Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to choose/configure Email client (i.e. Outlook) within mail policy

    A menu that allows you to select the default mail app or the outlook client for the type of mobile device, perhaps once outlook is selected a selection of options appropriate to the application

    321 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      32 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
    • Sync Outlook for iOS Calendars to iOS native Calendar app

      This is now available for Contact sync in the Account settings (Within the Outlook app on iOS device, Settings>Tap the account>Toggle on "Save Contacts"> tap "Save to My iPhone" at prompt "Would you like to save your [#] Outlook contacts to your iPhone?" > Tap "OK" to allow Outlook to sync Contacts to the iOS Contacts app.) It would really help user buy in to Intune if there was a similar option to sync calendars to the native iOS calendar app.

      183 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        8 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
      • Extend the SCEP enrollment profile with additional Active Directory attributes

        At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

        132 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

          AS of the week of April 23, 2018, you can use the OnPremisesSamAccountName the common name in a custom subject on an SCEP certificate profile. For example, you can use CN={OnPremisesSamAccountName}).

          As of Dec 11, when you create a SCEP certificate profile in Intune, you can now use the AAD_DEVICE_ID variable when you build the custom subject name. When the certificate is requested using this SCEP profile, the variable is replaced with the AAD device ID of the device making the certificate request.
          https://docs.microsoft.com/en-us/intune/whats-new

          I don’t think it gives you everything you want, but how close are we?

        • Sync Exchange contacts with local device contacts

          To allow the use of SMS and caller ID,contacts contained within the Exchange ActiveSync contacts configuration needs to be accessible to the local device, the ability to configure a profile to just allow the synchronizing of contact or the export of contacts from the outlook managed app to the device is necessary. Email access cannot be allowed outside of the managed apps.

          115 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            noted  ·  5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
          • Modern authentication for native mail

            We need to be able to configure email profiles with modern authentication. It is supported now by iOS but not by Intune. This problem is making an MFA rollout to existing email profiles very difficult and leaving gaps in our ability to retire native emails when employees have to configure their own exchange profiles.

            Outlook is great and all but conditional access doesn’t prevent the native client from being used.

            95 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              9 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
            • Configure Anyconnect application on Android devices without enabling external control

              Allow the ability to configure the Anyconnect application on Android devices without having to enable external controls. When I opened a premier support case with Microsoft they said it was a limitation with the Cisco Anyconnect application and open a ticket with Cisco. That would be fine, but I am an Airwatch customer evaluating Intune and this feature works perfectly fine using Airwatch. I can configure the Anyconnect application using a profile without having to enable external controls. So, I know this can be done. Please work with Cisco so you can configure the Android Anyconnect app when you are…

              72 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                3 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
              • SMIME enroll via Intune - choose to sign but not encrypt mails

                When you enroll a s/mime certifcates via intune (others then symantec), than its not possible to choose wether to sign or encrypt e-mails.
                We only want to sign our E-mails on the Smartphones, not to encrypt them.

                55 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                • Use AAD as Cert Authority for SCEP, keep the whole SCEP process in the cloud

                  I haven't been able to find any information that Intune can use Azure Active Directory as the Certificate Authority for SCEP. I'd like to see this feature added to keep the whole process in the cloud.

                  40 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                  • I want to be able to deploy a second email profile to a user that is a shared mailbox account.

                    We have users that have a second corporate email account on their phone that is a shared mailbox. I want to be able to deploy this in addition to their personal emailbox

                    36 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                    • Restrict Outlook App from Adding New Accounts or Deleting Initial Account

                      I would like to see the ability to disable the users ability to add any new accounts to the Outlook app and prevent the user from deleting the initial account used to setup the device during the initial sign-in process for the first time. This would ensure the end user can only use their own corporate account and prevent them from adding personal accounts.

                      28 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                      • Email Profile Configuration with Alternate Login ID

                        When federating with Azure AD and using alternate login ID, as described here:

                        https://blogs.office.com/2014/05/06/alternate-login-id-for-office-365-reduces-dependence-on-upn/

                        and

                        http://social.technet.microsoft.com/wiki/contents/articles/24096.dirsync-using-alternate-login-ids-with-azure-active-directory.aspx

                        There needs to be a way to use alternate login ID when configuring the ActiveSync Email profile configuration such as [DOMAIN\USERNAME].

                        Other MDM solutions allow for this, which allows for none routable upn suffixes to be used on the users AD object.

                        I have a premier ticket open with Microsoft that provides additional detail information. Ticket number is:

                        "[REG:115070312910473] PREM| B BHO| Microsoft Intune| Need to be able to use alternate usernames other that the prolife setup for active synch"

                        28 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                        • IOS email profile does not support MFA

                          we found that : https://docs.microsoft.com/en-us/intune/email-settings-ios
                          Authentication method - Select either Username and Password or Certificates as the authentication method used by the email profile (Note: Azure Multi-factor authentication (MFA)is not supported).
                          and now in IOS11, the native apps support MFA. But the email profile does not support MFA.
                          We need email profile to support MFA with IOS native mail app.

                          25 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                          • Restrict large app updates\downloads to Wifi Only

                            Applications have large updates - Excel \ Word etc updates have been 400+mb recently.
                            Over 1.2Gb to update Word\excel\powerpoint. this is a major chunk of the data allocated to the device data plan & we would ONLY want the apps to download updates if \ when they are connected to a WiFi service.

                            We would like to be able to specify over X (where X is a field we can specify) amount to ONLY use wifi connection. We would probably set this value at 100mb so any app over 100mb will onlly update via WiFi

                            Ideally we would like to…

                            25 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              3 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                            • Support the "always on" feature in the VPN policy configuration for VPN V2 (instead of requiring a seperate CI item)

                              Support the "always on" feature in the VPN policy configuration for VPN V2 (instead of requiring a seperate CI item)

                              22 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                noted  ·  1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                              • Disable Wi-Fi Assist

                                It doesn't seem like the new 'Wi-Fi Assist' option is possible to configure currently via InTune. Data Roaming is, so I'd expect to see this too?

                                19 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                • Add certificate + username & password as a Authentication method in VPN profiles iOS/Android

                                  We really need certificate + username & password as a Authentication Method in vpn profiles for iOS/Android. We have changed our mdm to Intune and only thing that is missing right now is that. Before we had airwatch and it allowed us to do that so our F5 Edge client could authenticate by certificate and username+password. Now in Intune i can choose only certificate (or username). When F5 Edge client gets profile from Intune and i click connect it wouldnt connect because it wouldnt ask me for username and password. I have to edit that profile on F5 app and…

                                  16 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    3 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Deploy PKCS User Identity certificate to macOS

                                    SCEP is a legacy protocol for delivering certificates for devices. Intune allows iOS devices to be issued a PKCS certificate for User Identity and the same should be true for macOS.

                                    16 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                    • SSTP VPN without MDM

                                      Can I suggest a feature request to allow the deployment of vpn profiles via Intune without the need to deploy MDM first?

                                      Also, can the SSTP protocol be included in the VPN deployment wizard in Intune rather than having to set up complicated OMAs to use that protocol?

                                      Thanks

                                      16 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Deploy WiFi, Certificate, VPN without enrolment

                                        The ability to deploy WiFi, VPN profiles, and certificates without requiring full device registration/enrolment would be nice (e.g. for BYOD)! As we move more and more towards "MAM without Enrolment", there are scenarios where we want to allow staff access to WiFi for general Internet access, or per-app VPN for some non-critical apps.

                                        16 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                        • 14 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3
                                          • Don't see your idea?

                                          Feedback and Knowledge Base