Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Implementation of multi-factor authentication for each application execution

    I would like to have the option to authenticate every time the application which is managed by intune is launched.
    For example, when using WVD from an iPad, even if the iPad has already been authenticated by Intune I want to authenticate again when remoteapp client is started. Because we want to authenticate the user.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Automatically update installed "available" Win32 (intunewin) apps on devices

    Explanation:


    1. You create a Win32 app in Intune.

    2. You assign the app to a group of users as "available for enrolled devices".

    3. User clicks and installs app via Company Portal.

    4. You as an admin update the app binaries for the App in Intune (you replace the .intunewin file with a new version)

    5. NOW THE APP SHOULD AUTOMATICALLY UPDATE/REINSTALL ON USER DEVICES USING THE NEW PACKAGE

    This is mandatory. This will make or break a 10k+ Intune deployment. We need this functionality ASAP, or we'll have to go with Chocolatey + AWS S3.

    I realize with "required" apps, you can simply…

    425 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Intune MAM support for Android face unlock

    New Android devices (Pixel 4) don't provide fingerprint unlock.
    Users must then use PIN unlock.
    Suggestion is to add MAM support for Face unlock on Android, to bring it to the same parity level as iOS - https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/32395231-intune-mam-support-for-ios-face-id

    249 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ability to limit CPU usage from the Host Process for OMA-DM Client

    We've noticed that our Autopilot (intune managed) pc's occasionally have CPU spikes during the day at seemingly random times (probably based on the Intune scheduled tasks for doing OMA tasks), those spikes in CPU usage are revealed to be due to the Host Process for OMA-DM Client.

    This can spike to over 50% cpu and when in conjunction with other CPU heavy tasks can reduce a modern i5 computer to... a slow computer. This is immediately noticeable as it will trigger a FAN to start, so users DO notice it, regardless of the performance degradation.

    Please give us the ability…

    53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. Shared iPad for enterprise

    Intune offers a similar feature for education
    Now Apple offers this also for enterprise.

    Check this link, it looks very smooth.
    Jamf and vm already have this feature.

    https://support.apple.com/guide/mdm/shared-ipad-with-managed-apple-ids-mdm9992c9a34/web

    https://techzone.vmware.com/blog/what-are-shared-ipads-business

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Join Windows Server 2019 to Intune

    We have the ability to install Windows ATP on MacOS, Server 2019, Win 10, but we still have no way of managing Windows Servers with Intune.

    With Windows Server 2019, we'd like to be able to join to a work account, manage with Intune, and authenticate with AzureAD the same way we do with Windows 10 and Mac devices within our organization out of box.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Policies flows

    Being able to create a flow ( a sort of task sequence ) from multiple policies and apply it to enrolled devices.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support deployment of Progressive Web Apps with Intune

    With the new Edge browser, it would be awesome to support PWAs for enterprise application deployment via Intune.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  9. New option when deploying apps (assignment type)

    It would be very helpful to have other options when apps are assigned to groups.
    Required if the app is already installed on the device
    Use case: From 10k users, half of them have app X installed already and not managed. If you want this app to be managed a re-deployment would be necessary, but only for the users that have the app installed. The number of users can change by tens or even hundreds every day. With a policy like this you make sure the app is re installed as managed only for ppl using the specific app, without…

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Android China

    Hi Guys,

    We know that Google services are not available in China and currently Intune for Android system is only depending on Google ecosystem. Is it possible that Admin gets a choice of Ecosystems like - Choose Google Ecosystem for whole world and Choose Huawei Ecosystem in China. This will enable Intune to manage the Android devices in China much efficiently and will answer requirements from many customers.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  11. Win32 add OR option to Detection and Requirement

    Loving the Win32 extention in Intune but missing 2 important things!

    · OR rule to Detection Rules
    · OR rule to Requirements Rules

    Currently these will be added automatically as AND rules. I've been working with SCCM 10 years and using its Application Model from the start. Intune's Win32 app is very close but these features are missing. For key success in Windows 10 cloud-only management this is absolute MUST :)

    Please see: https://social.microsoft.com/Forums/en-US/6c6d70d5-4beb-4181-b542-5e0ac169e35c/win32-apps-multiple-requirement-or-detect-rule-support-only-and-not-or-rule?forum=microsoftintuneprod

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Intune Device Compliance Evaluation not stable (False/Positive)

    Intune Device Compliance sometime fails to evaluate the correct data.

    We set "Windows Firewall" to be a device compliance setting. The Windows Firewall is running fine but Intune fails to detect (False/Positive) with custom error message:

    -2016345612 (Syncml(500): The recipient encountered an unexpected condition which prevented it from fulfilling the request)

    We're also getting sometimes Issue with Evaluation of Bitlocker Settings.

    697 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    54 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable Google Backup Services on Managed Devices

    On Managed Devices we cannot enabled Google Backup. Users add their own Google account in the Play store and want to create/restore backups.

    343 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  14. Report to view the delta between Intune and CM device inventories

    Having a dashboard or report that could tell co-management Admins what devices are in Configuration Manager and not in Intune - and visa versa - would be extremely helpful.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Inventory (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  15. 57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow Azure Hybrid AD Domain Join to use %SERIAL% or %RAND% variables for the Domain Join Intune Device Configuration Profile

    Currently, Azure AD Hybrid Domain Join (In Preview) does not allow the use of variables such as %SERIAL% or %RAND% but only allows the use of a simple prefix such as WIN10- for the computer name. This is an important feature that does currently exist for standard Azure Domain join but not Hybrid where customers need to ensure the device enrolls in Autopilot in Intune, but also in the local network AD domain.

    I wrote a blog post about this issue in more details here.

    https://www.moderndeployment.com/intune-hybrid-domain-join-error-80180005/

    Most customers use a standard Computer naming convention with the serial number OR asset…

    503 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. support multi track of macOS

    For compliance policy, macOS version check function should support multi track of macOS (such as 10.13.x, 10.14.x and 10.15.x).

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support VPN Connectivity for Autopilot Hybrid Enrollment

    From the requirements here:
    https://docs.microsoft.com/en-us/intune/windows-autopilot-hybrid
    "Have access to your Active Directory (VPN connection not supported)."

    This requirement breaks the concept of having a device that could be shipped anywhere directly to a user. Large enterprises still have, and will continue to have applications that rely on domain connectivity for authentication. Many of these enterprises build their devices onsite and ship to users that never see the corporate network. Autopilot could never work in this scenario without users disclosing their credentials.

    The feature we would like is a secure means of establishing an AAO VPN tunnel during enrollment that would allow…

    690 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. data recovery agent

    Add the ability to add a Bitlocker Data Recovery Agent from internal PKI for AAD joined devices. This will provide ability for enterprise to always be able to recover/unlock the disk if the object has been removed from AAD since the recovery keys stored there get removed if/when the object is removed.

    We currently use the DRA for hybrid/on-prem devices but its delivered via GPO and no way natively to do this with Intune policies. We're working on a scripted workaround to deliver the DRA via LGPO.exe but its obviously not an ideal method.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Bitlocker Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Injuect Windows Updates and Feature Updates during whiteglove deployment

    We want to be able to get all the latest updates and feature updates during whiteglove setup. So a user receiving a freshly delivered computer does not have to wait until 1909 arrives (as even Surfaces by Microsoft sometimes are still delivered with 1903 or worse)...

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 148 149
  • Don't see your idea?

Feedback and Knowledge Base