Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sync Outlook for iOS Calendars to iOS native Calendar app

    This is now available for Contact sync in the Account settings (Within the Outlook app on iOS device, Settings>Tap the account>Toggle on "Save Contacts"> tap "Save to My iPhone" at prompt "Would you like to save your [#] Outlook contacts to your iPhone?" > Tap "OK" to allow Outlook to sync Contacts to the iOS Contacts app.) It would really help user buy in to Intune if there was a similar option to sync calendars to the native iOS calendar app.

    657 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    35 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to choose/configure Email client (i.e. Outlook) within mail policy

    A menu that allows you to select the default mail app or the outlook client for the type of mobile device, perhaps once outlook is selected a selection of options appropriate to the application

    343 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    33 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  3. Extend the SCEP enrollment profile with additional Active Directory attributes

    At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

    146 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

    AS of the week of April 23, 2018, you can use the OnPremisesSamAccountName the common name in a custom subject on an SCEP certificate profile. For example, you can use CN={OnPremisesSamAccountName}).

    As of Dec 11, when you create a SCEP certificate profile in Intune, you can now use the AAD_DEVICE_ID variable when you build the custom subject name. When the certificate is requested using this SCEP profile, the variable is replaced with the AAD device ID of the device making the certificate request.
    https://docs.microsoft.com/en-us/intune/whats-new

    I don’t think it gives you everything you want, but how close are we?

  4. Sync Exchange contacts with local device contacts

    To allow the use of SMS and caller ID,contacts contained within the Exchange ActiveSync contacts configuration needs to be accessible to the local device, the ability to configure a profile to just allow the synchronizing of contact or the export of contacts from the outlook managed app to the device is necessary. Email access cannot be allowed outside of the managed apps.

    131 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  7 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  5. Configure Anyconnect application on Android devices without enabling external control

    Allow the ability to configure the Anyconnect application on Android devices without having to enable external controls. When I opened a premier support case with Microsoft they said it was a limitation with the Cisco Anyconnect application and open a ticket with Cisco. That would be fine, but I am an Airwatch customer evaluating Intune and this feature works perfectly fine using Airwatch. I can configure the Anyconnect application using a profile without having to enable external controls. So, I know this can be done. Please work with Cisco so you can configure the Android Anyconnect app when you are…

    88 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  6. Remove Default "Get Outlook For iOS/'Any Cell Provider'" from the Default Signature

    Remove the Default Email Signature "Get Outlook For" on all Intune Joined Devices.

    54 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  7. Deploy PKCS User Identity certificate to macOS

    SCEP is a legacy protocol for delivering certificates for devices. Intune allows iOS devices to be issued a PKCS certificate for User Identity and the same should be true for macOS.

    51 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  8. I want to be able to deploy a second email profile to a user that is a shared mailbox account.

    We have users that have a second corporate email account on their phone that is a shared mailbox. I want to be able to deploy this in addition to their personal emailbox

    47 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  9. Use AAD as Cert Authority for SCEP, keep the whole SCEP process in the cloud

    I haven't been able to find any information that Intune can use Azure Active Directory as the Certificate Authority for SCEP. I'd like to see this feature added to keep the whole process in the cloud.

    45 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  10. Restrict large app updates\downloads to Wifi Only

    Applications have large updates - Excel \ Word etc updates have been 400+mb recently.
    Over 1.2Gb to update Word\excel\powerpoint. this is a major chunk of the data allocated to the device data plan & we would ONLY want the apps to download updates if \ when they are connected to a WiFi service.

    We would like to be able to specify over X (where X is a field we can specify) amount to ONLY use wifi connection. We would probably set this value at 100mb so any app over 100mb will onlly update via WiFi

    Ideally we would like to…

    37 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support for PKCS Certificates for Windows 10 WiFi EAP Authentication

    Currently Intune only supports SCEP user certificate profiles for client authentication within Windows WiFi Enterprise profiles.

    Including the ability to call PKCS-based user certificate profiles would bring Intune capability to near-feature parity with the group policy based equivalent.

    37 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow us to configure Per-App VPN as below

    We are now planning to configure the service scheme as below:

    a) Multiple users will use one VPN service certification
    b) To configure VPN connection (Per-App VPN) for each apps are planned

    However, above configuration is not available at current Intune, and this situation force us to have tough Intune administration.

    Detail for the Intune setting at our environment.
    ----------
    a) is not available at VPN configuration profile (*1), so customer create mobileconfig at custom policy as a workaround.
    However, it is not available to enable this custom policy as a Per-App VPN (*2).

    If we are able to configure…

    36 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  13. Email Profile Configuration with Alternate Login ID

    When federating with Azure AD and using alternate login ID, as described here:

    https://blogs.office.com/2014/05/06/alternate-login-id-for-office-365-reduces-dependence-on-upn/

    and

    http://social.technet.microsoft.com/wiki/contents/articles/24096.dirsync-using-alternate-login-ids-with-azure-active-directory.aspx

    There needs to be a way to use alternate login ID when configuring the ActiveSync Email profile configuration such as [DOMAIN\USERNAME].

    Other MDM solutions allow for this, which allows for none routable upn suffixes to be used on the users AD object.

    I have a premier ticket open with Microsoft that provides additional detail information. Ticket number is:

    "[REG:115070312910473] PREM| B BHO| Microsoft Intune| Need to be able to use alternate usernames other that the prolife setup for active synch"

    29 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add support for Citrix VPN on Android Work Profiles

    Android Device Admin enrollment supports Citrix VPN, but Work Profiles do not. As we approach the release of Android Q (10.0), Device Admin will no longer be an enrollment option with full support from Google. Parity is needed here, especially considering that Citrix is one of the few options offering NAC.

    27 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. Want to sync the Contacts registered in Outlook for iOS to iOS default Contacts App.

    I think that the Contacts of MDM managed device cannot be synced to the MDM non-managed app by the specification.

    Because of the specification above, The problem has occurred which is the
    device that MDM distributed from Intune cannot sync the contacts from Outlook for iOS to iOS default Contacts App.

    “Contacts” are important factor to perform the business,
    And there are enormous impact to the business if the Contacts cannot be synced,
    So we would like to request iOS default Contacts App to be able to sync from the Outlook for iOS.

    26 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  16. Profiles that use certificate based authentication should not be installed until the certificate is installed

    For configuration profiles that use certificate based authentication they should not be installed until the associated certificate is installed.
    We use certificate based authentication for e-mail using ActiveSync. This uses two different profiles; one is a profile with the e-mail configuration the other is a profile with the user certificate. The e-mail profile typically installs before the certificate profile, Once the e-mail profile is installed it prompts the user to enter their password. If they enter their password it uses their password instead of certificate based authentication.
    If we configure our e-mail profile to use certificate based authentication we need…

    25 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support the "always on" feature in the VPN policy configuration for VPN V2 (instead of requiring a seperate CI item)

    Support the "always on" feature in the VPN policy configuration for VPN V2 (instead of requiring a seperate CI item)

    25 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. 22 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  19. Disable Wi-Fi Assist

    It doesn't seem like the new 'Wi-Fi Assist' option is possible to configure currently via InTune. Data Roaming is, so I'd expect to see this too?

    21 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. Deploy WiFi, Certificate, VPN without enrolment

    The ability to deploy WiFi, VPN profiles, and certificates without requiring full device registration/enrolment would be nice (e.g. for BYOD)! As we move more and more towards "MAM without Enrolment", there are scenarios where we want to allow staff access to WiFi for general Internet access, or per-app VPN for some non-critical apps.

    19 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base