Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Autopilot Selfdeploying with Hybrid Azure AD Join (local domain join)

    I would like to use the Autopilot Selfdeploying function with Hybrid Azure AD Join to also join the local domain. This would really help us since we are using flexible work spaces (desktops that get's used by different users on a daily basis).

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Exclude Azure AD registered devices from MDM Autoenrollment

    When a device is Azure AD registered (NOT Joined) give us the abbility in MDM to exclude these devices from MDM autoenrollment. You can block Peronal Owned devices in Enrollment restrictions. But this is not very logical, and problematic if you have not enabled this features from the getgo. It would be more logical to exclude also AD Registered Devices / Personal Owned devices from MDM Autoenrollment.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enrollment Status Page required app install behaviour

    Currently if you specify blocking apps within the Enrollment Status Page and there are additional required app deployments there is no way of ensuring the blocking apps are installed before any additional ones. It would be good to change this default behaviour

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. enable default ssid usage for autopilot wireless zero touch

    So we have autodiscover for e-mail on domains. Support a default usually hidden SSID that orgs could setup that would only be able to reach autopilot / intune to perform initial setup.

    1 - orgs would create a hidden SSID with an expected name
    2 - that wireless network can only hit intune
    3 - that wireless network would require a cert issued from a specific autopilot / MS CA trusted on the wireless network.
    4 - on turning on - if the device can hit this network - it continues on as if it were wired up for zero…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Remove AutoPilot Reset Button from Login Screen

    Lets give administrators the option to hide the AutoPilot Reset button from the login screen. Keeping the keyboard shortcut Ctrl+Windows Key+R and EndPoint Management Portal as reset methods. This will eliminate confusion from our end users.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Full Zero touch: Add Wifi config in the Autopilot profile

    As of today, October 16th 2019, the end-user has to connect manually to the network if using Wi-Fi during the Autopilot deployment process. This has many caveats where inefficieny, security and breaking the later configuration for Intune Wi-fi profiles with certificates if using the same network as during setup.

    Please include the option to apply Wi-fi configuration using certificates during the onboarding process vi

    See reference:
    "For devices with an Ethernet connection, no user interaction is required; for devices connected via Wi-fi, no interaction is required after making the Wi-fi connection (choosing the language, locale, and keyboard, then making a…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Please provide us options to create local account during or after OOBE of Window AutoPilot​

    I would like to see the option to create local account during or after OOBE of Windows AutoPilot.​
    In current design of Autopilot profile, local account will not be created.​

    I tested OOBE in Autopilot profile which configure Hybrid Azure AD join.​
    OOBE was done successfully, however, the account could not access domain controller and could not sign in, due to network issue.​
    I could figure out the cause of this problem was network problem and fixed it, but this issue is very inconvenient when users are in a hurry for setup.​

    It would be great if we…

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. AutoPilot Support for Windows 10 IoT Enterprise LTSC

    We're in a situation where we need to use Win 10 Enterprise Iot LTSC for a Kiosk deployment. We can't use self-deploying profiles because of a TPM device attestation bug in 1809 so we must use user-driven deployment, but we can't because of the lack of DEM support for AutoPilot. Rendering AutoPilot completely useless in our scenario.

    Support for Windows 10 IoT Enterprise LTSC is surely a must have!

    Allowing DEM support for Autopilot:
    https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/37411972-allowing-dem-support-for-autopilot?fbclid=IwAR3kRRCaCq7J9oqkduOW2yvA4Bku3avDPRDaRk0PsqmDySNf8Vk8r5DaEqk

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Windows Autopilot Hardware ID "on the box"

    Windows Autopilot Hardware ID "on the box"

    This might not be a 100% Microsoft issue, but gathering the Hardware ID of a device to enroll it into Intune for Autopilot assingments is still a pain.

    The Problem is, that if you do not use just your one Standard Supplier, or the MIcrosoft online store gathering the Hardware ID is quite a pain.

    Example,
    there is a user somewhere in Kuala Lumpur... and Needs a new device, somehow they happen to have a Surface Laptop in a shop there. Now it would be easy to set this up as a Autopilot…

    95 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Set computer name via script, or more advanced options

    During enrollment, a computer name is currently created with a template that may or may not contain random characters, or the serial number. That template is limited.

    It would be helpful to use a script to set the computer name, or more advanced options, to set the name.

    It doesn't make sense to change the name after the device has been enrolled, and is more difficult following a hybrid AAD join.

    For example, our infosec team has strict requirements for computer naming for quick discovery during investigation: Device type (Desktop/Laptop), State, Location, and serial number.

    This can be accomplished via…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Install Intune Apps through PowerShell script or API (GraphAPI) or any other

    This will help admins with AutoPilot and having control of what gets installed in what order plus have full control of the deployment.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Data copy tool for replace scenario

    Data copy tool for replace scenario
    We understand that MSFT recommends using One Drive for Business for this purpose. Yes, It works for most of use cases but not for all (use cases of restricted data). In the past, MSFT had Windows Easy Transfer tool but that is not available now. We need an simple GUI utility tool for transferring user data from one computer to another (assuming both computer are available in network). Tool should have capability to click and select folders, PST, IE, Edge, Chrome favorites, mapped network drives, printers. This tool will be operated by the end…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Deploy Apps and Configurations during autopilot process only

    If converting existing devices to autopilot, it would be great to have only certain configuration policies and application deployments to only apply during the autopilot process,

    At the moment, if I try to convert existing devices to autopilot and then use the standard dynamic all autopilot devices group, existing devices receive policy, which is dangerous for policies such as domain joining (hybrid).

    Same thing applies to newly built devices via autopilot, any changes to the existing profiles get applied to existing machines.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allowing DEM support for Autopilot

    Currently you are unable to use the DEM account with Autopilot devices. Annoyingly as a IT admin you don't want your own account as the user who enrolled the device into Intune. Currently the only way to enroll the device as a end user is to know their login credentials.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. prevent the autopilot device name template from setting the same name more then once

    These settings in the deployment profile will result in multiple machines having the same hostname
    Apply device name template
    Yes
    Enter a name
    W10-%RAND:4%

    For instance W10-0001 will be assigned to multiple laptops.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure hybrid domain join with remote user login

    I would like to be able to deploy new computers to remote users with Azure hybrid domain join. Currently this isn't possible because after the hybrid domain join process runs, the user can't login to the computer because the (local) domain is unavailable. If you could cache the 1st time login, it would circumvent this issue.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Filter on Group Tag Windows Autopilot

    I use Group Tags for automatically assigning multiple Windows Autopilot Profiles on HW Hash Upload - Currently I can filter on Model and Purchase Order, but I think it would be useful to filter on Group Tag also

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Delete bulk Autopilot devices by using a CSV for example.

    When a bunch of hardware gets replaced by new hardware, the old hardware has to be removed from Autopilot.

    We can add devices in bulk to autopilot, but we cannot remove devices from autopilot in bulk.

    Currently I have 40 devices I need to remove one at a time. Please add bulk removal of devices based on a csv.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow use of asset tag for computer name during AutoPilot process

    At present Intune has a preview option to assign custom computer names during the autopilot process. It is restricted to letter, numbers and hyphens plus %SERIAL% to use serial numbers and %RAND:x% to insert a random number.

    Are we looking at %AssetTag% in future. A lot of organisation asset tag devices externally of the device and also enter that asset number in the BIOS as well. This enables them to get the computer name from the user by asking them to look at the asset tag on the device.

    70 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. AutoPilot OOBE Enrollment separate language and region setting

    Please allow separate language settings for Windows AutoPilot OOBE.
    One for display language,
    and one for region.

    We have a multilingual company. Where we set OS-display-language to English US and Region settings to Dutch.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base