Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow Autopilot registration via either Email or Hardware Hash

    Currently, to register a device for Autopilot, it's hardware hash needs to be uploaded to the portal via

    A) the vendor (partner portal)
    B) Manually - the device needs to be progressed past the OOBE and the script needs to be run to extract the hardware hash, the device is then reset.

    Whilst A) is great for large volume orders coming from the manufacturer / reseller, what about ad-hoc rapid purchases required immediately. B) is a larger administration overhead which multiplies by the number of ad-hoc devices required.

    What if;
    During OOBE on a non-registered device, at the page, "Sign…

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Disable Hardware Encryption and force Software encryption During AutoPilot

    referring into MS Articlehttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180028 to force of use software Encryption it require to configure GPOs which is not applicable at the AutoPilot.

    we might be able to add the required registry values using Powershell, but the issue is that the machine is pulling the policies randomly, and there is a chance that the machine is getting the Bitlocker Policy before adding the required registry Values.

    it will be a good Idea if we can add this option into the Bitlocker configuration in order to force of using Software Encryption, or we can built dependencies for Configuration Policies in order…

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. autopilot assign device to users in bulk

    It's very nine to be able to assign devices to Users in Autopilot. I would like assign devices to users in bulk (directly in the CSV autopilot import file och with Powershell.
    'Thanks

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Disable Windows Hello after Azure Join/Windows Enrollment

    We need the ability to disable Windows Hello (PIN/bio-login), and force users to log in with Password, on devices Windows already enrolled with Intune.
    If users login with PIN/Windows Hello, mapped SMB shares and printers always prompts for password.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Install Intune Apps through PowerShell script or API (GraphAPI) or any other

    This will help admins with AutoPilot and having control of what gets installed in what order plus have full control of the deployment.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Autopilot Passwordless for Assigned User

    If you don't assign a user to a device then when using Autopilot, passwordless works really well with Authenticator.

    If you assign a user to a device however you are presented with a password box to fill in, and then an approve with Authenticator after.

    It would be better to have a "Click here to Authenticate" type button to take you on to Authenticator, or drop out to password later if not set up.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enrollment Status Page enabled for bulk token devices too

    Most of our devices (prior to adopting Autopilot) were added via bulk token. Devices registered with a bulk token that get redeployed are not getting the Enrollment Status Page even though they show up in the Autopilot devices list.

    If we wipe the device with a clean OS install, we get the ESP as expected. While this works for our existing devices, losing the ability to retain drivers and Intune registration is not a welcome feature. Incorporating the ESP to show for bulk tokened devices too would be beneficial.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. need the ability to set or assign AD attributes

    When deploying a Hybrid AD Domain Join computer, need the ability to set or assign AD attributes (managedby, description, etc). Most organizations assign a device to a user thus tying the computer device to the user.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. 6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. HardwareID in White Glove QR code during OOBE

    With white glove, you get an QR code with some ID. However, it doesn't contain the hardware ID/hash. It would be wonderfull if it did, because a deployment engineer could use a simple app on a smartphone to register the machine with autopilot and continue with the whiteglove deployment.

    E.g. create a button to show it when the device is unknown at any tennant.

    Using a powershell script after OOBE is completed is just cumbersome and timeconsuming.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Filter on Group Tag Windows Autopilot

    I use Group Tags for automatically assigning multiple Windows Autopilot Profiles on HW Hash Upload - Currently I can filter on Model and Purchase Order, but I think it would be useful to filter on Group Tag also

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Disable Reboot for "Device Restrictions" Profile Deployment

    During an autopilot setup, if there is a "Device Restrictions" profile assigned, it will reboot the device to the login screen and the user must login again in order to complete the User ESP. Please make the reboot happen after the User ESP or preferably don't make the reboot happen at all. That way the user only has to sign in once.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow Admins to MANUALLY apply a profile -- or be able to manually push a group membership update so we don't wait 8+ HOURs for assignment

    I cannot express how utterly frustrating it is to import dozens of machines. Then as needed add them to the group they need for deployment and then sit and wait for a random and undetermined amount of time to see the status change from "Not Assigned" to "Updating" to "Assigned"

    If I add a device to a group, confirm it is in the group, then click sync, why on earth is it not assigning the profile? Why does it take me adding/removing/re-adding the device to the group assigned to the autopilot profile multiple times to get it to assign.

    I…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automatically download Language Experience Pack during OOBE

    I would love to see automated language experience pack down during the OOBE, firstly to provide the OOBE in localised language and secondly to make this available before the user get to the desktop.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Auto start WHiteGlove povisioning using Unattend.xml

    Able to create a zero-touch whiteglove provisioning setup using an Unattend.xml so no engineer interaction is needed during an installation.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Self-deploying mode for Hybrid Azure AD Join devices

    Self-deploying mode should support Active Directory Join or Hybrid Azure AD Join. All devices will be joined automatically to Active Directory by using Domain Join profile.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. AutoPilot enrolment/removal in relation to Refurbished/Renew products.

    Scenario: that such a device (Refurbished/Renew) ‘may’ have been previously registered and not removed from previous owners Tenancy (AzureAD) upon disposal / resale and new owner wishes to request hash to enrol it for Autopilot deployment..

    AutoPilot presently is only available to new devices, (or to those not previously enrolled) making deployment for previously registered devices a manual enrolment / deployment process for these devices.

    It would be beneficial for there to be a mechanism / process as new legal owner of equipment to request MS to remove the hash from previous device owners tenancy's, assuming they have not maintained…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow only enrolled user to login into azure joined windows device

    Allow only one user who enrolled the device using autopilot to login to the azure joined windows device.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Auto-login of an assigned user account when using device license model

    Our use case is to utilize the auto-login of an assigned account during AP deployment, but not assign the device to a user (not a user device). We have a generic account we use for our telehealth tablets as they are not assigned to company users (device license model, versus per user). We can affect this after first login via a CMD batch file, however I would like to configure this during AP deployment OOBE. We are using self-deploy method (no user interaction).

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Always sync for new logged on user account

    When a Windows 10 devices is being enrolled, it will sync multiple times so the first user who logs on, will get all the profiles assigned before showing the desktop when using the enrollment status page. At one point the enrollment period is over and the device will only sync with Endpoint Manager every 8 hours.

    When using the shared multi-user device profile for devices which are shared with multiple users, we see that the sync will not take place for a new user who has not been logging on before. This user has no user profile and because the…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base