Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Non Admin Intune Joing

    The ability to join Non-local Admin machines to Intune MDM is something that needs to be allowed. In our case we have 500+ Windows 10 endpoints which are not managed and are not and do not planned to be joined to Azure AD, Local AD, or Hybrid AD.
    But we do need to manage them with Intune, so this is not allowed, and giving users all over the county admin rights to the machine is not an option. There should be a way to push the Intune MDM management joining without interrupting the current account state

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Intune governance policy

    The idea is to have the capability to enforce policies in term of Intune Governance.

    Example would be to have a way to enforce naming convention for the compliance policy/configuration profiles.

    Even more, enforce a minimum number of character or presence of a ticket number within the policy description.

    The same way as Azure Policy enforces compliance and policies at the resource level.

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add the possibility to run custom-actions before wiping/retiring an company owned device

    Please look in to adding the possibility to run custom-actions, maybe in the form of a powershell script, prior to wiping/resetting an company owned device. Making it possible to remove biossettings or other none-OS configuration/branding.

    This would be a great functionality to simplifying offboarding of old devices.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Conditional Access days enforcent warning

    When a condition is enforced. Such as operating system version. Allow a count down of days till the condition is enforced. The end user should get a message stating that in 10 days, if they do not meet minimum os requirements, they will be unable to access o365. This can be enforced on various requirements and allows the end user time to resolve the issue before enforcement.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Intune Device Clean up

    I hope everyone would agree that when enabling the device cleanup for Mobile devices has an option to enter what DAY or Month or YEAR to clean in the database to effectively clear in the records. Also, another rule like to separate these devices from the main database for future references.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. dynamic group rules needs Management Name device attribute associated with it

    With the inclusion of the Management Name property, I believe a device attribute should be created that is associated with it allowing Dynamic Group Rules functionality. I would like to create dynamic group criteria based on the Management Name I associate with a device. For example: (device.managementName -contains "MyCustomManagementName")

    36 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Conditional Login

    If I assign a device to a user in Azure, I want to make sure that only that user (+ any admin) can log into it, and nobody else.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. 14 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Mix User Groups assignment and Device Groups exclusion

    We need a solution to configure Intune policies and software deployment for a large customer who has users with registered AND AAD, who have connected W10 devices that we both like to manage with Intune.

    We want to apply (mainly security related) policies to the registered devices (BYOD) and policies and software to the AAD connected devices (corporate devices). Now that we apply the configuration to user groups, how can we say that we keep the software packages away from the registered devices and apply them to the connected devices for the same users?

    We tried to apply the configuration…

    64 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Intune Major.Minor.Build

    In Microsoft Intune, the system allows you to set major.minor.build to cover current version and the 2 prior, but it’s a hard setting. We'd like to remove the administrative overhead of changing the value every time a new OS version is released. Would like a dynamic setting that will automatically adjust to be the current OS version and 2 prior.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. End-user self wipe on Apple DEP device

    Please support self-wipe (by device user; not administrator) on iOS device that registered with Apple DEP service.

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Describe the details of "Failed" in "Restricted apps"

    When "Prohibited apps " is set in "Restricted apps" in iOS device restrictions, if "Prohibited apps" is installed, the profile status becomes "Failed".
    There are no details of "Failed",so it is difficult to understand why it fails.
    Could you please describe the details of "Failed" ?

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Selective wipe displays inaccurate device names.

    Selective Wipe request does not display the device's name correctly even though the device is protected with Windows Information Protection and is currently enrolled in Intune. It would also be quite better if administrator is provided the ability to remove stale devices in the list. Intune seems to keep old devices in the list even if the device name was repeated multiple times. This makes initiating Selective Wipe requests to devices more difficult.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Prohibit Intune to discover applications on personal device and/or notify user if admin switches Personal device to be identified as "Corpor

    Suggestion: Prohibit Intune to discover applications on personal device and/or notify user if admin switches Personal device to be identified as "Corporate owned"

    In the hybrid model, which many SMEs use, where Intune is connected to System Center Configuration Manager, the administrator can identify specific devices as corporate owned. The administrator could change the ownership of the Personal device to Corporate in order to gain insight into what apps are installed, while the user will is oblivious to this change. This is a vulnerability that could be exploited, in theory.

    Considering that users who enrol their personal devices in Intune…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Filter for custom notification

    Ability to add filter for custom notification to target only specific device types.
    Example: Changes will happen to Android configuration so we want to send notification only to Android phones to not confuse users on iOS.
    Currently we can only target user groups for notifications therefor we are unable to control what type of devices get the message.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enrollment Restriction Allow/Block/Not Configured

    Add "Not Configured" to Enrollment Restrictions settings on all "profiles" except the default.
    This will allow us to make group-based restriction, for example:
    Default allow only Windows (MDM)
    If part of group "Android MDM" then the user can enroll Android phones
    If part of the group "macOS MDM" user can enroll macOS device.
    If the user is part of both groups then macOS and Android can be enrolled.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Disabling an Intune user or removing the license should automatically trigger a device retire

    Because we are a big company several users leave the company each month. The user will be disabled and the Intune license will be removed automatically. This also breaks the connection between Intune and the device and unfortunately the company data like mails, calendar and contacs are still remaining on the device. Because of broken connection between Intune and the device it's not possible to trigger a manual retire of business data and must be done directly from the device. The same situation exists if a device will be deleted in Intune without doing a retire or wipe before.

    It…

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. deleting a device in Intune should automatically trigger a retire

    Because we are a big company several users leave the company each month. The user will be disabled and the Intune license will be removed automatically. This also breaks the connection between Intune and the device and unfortunately the company data like mails, calendar and contacs are still remaining on the device. Because of broken connection between Intune and the device it's not possible to trigger a manual retire of business data and must be done directly from the device. The same situation exists if a device will be deleted in Intune without doing a retire or wipe before.

    It…

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Informations about the connected SSID and IP Adress of a network for mobile Devices

    We need the more network Information from the Device, especially for iOS and Android Devices.
    The Information about the WLAN SSID in which the device is currently connected as well as the IP Adress of the connected Network would be fine.

    The Informations could be stored in the Hardware Tab (Network details) of the device Detail View on the intune console.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enrolment Date column permanent column in Device list view

    In the Devices | All devices list view, could we please have the "Enrolment Date" column as a permanent column.
    OR
    Ability to permanently save / apply specific columns for a view, this would give an Intune administrator the ability to tailor views according to their needs.
    Thanks.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base