Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support for Federated Domains with Windows Autopilot

    At present when using Windows Autopilot, a user on a federated domain is unable to sign in to complete the set up. However domains that aren't federated are supported. With this in mind, please can support be added for Federated domains within Windows Autopilot?

    This feature would be incredibly useful in enterprise environements, where Hybrid Azure AD isn't an option.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. prevent the autopilot device name template from setting the same name more then once

    These settings in the deployment profile will result in multiple machines having the same hostname
    Apply device name template
    Yes
    Enter a name
    W10-%RAND:4%

    For instance W10-0001 will be assigned to multiple laptops.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make Intune available for Windows 10 Multi-User

    Let us manage Hybrid-Joined Windows Virtual Desktop Multi User hosts per Intune.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support multiple user contexts with Device Compliance

    We have multiple deployments where devices have been enrolled with a Device Enrolment Manager account and then issued to users.

    Using a DEM account has allowed us to manage the enrolment of devices and configure any steps not yet supported by Intune before issuing to users. This isn't something that would be appropriate to change with AutoPilot.

    These same deployments are relying on the ability to use the devices Compliance state as telemetry within a Conditional Access policy. Unfortunately we have seen mixed results where devices do not consistently report as compliant nor do they consistently report the reason for…

    499 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Exclude Azure AD registered devices from MDM Autoenrollment

    When a device is Azure AD registered (NOT Joined) give us the abbility in MDM to exclude these devices from MDM autoenrollment. You can block Peronal Owned devices in Enrollment restrictions. But this is not very logical, and problematic if you have not enabled this features from the getgo. It would be more logical to exclude also AD Registered Devices / Personal Owned devices from MDM Autoenrollment.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Proxy Support for AutoPilot

    Windows AutoPilot should prompt for proxy configuration if after establishing a connection there is still no internet access. This would allow enrolling AutoPilot devices on the corporate network and use hybrid join.

    I think this feature should be implemented really quick as there are a lot of enterprises waiting for that.

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Autopilot profiles created in admin center don't show up under Intune portal

    If you use Office 365 admin center Autopilot menu, the profile created over there will not show in Intune as available to be selected or configured. Profiles created directly in Intune will show up on Office 365 admin portal.

    I opened a ticket about this and I was told by Microsoft that it is a expected behaviour. It does not make sense to me as why then it shows up profiles created manually from Intune under Office 365 admin center?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Disable Reboot for "Device Restrictions" Profile Deployment

    During an autopilot setup, if there is a "Device Restrictions" profile assigned, it will reboot the device to the login screen and the user must login again in order to complete the User ESP. Please make the reboot happen after the User ESP or preferably don't make the reboot happen at all. That way the user only has to sign in once.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow use of asset tag for computer name during AutoPilot process

    At present Intune has a preview option to assign custom computer names during the autopilot process. It is restricted to letter, numbers and hyphens plus %SERIAL% to use serial numbers and %RAND:x% to insert a random number.

    Are we looking at %AssetTag% in future. A lot of organisation asset tag devices externally of the device and also enter that asset number in the BIOS as well. This enables them to get the computer name from the user by asking them to look at the asset tag on the device.

    188 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. enable default ssid usage for autopilot wireless zero touch

    So we have autodiscover for e-mail on domains. Support a default usually hidden SSID that orgs could setup that would only be able to reach autopilot / intune to perform initial setup.

    1 - orgs would create a hidden SSID with an expected name
    2 - that wireless network can only hit intune
    3 - that wireless network would require a cert issued from a specific autopilot / MS CA trusted on the wireless network.
    4 - on turning on - if the device can hit this network - it continues on as if it were wired up for zero…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Help/Support of the actual XML for InTune Profiles

    Support of the actual XML code used for some profiles - i.e. Start Menu and Task Bar layouts. Microsoft Support supports the profile itself and it being applied to devices or not but not the actual code. Seems they should support the whole things, because what if the profile isn't applying correctly due to incorrect code?

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Self-deploying Autopilot profile to Shared Kiosk PC still prompts for privacy settings during OOBE.

    Self-deploying Autopilot profile to Shared Kiosk PC still prompts for privacy settings during the OOBE stage. This should be zero touch and completely unattended.

    There seems also a bug in the Windows Autopilot Deployment Profile where you see in the Deployment profile properties overview in the section Out-of-box experience (OOBE) "Privacy settings -> Show" and when you click edit you see that it is configured as "Privacy settings -> Hide".

    For big retail customer where we must deliver intune enrolled Kiosk devices we ask you (Microsoft) to please solve this issue as soon as possible.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow new user that has never logged on to set password during enrollment

    I would like to see the ability for on-prem user that is required to change the password at next logon to be able to do it from an autopilot enrolled device.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Multifactor Unlock configuration to WHfB Windows enrollment options, Security Baseline and CSP.

    Our Info Sec team won't allow PINs for WHfB unless we use Multifactor Unlock. Currently this cannot be configured in Intune except perhaps by an ADMX backed custom CSP. This needs to be added to the WHfB configuration pages for Windows Enrollment, the Security Baseline and Identity Protection Profile type in Device configuration profiles.

    Here is the documentation on the GPO that needs to be translated. https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock#create-the-multifactor-unlock-group-policy-object

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support B2B/Guest identities within Intune and Autopilot

    Add in support for using B2B/Guest accounts from another tenancy within Intune and also Autopilot. Currently, if I invite an identity from another tenacy and then take that identity through Autopilot, it fails with "Something went wrong. That username looks like it belongs to another organisation. Try signing in again or start again with a different account". I've read that Intune doesn't support B2B/Guest identities. Please support B2B/Guest identities for Intune and Autopilot.

    Thanks

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Autopilot Selfdeploying with Hybrid Azure AD Join (local domain join)

    I would like to use the Autopilot Selfdeploying function with Hybrid Azure AD Join to also join the local domain. This would really help us since we are using flexible work spaces (desktops that get's used by different users on a daily basis).

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Ipxe cloud server with w10 vim provide by microsoft

    Hello is Microsoft can provide an win10 image via ipxe in order to install w10 without infrastructure, it will allow to deploy standart w10 image like a mac (from bios boot), customisation option could be a must.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Windows Autopilot Hardware ID "on the box"

    Windows Autopilot Hardware ID "on the box"

    This might not be a 100% Microsoft issue, but gathering the Hardware ID of a device to enroll it into Intune for Autopilot assingments is still a pain.

    The Problem is, that if you do not use just your one Standard Supplier, or the MIcrosoft online store gathering the Hardware ID is quite a pain.

    Example,
    there is a user somewhere in Kuala Lumpur... and Needs a new device, somehow they happen to have a Surface Laptop in a shop there. Now it would be easy to set this up as a Autopilot…

    133 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Delete bulk Autopilot devices by using a CSV for example.

    When a bunch of hardware gets replaced by new hardware, the old hardware has to be removed from Autopilot.

    We can add devices in bulk to autopilot, but we cannot remove devices from autopilot in bulk.

    Currently I have 40 devices I need to remove one at a time. Please add bulk removal of devices based on a csv.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Autopilot specific Partner, (CSP) role.

    We would love to have our reseller automatically register our purchased devices into AutoPilot, but we can only do so via CSP relationship. Currently, CSP can be DAP or non-DAP. (Full admin or not.) Even non-DAP, the CSP can see and touch things like billing and services, way outside the needs for uploading AutoPilot info.

    We need Role-based Access Control RBAC for CSP relationships so we only grant what is needed, nothing more.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base