Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Critical feature request/missing Corporate-owned, fully managed user devices deleting System Apps after QR Code Enrollment

    After some attempts to enroll Android devices and getting them stripped out of their system apps (provided in ROM by the manufacturer) I was able to find that the generated QR Code for enrollment is missing critical information.

    I urgently ask Intune team to add the following features:

    1. In "https://devicemanagement.microsoft.com/#blade/Microsoft_Intune_Enrollment/EnrollmentMenu/androidEnrollment", under "Corporate-owned, fully managed user devices" blade, below "Allow users to enroll corporate-owned user devices" Toggle button, add the following options:
      a) Toggle Button True/False "Leave All System Apps Enabled"
      b) Drop-down list "Provisioning Wi-Fi Security Type"
      c) Text Box "Provisioning Wi-Fi SSID"
      d) Text Box "Provisioning Wi-Fi…

    29 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  2. Android for enterprise with Intune token binding

    Google provide a way of binding a supported EMM with their Gsuite in Android for enterprise with a token generated by Google.

    In theory this would allow the use of managed google accounts on devices instead of personal gmail accounts on corporately owned devices

    However there is no documentation from MS on this capability. If it doesn't exist it should be implemented as using personal Gmail accounts leads to problems with Factory rest protection when a user leaves.

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disable OTA (over-the-air) software updates on Android Knox devices

    Disable OTA (over-the-air) software updates on Android Knox devices. This is required as 1 of the line-of-business (LoB) apps we need to deploy will only run on a specific version of Android Knox, should the device be allowed to update then the LoB app will stop working.

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  4. Full control AFW on corporate device(work only profile)

    As Intune provide AFW binding and able to differentiate Personal and Corporate devices, the enhanced control for corporate AFW will helps admins a long way, even with basic management functions such as passcode reset, full wipe sending message, take screenshot.....

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  5. BUG: Android Corporate owned, fully managed user devices (Preview) do not install apps after initial enrollment

    When a device is enrolled using the new Corporate owned, fully managed user devices (Preview), using a QR Code, it picks up the apps currently approved by the managed google play store (both required and optional, assigned by groups with users as instructed).

    After the device is already enrolled, if you add a new app to the google play managed store, the app will neither appear as available (under google play managed store) nor will it install if it's marked as required.

    At the same time, intune incorrectly accuses the app as installed (when mark as required), even though the…

    25 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  6. Increase limit of enrollment for Android Enterprise work profile by using a DEM account.

    Increase limit of enrollment for Android Enterprise work profile by using a DEM account.

    enrolling Android Enterprise work profile devices by using a Device Enrollment Manager account, there is a limit of 10 devices that can be enrolled per account.

    https://docs.microsoft.com/en-us/intune/android-work-profile-enroll

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  7. Rename an Android Dedicated device

    You should be able to rename an Android Dedicated device from the Intune Portal

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  8. When using MAM on Android, the company portal app is required.

    When using MAM on Android, the company portal app is required. From a previous idea, I understand there are no plans to remove this requirement. Problem is however that the app insists on enrolling the device, claiming access to company resources will not be available otherwise. This confuses users and makes them try to enroll the device even though we tell them not to.
    It would be a great improvement if there would be a choice in the app, something like "Do you want your device managed by your organization?" If users select No, they should be made aware that…

    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  9. Change the text "This device is managed by your organization" on a corporate owned android device

    Please make available to change the text "This device is managed by your organization" on a corporate owned android device.

    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  10. Android Enterprise Company Owned enrollment sync action

    All android enterprise enrolled devices does not have the "Sync policies" action. It should be added to force the modifications we are applying throughout the day.

    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  11. 3rd party swifty keyboard

    3rd party Swifty Keyboard stopped working with Android For Work Intune enrollment with OS version 8 releases , While other MDM's like Mobile iron do have a patch released to get a work around, could we have a fix from Intune end to make this application work ?

    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support for work-profile in Android Enterprise with Zero-Touch enrolment (COPE)

    Great COPE is Android Enterprise deployed with Zero-Touch and using a work-profile. Apparently it's not possible - which seems an amazing omission. I don't know whether it's an android limitation or an intune limitation but it will take both companies to fix this.

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  13. Company Portal can't authenticate when ADFS is configured to use Azure MFA as Primary Authentication

    Company Portal on Android does not work for registering a device when trying to authenticate on a federated domain with ADFS where Primary Authentication has been configured to be Azure MFA for Extranet (see https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-and-azure-mfa for information).
    However, it works with iOS.
    After some troubleshooting, it appears that Company Portal is specifically asking for Forms Authentication to ADFS (via claim http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password) and when Primary Auth in ADFS is only configured to be Azure MFA, then triggers an error in the Company Portal app in Android because AD FS responds that an invalid authentication method has been specified.
    On iOS,…

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support Managed Google Play Store Alpha and Beta Release Tracks

    We need a streamlined way to get Alpha and Beta releases of our internally developed apps deployed to devices that are running Android Enterprise

    Our internal app developers release alpha and beta updates to their apps using the Google Play developer console.
    We would like to make these alpha and beta releases available in the Managed Google Play Store within the work profile and control access to those releases using group assignments in Intune

    https://developers.google.com/android/work/play/emm-api/distribute#distribute_closed_tracks_to_users

    https://support.google.com/googleplay/android-developer/answer/3131213?hl=en

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make sure Company Portal app remains visible after Android-for-Work unenrollment, also on Samsung Knox devices.

    It would save us some time and resources if we could easily re-enroll an Android-for-Work user. Currently we need a factory reset or Google Play Store login to re-enable the Company Portal app.

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  16. Hide apps in the Android Enprise profiles.

    It would be nice to hide apps for Android Enterprise Device Owner profiles. You can hide apps for Knox devices. with device restriction profile and it would be nice to hide apps for all Android devices, especially for Android Enterprise devices.

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  17. Ability to control LOB application deployment to Android dedicated devices

    We publish internal app from Google Developer console to Managed Google Play and then sync to Intune and later on deploy to Android dedicated devices.
    If later on we deploy update to the app through Google Developer console, then app is synchronized to Intune and immediately deployed to all devices which have this app assigned.
    We would like to have the ability to control update deployment - first test it to test devices and then deploy it to several groups gradually.

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide support for Huawei devices

    Right now, the onboarding process for new Huawei devices fails mid-way with support not being able to help in any way.
    Huawei is rising in popularity all over the world, and it seems odd that it's not supported yet.
    Furthermore, Intune support is only able to point at the encryption of the device (Huawei P30 Pro) - and be quite vague in their explanations (reference an article that states that certain Android devices from Huawei can't be encrypted - no actual list though).

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  19. Option to treat Android Beam as nonmanaged

    Android Beam allows transfer of files to another device and the other person can take that file and save it locally or send it outside of the work profile. This is a huge security concern for us and we would need this to be blocked. This is an issue that could prevent us from moving forward with Intune for Android for Work devices.

    We would like to see the Beam location\option treated as a non-managed for corporate data.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  20. Update Android OS remotely on a fleet of device (Android Enterprise)

    Update Android OS remotely on a fleet of device with Android Enterprise enrollment profile.
    For now it's only possible to update iOS devices remotely.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base