Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. AutoPilot Support for Windows 10 IoT Enterprise LTSC

    We're in a situation where we need to use Win 10 Enterprise Iot LTSC for a Kiosk deployment. We can't use self-deploying profiles because of a TPM device attestation bug in 1809 so we must use user-driven deployment, but we can't because of the lack of DEM support for AutoPilot. Rendering AutoPilot completely useless in our scenario.

    Support for Windows 10 IoT Enterprise LTSC is surely a must have!

    Allowing DEM support for Autopilot:
    https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/37411972-allowing-dem-support-for-autopilot?fbclid=IwAR3kRRCaCq7J9oqkduOW2yvA4Bku3avDPRDaRk0PsqmDySNf8Vk8r5DaEqk

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure hybrid domain join with remote user login

    I would like to be able to deploy new computers to remote users with Azure hybrid domain join. Currently this isn't possible because after the hybrid domain join process runs, the user can't login to the computer because the (local) domain is unavailable. If you could cache the 1st time login, it would circumvent this issue.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Set computer name via script, or more advanced options

    During enrollment, a computer name is currently created with a template that may or may not contain random characters, or the serial number. That template is limited.

    It would be helpful to use a script to set the computer name, or more advanced options, to set the name.

    It doesn't make sense to change the name after the device has been enrolled, and is more difficult following a hybrid AAD join.

    For example, our infosec team has strict requirements for computer naming for quick discovery during investigation: Device type (Desktop/Laptop), State, Location, and serial number.

    This can be accomplished via…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Data copy tool for replace scenario

    Data copy tool for replace scenario
    We understand that MSFT recommends using One Drive for Business for this purpose. Yes, It works for most of use cases but not for all (use cases of restricted data). In the past, MSFT had Windows Easy Transfer tool but that is not available now. We need an simple GUI utility tool for transferring user data from one computer to another (assuming both computer are available in network). Tool should have capability to click and select folders, PST, IE, Edge, Chrome favorites, mapped network drives, printers. This tool will be operated by the end…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow using a FIDO2 key for Windows Autopilot provisioning process

    Currently it seems at the Welcome screen of a machine setup for Windows Autopilot we can't use a FIDO2 key to login, however the Authenticator passwordless feature works. Tested out the new fast ring Insider Build .ISO images and haven't seen the ability to initiate the process with a FIDO2 key, only the ability to use the key at the normal login screen. I hope for this to be added soon for further testing with FIDO2 keys, also when it is added allow the Autopilot wizard to prompt for which Azure AD account you want to provision the machine with…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Filter on Group Tag Windows Autopilot

    I use Group Tags for automatically assigning multiple Windows Autopilot Profiles on HW Hash Upload - Currently I can filter on Model and Purchase Order, but I think it would be useful to filter on Group Tag also

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Additional functionality on "Windows Autopilot devices" is needed

    All the properties of a device listed in "Windows Autopilot devices" should be available in the exported report and not just the 6 columns that are displayed on the Azure Portal.
    Also ability to search with device name would be useful.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. export you managment log files to the cloud instead of local disk

    Please allow the export of managment log of local pc logs from the console to the cloud or even to the azure portal device page.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow individual assignment of Intune AutoPilot profiles for devices added from the Partner Portal

    When I add devices for AutoPilot via the partner portal, the AutoPilot profiles that have been set up in Intune are not available for assignment. At the moment, it seems that, because Intune AutoPilot profiles are assigned via group, the profile doesn't get automatically assigned to new devices until after it has been enrolled (especially if using dynamic groups) which means that settings such as device name don't apply until the machine is rebuilt.

    Please could we either have the ability to assign Intune AutoPilot profile when we import it into the partner portal,

    or

    Please could we be allowed…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enrolling WIndows 10 without Admin privs (No SCCM, Existing devices)

    I need an Enterprise solution. I understand that we need Local Admin account to enroll Windows 10 devices to Intune. But i have 800+ devices, Domain joined (AD and Hybrid Azure AD). We do not use SCCM.
    These are existing devices so i cant even use Autopilot. I need a solution or way or a feature in Intune which allows me to enroll Windows 10 devices without giving them the Administrator privileges. Please respond to this request ASAP

    131 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. need the ability to set or assign AD attributes

    When deploying a Hybrid AD Domain Join computer, need the ability to set or assign AD attributes (managedby, description, etc). Most organizations assign a device to a user thus tying the computer device to the user.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Deploy BitLocker encryption without user intervention also for Azur AD synced accounts

    I have the need for Zero Touch deployment of Windows 10 on Laptops with AutoPilot. This also includes to enable Bitlocker remotely without user intervention by using Intune policies. Currently it is not possible to do this with synced user accounts only with Azure AD accounts.
    Please extend this functionality also to synced user accounts.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Make it possible to Azure AD join/synchronize device (computer) objects to multiple Azure AD tenants from a single forest AD.

    Some companies hosts multiple sub-customers in a single forest Active Directory.
    Each sub-customers users and machine objects are organized in their own OUs.
    Present configuration would be one AAD Connect server per customer OU – which synchronize the user objects to their respective individual Azure Tenants and they license all their sub-customers AAD Users with M365 licenses.

    Some would like to enable Automatic AAD Join (Hybrid Azure AD Join) for their sub-customers Windows 10 Enterprise devices via GPO.
    They want to manage the sub-customers domain-joined devices with Intune, and use device-based conditional access.

    AAD Device Registration (DRS) requires a Service…

    213 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. HardwareID in White Glove QR code during OOBE

    With white glove, you get an QR code with some ID. However, it doesn't contain the hardware ID/hash. It would be wonderfull if it did, because a deployment engineer could use a simple app on a smartphone to register the machine with autopilot and continue with the whiteglove deployment.

    E.g. create a button to show it when the device is unknown at any tennant.

    Using a powershell script after OOBE is completed is just cumbersome and timeconsuming.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Please update the SCCM "Windows AutoPilot Device Information" report so that the information can be imported successfully into Autopilot

    Two issues:
    1) The report collects the "Windows Product ID", but it reported the same product ID for 150+ of my devices. Autopilot import rejects the information because the "Windows Product ID" is not unique. The information imports without error if the "Windows Product ID" field is left blank.
    2) The device hash collected by SCCM does not correctly reflect the TPM device in the computer. If I attempt to assign a "Self-Deploying (preview)" Profile to some of the laptops, the assignment fails with "Assignment of 'Shared Student Devices Self Deploying' failed - Self-Deploying mode requires TPM 2.0 hardware". If…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. configuring windows hello autopilot

    Need ability to disable Windows Hello requirement during enrollment via AutoPilot. Currently, this is available if using Intune. After working with support, they explained this capability is made available to 3rd party MDM's but they must have this capability baked into their solution. Since 3rd party MDM enrollment is not completed until after completed the OOBE setup, this will prove difficult for most MDM providers. This should be configurable in the Autopilot enrollment policy or configurable via Azure AD. This is currently preventing us from adopting Autopilot.

    Per support:

    Provider/ProviderID/FirstSyncStatus/ExpectedPolicies
    Required. Added in Windows 10, version 1709. This node contains…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Intune Management Extension for Co-managed Environment

    Intune Management Extension is require to deploy or execute scripts or Win32 application on client machines.
    We have Co-Managed Environment where all the workloads set respectively to execute tasks. But Client App (Pre-release) Workload require to set as Pilot Intune or Intune to execute (install IME Agent) Script/ Win 32 Apps via Intune is not mentioned any where.
    Could you please update document for Hybrid AutoPilot and Co-Management pages

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. When will White Glove at Auto Pilot that be offical released to partner?

    As official document, White glove are not yet available publicly. When will it be official released to partner configure? Estimated schedule is good for us. Thanks.

    https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/white-glove

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Purchase Order field in AutoPilot can only be filled in by Resellers only

    Purchase Order field in AutoPilot can only be filled in by Resellers only. It would be great if admins can fill-in the Purchase Order fields as well.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base