Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enrollment Status Page enabled for bulk token devices too

    Most of our devices (prior to adopting Autopilot) were added via bulk token. Devices registered with a bulk token that get redeployed are not getting the Enrollment Status Page even though they show up in the Autopilot devices list.

    If we wipe the device with a clean OS install, we get the ESP as expected. While this works for our existing devices, losing the ability to retain drivers and Intune registration is not a welcome feature. Incorporating the ESP to show for bulk tokened devices too would be beneficial.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure AD Hybrid joined Windows 10 Devices should recognize a device owner through Intune.

    Azure AD Hybrid Joined Windows 10 Devices does not list a device owner for Windows 10. This could perhaps be made available through intune. If a device is Azure AD Joined and Intune joined, then the owner in Intune could be set as device owner in Azure AD? Great if this option was available or at least if admins got to turn it on by choice.

    240 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Reset this PC should revert back to Enrollment Status Page if it is enabled

    If a device runs through Autopilot using the Enrollment Status Page, this ensures that the Intune Management Extension and Required apps are installed before the user logs in.

    However, if the same device runs through Reset this PC the user experience is different. The device lands at the login page and lets the user log in without the Enrollment Status Page. This can be confusing for the user while they wait for the Intune Management Extension and Required apps to install in the background.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Purchase Order field in AutoPilot can only be filled in by Resellers only

    Purchase Order field in AutoPilot can only be filled in by Resellers only. It would be great if admins can fill-in the Purchase Order fields as well.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Register Devices From AAD Device List

    We have a lot of Windows 10 devices and we can see them in Azure AD.

    And we just started using Intune. Since the Auto-enroll was not on, those devices need to go to "Access work or school" once again and input their username and password.

    This is affecting our user's experience. Hopefully one day in the future we can directly enroll devices from AAD's device list.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. change device owner without reset/re-enroll

    once you have enrolled a device with autopilot for a user and then want to hand out that device to a new user you need to reset or re-enroll it apparently or the new user will not be the device owner (although i don't see any other issues for the new user)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support for variables in Domain Join Naming Conventions

    Allow for more sophisticated naming conventions for devices enrolling via Autopilot into Intune and on-premises Active Directory using Domain Join (preview). Current functionality only allows a prefix with the remaining space filled out with random characters. It would be more useful to allow for variables to give more distinct device names, i.e. %username%

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Conditional access - Block enrollment unless device is listed in the Autopilot devices

    Would be nice to be able to block enrollment of devices if they are not imported to the "Windows Autopilot devices" list and with the option to also check that it has an Autopilot profile attached to it.

    Should also be a compliance setting to check if the device has gone through an Autopilot setup or not. If not, then mark as non-compliant.

    65 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. AutoPilot - Answer / disable all OOBE questions

    At present the OOBE answers you can specify on an autopilot profile do not cover all the questions the OOBE asks - as such, a user is still inconvenience with having to answer some, and possibly some that you don't actually want a user answering in a certain way depending on your company security policy.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Need ability to convert bulk enrolled device (DEM enrolled) to User enrolled

    Need ability to convert bulk enrolled devices (DEM enrolled) to user enrolled. We recently discovered that only user enrolled devices receive the Company Portal published apps. We also discovered that there is no way to convert/flip to user enrolled without re-imaging the device and not bulk enroll and is already listed in AutoPilot.

    The link below may be a solution as well for devices not yet enrolled.

    https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/13832505-enroll-device-on-behalf-of-user

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Static computernames in Windows autopilot before Intune autoenrollment.

    Maybe posting this to the wrong component-team but a suggestion would be to give the ability to set a static computername to the imported device when registering the csv file containing hardware information in "Autopilot deployment". The current functionality randomizes the computername after each factory reset or reinstallation. Seems pointless to perform a namechange after Intune autoenrollment. This would solve alot of of administrative issues within larger organizations.

    232 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the week of August 27, you can use a template to control how the machine will be automatically named. So not exactly static, but gets you away from total random. From the discussion, sounds like not total random was good enough for some, but not all, so I will switch this back to “noted”.

    more detail about what we released in August:
    When you create an autopilot deployment profile, you can designate a name, which must be 15 characters or less, and can contain letters, numbers, and hyphens. Names can’t be all numbers. Use the SERIAL macro to add a hardware-specific serial number. Alternatively, use the RAND:x macro to add a random string of numbers, where x equals the number of digits to add.
    https://docs.microsoft.com/en-us/intune/enrollment-autopilot#create-an-autopilot-deployment-profile

    It’s only available with the Windows Insider build for now.

  12. Synced from Active Directory Accounts cannot show Full Name in Windows Pilot (Azure AD Joined)

    Only In Cloud Accounts are shown Full Name in Windows AutoPilot at the end of the deployment via Azure AD Joined. Can it be made possible that Synced from Active Directory Accounts also shown Full Name after Deployment and not only Company name?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. autopilot assign device to users in bulk

    It's very nine to be able to assign devices to Users in Autopilot. I would like assign devices to users in bulk (directly in the CSV autopilot import file och with Powershell.
    'Thanks

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Office Pro Plus installation with "Show installation to user"

    After autopilot roll-out the Office Pro plus installation out of Intune does not wait for the installation to finish, but It also doesn't show status of installation to the user, so the user must wait too long before able to use the computer!

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add validatio for null Azure Intune Device Enrollment > Device Categories

    Currently, within Azure Intune, you can add in null Device Category values programatically via the Graph API. You cannot however, add these Device Category values manually via the Portal, as it validates.

    If you add null Device Categories into Azure Intune, then the Intune Company App on Windows 10 crashes when the user launches the app and it attempts to log in, due to the null value Device Category present. This needs to be fixed and validation added so that if the null value is introduced via Graph, it will stop the value being added (as it currently validates using…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. don't give users the options to skip org sign in and register with local admin

    intune/Autopilot seem to do a good job of locking down a computer and keeping the user from creating local admin accounts. But this only happens after the user sign in with the organization account. but before the sign in process, the user is given an option to skip the organization sign in and register the device with a local admin account. i understand an admin needing this backdoor but it shouldnt be available to regular users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Require patching to complete before AutoPilot completes provisioning device

    For the longest time we've been able to ensure that the device is fully patched after imaging but with AutoPilot there is a significant delay after provisioning until Windows Update tries to evaluate the patch compliance of the device. This is a big feature for security admins when allowing devices on the corporate LAN and I wonder how this would work for people who use device health because the machine is not fully patched after provisioning.

    I'd like to see a setting for AutoPilot to pause the provisioning process until the device has installed its patches. The device would be…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Disable Hardware Encryption and force Software encryption During AutoPilot

    referring into MS Articlehttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180028 to force of use software Encryption it require to configure GPOs which is not applicable at the AutoPilot.

    we might be able to add the required registry values using Powershell, but the issue is that the machine is pulling the policies randomly, and there is a chance that the machine is getting the Bitlocker Policy before adding the required registry Values.

    it will be a good Idea if we can add this option into the Bitlocker configuration in order to force of using Software Encryption, or we can built dependencies for Configuration Policies in order…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Assign Intune device category through Autopilot

    It would be great if we could assign Intune device category through Autopilot, without having to do it manually once the device is enrolled.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Bake Office 365 into Windows 10 image

    Include the Office 365 install files with Windows 10 images that way Autopilot users can start work immediately rather than waiting for O365 to come down. Can be enabled based on users UPN/Azure license when Autopilot check is performed and enabled/installed before user logs in.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base