Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Monitor Windows Defender

    It seems the ability to monitor Windows Defender (infections, etc) with Intune no longer exists. Every Microsoft Doc I can find refers to this functionality but as with a number of items I've come across it seems it is referring to old versions. Please add this back. Thank you.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make it possible to display the MSI or Application GUI during MDM MSI deployment

    Currently all MDM MSI's are deployed in the SYSTEM context. Because of this the GUI of te MSI or Application installer is not visible to the user. When large applications like Office365 ProPlus are installed it's more clear for the user to see the progress by the Application Install GUI. Now the user doesn't see any progress. Probably this option should be selectable because you don't want any GUIs in required deployments.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. Intune SharedPC policy & profile deletion

    user profile deletion in the SharedPC policy works with 1703 when applied against the DEM account.
    while the SharedPC mode/guest mode work when applied against the Device.
    This means the SharedPC policy with all the above settings needs to be applied to both device and DEM...

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. MDM Manage Windows 10 clients even if they are domjoined

    I have a set of Windows 10 domain joined (local domain).
    I have pushed a policy for joining them to Azure AD.
    I want to manage these clients with OMA-DM, and not the Intune Client.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add additional language in Windows 10 using Intune

    I'd love to see the feature where I can add an additional language keyboard for all the Windows computers that are joined to Azure AD in Intune.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. fix WSfB so when app is removed it doesn't appear in Intune anymore

    Please fix Windows Store for Business sync with Intune so that when an app is removed from Windows Store for Business it no longer appears in Intune. At the moment, it's not a sync, it's an import!

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Require Windows Hello for Business to logon to Windows devices

    Please add Require Windows Hello for Business to the Local device Security configuration policy in the Interactive Logon settings. We would like to be able to force users to logon only with Hello for Business and not their passwords on Windows devices. It would also be nice if this policy allowed users to sign in initially with their password, prompt them for a PIN and then only allow them to sign-in with the PIN from then on.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  8. EDP Windows Information Protection for Outlook 2016 Enterprise App

    Currently per the article https://technet.microsoft.com/en-us/itpro/windows/keep-secure/enlightened-microsoft-apps-and-wip only enlightened apps are supported for use with Windows Information Protection Policies on Windows 10 1607 Desktops enrolled as computers to Intune.

    Per this article:

    Microsoft has made a concerted effort to enlighten several of our more popular apps, including the following:
    •Microsoft Edge
    •Internet Explorer 11
    •Microsoft People
    •Mobile Office apps, including Word, Excel, PowerPoint, OneNote, and Outlook Mail and Calendar
    •Microsoft Photos
    •Groove Music
    •Notepad
    •Microsoft Paint
    •Microsoft Movies & TV
    •Microsoft Messaging
    •Microsoft Remote Desktop

    We are looking for the Outlook 2016 Click To Run full Office Enterprise app and would like…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  9. Endpoint Protection Scan Results in Admin Console

    Integrate a central overview of the last Endpoint Protection Scan Results like the Admin Console of every other EndPoint Protection product.
    In my opinion instead of only showing which virus/worm/malware type was found on a System, you should see the path to the file or blocked Connection. As Administrator i have to ask the user to check the history of the Intune endpoint protection Client to get the Information about which file and then the user will ask me if he has to do something more. it would be more convenient to have the Information and tell the user what…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add ability to reset passcode of Azure AD joined Windows Phones through InTune

    Currently phones that are Azure joined yet still managed by Intune cannot have their passcodes reset.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  11. GUI for Windows 10 Custom Polices

    Create a GUI interface with easy to use point and click interface to allow customization of Windows 10 policies for OMA-URI settings. Also have the ability to export/import these custom policies for easier administration.

    https://technet.microsoft.com/en-us/library/mt126215.aspx

    There is no reason why a person should need to manually type these in values in.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →

    We understand that having full UI would be preferable, but the reality is this is the best we could do with the time and resources we had. We know that importing and exporting would also be better, and we’d like to do that when we get a chance. In the short term, it was important to get something, even though it’s not ideal. On the plus side, it’s now possible to copy and paste the URI paths instead of manually typing them in. We’ll watch this one and see how much traction it gets with the rest of the community – having lots of votes definitely gets more attention.

  12. Auto Enrollment based on Device and not user

    There needs to be a way to have your on prem AD joined Windows 10 systems be able to be auto enrolled to Azure AD / Intune with out having to login to every single system. Maybe group policy? Maybe some power shell scripts? Because right now Intune is useless to my organization if I have to login to every single 2000 systems to configure Intune.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Manage updates and have malware reporting by using Azure Ad instead of using the intune client

    We need the same functionality as we get from the in tune client when setting the clients up to use Azure AD instead of installing the client. We need a way of managing updates and malware. It seems crazy that both have completely separate features and you can not use them both together. Our customers want the single sign on / logging into the PC with their 365 credentials and they want the malware / update reporting.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Manage Windows 10 Mobile Upgrade

    As it stands, the new Windows 10 platform for mobile will be released in December and this will be pushed out by carrier. Most companies including the one I work for will want to be able to control when devices install the new OS.

    Without this functionality some users phones will install the update causing questions such as 'why does your device look different to mine' why isn't this working. In addition to that, LOB apps will need to be tested on the platform prior to moving everyone over.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. Configuration Policy: Windows - Making a change manaully in registry key doesnt remediate setting on next sync

    Currently we see that if you set device restriction policy from Intune, it gets applied fine to the devices. later if we change the registry key for that CSP, we don’t see it getting remediated with successive sync. The registry key doesn’t change, and device stays compliant for the setting.

    Attaching the file with example

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  16. Set a Proxy Server/PAC-file via Configuration Policy for Windows 10 Desktop

    A few clients I work with would like to be able to set and maintain the Proxy Server for IE and Edge. Currently, they need to create an MSI which sets 2 registry keys to use a specific PAC-file.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. windows 10 needs patches. Where are they in intune?

    i cant see patch deployment for windows 10 patches in intune. The more we roll windows 10 the further behind we fall. We need intune to do windows 10 patches. I cant see the 1511 release either.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. Task to reset local Windows user password to default

    It would be very useful, if we could send a task to a device (like reboot the device), to reset the password of a pre-defined local user. It should be possible to define the user (e.g. Administrator) and the password.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. OMAURI Get commands for reporting against MDM Windows device family

    I want to be able to use Intune's OMAURI command structure leveraging Reporting.

    Specifically you should be able to use Intune URIs to report against a device's configurations without making any changes.

    I think Intune should have all CSP mapping per device type loaded into the system for admins to use.. because all URIs for different devices are infact different.

    An example, if I want to query this:

    DeviceStatus/TPM

    This was added in Windows, version 1607.

    'DeviceStatus' is is the Node for the TPM query.

    The Supported operation is Get.

    If I read this right, the use of GET would…

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Extend app distribution for Windows devices

    Currently Windows devices most be enrolled for distributing apps.
    For IOS and Android you can already distribute apps for unmanaged devices and implement LOB app security with Intune Wrapping. Currently it's not possible to distribute apps to unmanaged Windows devices. Our developers asks this functionality a lot.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base