be 30 seconds or more before the device is locked after receiving the command when more than 20 apps are installed on a device. If the order was reversed or swinv was skipped the device would lock almost immediately.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for Minimum OS version or security update by model or date released

    There is no one-size-fits-all approach to keeping mobile devices secure by setting a minimum OS version (iOS and Android) or security patch level (Android).
    Examples: iPhone 6 with iOS 12.5 is secure, iPhone 6s with any version of iOS 13 is not secure. This makes it impossible to set a single minimum OS version for all iOS/iPadOS devices.
    For Android the minimum security patch level is some help but all the same would like to force devices that support Android 10 or 11 to upgrade without affecting devices that only support 8.1 or 9 but are still getting security patches.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Dynamic group memberships based on user and device information

    It would be great to create dynamic rule memberships from both - user and device information.

    For example all iOS Devices from users from department XYZ
    All Android devices from users from a country

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Force sync from device without company portal

    Allow a device to request a forced check-in sync without the use of the company portal.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Displaying IP addresses in the hardware inventory for Windows 10 devices.

    Intune does not report back the LAN ips, either for ethernet or wi-fi, or the WAN ip if accessing anything externally, for Windows 10 devices, at least. Currently, an APIPA address id returned which does not provide any useful information & if anything is misleading. Can there be the facility provided to output this information?

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure AD shared phones MDM

    Ok, so I work with a MDM where a lot of people and their private android phones and now shared Azure AD phones with AD login etc to access apps with sensitive data.

    The Azure AD Shared phone from Intune/Endpoint works perfectly and runs really smooth and I get it to work really got damn well!! Exception from one problem....which is a problem that shoots the whole thing in the knee!

    Edge, the Outlook app, Office app and OneDrive can't be used in shared mode! It saves it's data in the system folder instead of the user folder! A rooted…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. MS tunnel 2 different VPN group needs 2 internal server MS Tunnel

    In intune Device > Configuration profiles > VPN profile must be configured to configure MS tunnel client application for devices. Here we can allow some applications access to this tunnel. Also we must choose/set MS Tunnel Site here.

    but if i need to use more than one VPN profile for some different groups of devices and those groups has must have different applications and different accesses through this VPN tunnel, than i need to create other Site for this mstunnel profile yes?

    and if we need another site, than i must install another server for ms tunnel or i can…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Migrate android device administrator to Android Enterprise

    There should be an ability to migrate a fully managed corporate owned device from 'android device administrator' to 'Android Enterprise' without going through hard-reset route. In the current climate with Covid, this can save considerable amount of time for everyone and not risking users from visiting office sites just to move over to new Android enterprise profile.

    The whole process can take more than 1hr with hard-reset for each device with re-authentication. The process exists for byod work profile, but not for full corp owned devices.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Please enable block screen shot for iOS device

    Screenshot Blocking feature works for other devices than Apple device. Please enable this feature on Priority.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Provide validation for MDM Baseline policy configuration

    In the MDM Security Baseline > Device Installation, there are two polices that allow you block and remove the installation of devices by device identifier or class. In our experience, if you set "Remove matching hardware devices" to "Yes" but remove all the items on the block list, the policies do not get applied properly to devices and result in errors showing in Assignment Status. If I'm right about this, then Endpoint Manager should alert the user if they have created a policy that will result in an error if deployed.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. android enterprise fully managed devices

    I would like all the unwanted chrome browser plugins removed and would like my broser setting corrected the right way and would like managed browser disabled and for the browser activity to be supervised and removing all the popups adds and redirects

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Set custom background and logos via Android Enterprise device configuration policy

    Currently setting custom backgrounds on Android Enterprise MDM devices in Intune is only available for devices that are in a kiosk mode configuration, it would be useful to enforce a custom background and logo on managed Android Enterprise devices within Intune in a non-kiosk mode configuration.

    Is this something in the pipeline?

    65 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Staging capabilities for deployments

    It would be nice to have the ability to pre-stage a device prior to the user logging into the Intune Company Portal App.

    In a competing product, this is possible. A deployment person can log in, and do any prep work (for example. having to copy files into an App on an iPad that takes hours) long before giving the device to the user to sign in.

    This is preventing us from using Intune fully until this is resolved.

    Screen shots attached to show the setting in the competing product.

    Text below explains the Staging ability:

    • Single User (Standard)…

    35 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base