Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Disable Windows Hello on Windows Devices after Intune Enrollment

    There is no way of disabling Windows Hello after Intune enrollment, and when using mapped SMB shares and PIN logon, you always get prompted for a username/password to browse the folders.

    We need the ability to disable Windows Hello (PIN/bio-login), and force Password login on Windows devices already enrolled in Intune.

    101 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  2. Microsoft Whiteboard Client as Approved client app requirement for Conditional Access

    Please add Microsoft Whiteboard Client as Approved client app requirement for Conditional Access so that this is not blocking productive on IOS/Android when trying to secure SharePoint/OneDrive.
    https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/technical-reference#approved-client-app-requirement

    63 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Autopilot - Improve Device Naming Options

    When importing Autopilot devices in Intune, we would like (for us and the OEM) to be able to assign machine names against each device that is imported.

    Sadly %Rand% or %Serial% is not sufficient for a lot of our use cases (e.g. IT labs). We use location identifiers in the device name for our fixed device estate (7000 devices) - this allows us to create dynamic device groups based on location, room, lab, etc. which in turn is used for policy/app control (e.g. licensing, etc.).

    In the file used to import the device it would be good to have an…

    137 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. Search,sort, and/or filter on any column in a view in the console

    Please make the UI so that we can search, sort, and/or filter on any column in a view in the console? For instance I want an easy way to filter to see only apps that are for Windows, or only apps that are Line of Business, of only WSfb.... etc.

    86 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add support for Samsung E-FOTA

    We have a large Samsung deployment where enhanced control of the OS update flows are required.
    Samsung EFOTA allows us to do this.
    Please add support for this feature.
    https://www.samsungknox.com/en/solutions/it-solutions/samsung_e-fota

    120 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  6. Android Enterprise Fully Managed Device With Work Profile (COPE)

    Would be great to add support for the Fully Managed Device with Work Profile solution set as I am seeing lots of requests for this. Intune is one of the last EMM platforms to support this.

    89 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow Azure Hybrid AD Domain Join to use %SERIAL% or %RAND% variables for the Domain Join Intune Device Configuration Profile

    Currently, Azure AD Hybrid Domain Join (In Preview) does not allow the use of variables such as %SERIAL% or %RAND% but only allows the use of a simple prefix such as WIN10- for the computer name. This is an important feature that does currently exist for standard Azure Domain join but not Hybrid where customers need to ensure the device enrolls in Autopilot in Intune, but also in the local network AD domain.

    I wrote a blog post about this issue in more details here.

    https://www.moderndeployment.com/intune-hybrid-domain-join-error-80180005/

    Most customers use a standard Computer naming convention with the serial number OR asset…

    37 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  8. MAM support for Delve on both IOS and Android

    Delve is a appreciated app that needs the same Protection as the rest of the Office Apps. We need MAM-support for Delve on both Ios and Android.

    Delve can access sensitive business data. If you open Delve you can read that data. Please let us create MAM-profiles the same way as for the other Office apps.

    Best Regards Magnus Ericsson

    168 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Android Enterprise Widgets

    Widgets are not available on our BYOD managed Intune devices. There does not seem to be settings in the restriction profile to manage widgets. Our users have been very vocal about the loss of mail and calendar widgets unde Android Enterprise Management.

    Thank you

    380 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    28 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  10. Ability to add apps to the list "require approved client app"

    The "require approved client apps" feature in conditional access is a very good security feature, but sometimes a 3:rd party app must be supported, .e.g., a room booking system for mobile devices. If the feature "require approved client apps" is enabled, there is no way to support a 3:rd party app. Please make it possible to add apps (tenant wide) to the "require approved client apps" list.

    131 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  11. Intune Device Compliance Evaluation not stable (False/Positive)

    Intune Device Compliance sometime fails to evaluate the correct data.

    We set "Windows Firewall" to be a device compliance setting. The Windows Firewall is running fine but Intune fails to detect (False/Positive) with custom error message:

    -2016345612 (Syncml(500): The recipient encountered an unexpected condition which prevented it from fulfilling the request)

    We're also getting sometimes Issue with Evaluation of Bitlocker Settings.

    45 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  12. Move all Intune built-in roles to Azure AD roles / custom roles

    Add support to manage Intune built-in roles with Azure AD Custom RBAC roles and provide support for Azure PIM. Better governance of role and access across the Microsoft 365 platform is a much needed thing. Azure AD have tried to centralize the governance of roles and access assignment, but the different product groups keeps adding custom roles within their products for what ever reason.

    Product group:
    Consider reaching out to Stuart and Vince to the Azure AD product group to hear about what they are doing in regards to custom roles in Azure AD:

    https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/12868950-rbac-for-aad

    Related request:
    https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/33050266-intune-built-in-roles-modify-delete

    32 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. Remove pre installed Office or alter existing installation

    More and more devices come with a version of Office 365 pre installed on the device. This is a nightmare for IT admins because the deployment of Office 365 from Intune:

    A: Will not override installation parameters. For example if you deselected some Office Suite Applications like Access, it won't be uninstalled.

    B: Cannot be uninstalled via a simple way. You always need a script to get rid of that pre installed version.

    In my opinion there are two posibilities... 1. Stop pre installing office or 2. make it easy to alter or uninstall pre intstalled office versions using Intune.

    58 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Proxy Support for AutoPilot

    Windows AutoPilot should prompt for proxy configuration if after establishing a connection there is still no internet access. This would allow enrolling AutoPilot devices on the corporate network and use hybrid join.

    I think this feature should be implemented really quick as there are a lot of enterprises waiting for that.

    46 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support multiple user contexts with Device Compliance

    We have multiple deployments where devices have been enrolled with a Device Enrolment Manager account and then issued to users.

    Using a DEM account has allowed us to manage the enrolment of devices and configure any steps not yet supported by Intune before issuing to users. This isn't something that would be appropriate to change with AutoPilot.

    These same deployments are relying on the ability to use the devices Compliance state as telemetry within a Conditional Access policy. Unfortunately we have seen mixed results where devices do not consistently report as compliant nor do they consistently report the reason for…

    271 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Android - "Ephemeral Users" - Multi User / Multi Profile - Shared Devices

    Hello,

    I recently attended a meeting at the Google building here in T.O. Google staff demonstrated "Ephemeral Users".

    This allowed users to sign and sign out of an Android device something similar to Windows operating system.

    I believe this would be of great value to all Intune customers.

    29 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enlarge the map scale displayed when locating a device with Intune “Locate Device” feature

    After we set [Lost Mode] in Intune, when searching a lost device, it is very hard to know the exact location of the device because the map scale cannot be enlarged. When performing Locate Device in a location we could enlarge the map enough to be able to identify each building by changing display to overview map, however, the overview map was greyed out depending on the location.
    We confirmed that other MDM managements can enlarge the map scale to specify the location of lost devices according to our original purpose.
    For that reasons, we request you to implement the…

    70 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add {{serial}} configuration variable support for Intune

    So today I rolled out the CSC iOS app to an iOS device and managed to use a device config policy with the generic XML from the umbrella portal, and if I hard coded the device serial I could get it working on one single device.
    The issue being that the device serial is not supported, as documented here: https://support.umbrella.com/hc/en-us/articles/360000803683-CSC-and-Additional-MDMs.
    So, Microsoft, please!
    InTune is not supported at this time. The MDM profile needs to be pushed as a Device configuration; however, the {{serial}} configuration variable is only supported in InTune for App Config profiles at this time. Looking…

    31 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Automate Outlook Contact and Calendar Sync

    Today Outlook can sync contacts to the native iOS contacts and the Android work folder contacts however this must be manually configured by the end user. Please give us the ability to automate this via an app configuration policy.

    Secondly, and I think this is actually an Outlook app issue not an Intune issue but it never hurts to ask... We need to ability to sync the Outlook calendar to the native app. Of course we'd want to be able to either allow or block this and we'd want to automate the config when it's allowed.

    30 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Intune/Autopilot Windows Updates

    When deploying a device with Autopilot, they come shipped with older versions of Windows (1703). Some policies are only compatible with later versions of Windows. It would be great if Intune/Autopilot could initiate that OS update as part of the deployment.

    65 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 106 107
  • Don't see your idea?

Feedback and Knowledge Base