Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Disable Windows Hello on Windows Devices after Intune Enrollment

    There is no way of disabling Windows Hello after Intune enrollment, and when using mapped SMB shares and PIN logon, you always get prompted for a username/password to browse the folders.

    We need the ability to disable Windows Hello (PIN/bio-login), and force Password login on Windows devices already enrolled in Intune.

    367 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  2. Intune Device Compliance Evaluation not stable (False/Positive)

    Intune Device Compliance sometime fails to evaluate the correct data.

    We set "Windows Firewall" to be a device compliance setting. The Windows Firewall is running fine but Intune fails to detect (False/Positive) with custom error message:

    -2016345612 (Syncml(500): The recipient encountered an unexpected condition which prevented it from fulfilling the request)

    We're also getting sometimes Issue with Evaluation of Bitlocker Settings.

    399 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    37 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  3. Azure AD register Device to be prevented if Windows platform is blocked

    Currently once you activate Intune any employee can perform Azure AD register (Add Work and School Account) with any device even if Windows as a platform is blocked in intune. Without Intune we can choose in Azure AD what happens and if users can perform Azure AD registration and allow or block for all. I understand that this registration is mandatory for Intune enrollment but if Windows as a platform is blocked or enabled for only certain users then, device registration should be prevented for all or for unauthorized users.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  4. Rotate Bitlocker Recovery Keys Periodically

    The device would be more secure if we have bitlocker key rotation option available at Intune Device configuration policies or by any other methods.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  5. Intune Device settings docs downloadable as .csv file from Intune UI

    From this doc https://docs.microsoft.com/en-us/intune/configuration/device-restrictions-windows-10 you can see every single thing you can configure in Intune and it is broken down per section. It'd be great to select a button in Intune UI, and then get all the settings downloaded.
    This would be perfect to document "As-built" configurations done in Intune.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  6. Intune and Autopilot time synchronization and NTP configuration

    Provide with a rollout configuration for Intune/Autopilot enrolled device to setup NTP/Time related synchronisations. this feature is currently missing whilst time is an important setting on an Operating system

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  7. Set Registry Key after installing some Software

    Hi,
    we need a Solution to set a RegistryKey after installing a Software (Win32).
    It should be done like a Depency: Software is succesfully installed -> Set Registry entry.

    Example: We have a Password Tool, which needs to be set up a Databasename and IP in the Registry, so that the Software automatically opens the Right Database for the User. We can not use a Powershell Script, because the Software isn´t installed when the Script runs. So we need to install the Software manually with our Service Desk.

    Thats not a good solution.

    Please add this Feature or send me…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add Windows 10 OS Name Capability

    Add a capability to have OS Name for all Enrolled Devices in Intune

    For e.g. Windows 10 Home, Pro, Enterprise and so on.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  9. Block login for local user accounts without AD UserID

    There should be the possibility to prevent the local user from logging on to Windows 10. So that it is only possible to log in with the Actice Directory account only.
    Perhaps there is also a powershell script that can be rolled out to all devices. It is very urgent to close this security gap as a company.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  10. Deploying Office Templets from Intune

    We should be able to deploy customized office templetes to office productes using intune. Currently we have to use 3rd party apps but it wil be convininent if we can either publish via shairepoint or just by uploading in admin templetes in Intune.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  11. Disable the opportunity to abort the Wipe process from Intune by turning off the Device

    When you start the Wipe process on a Device via the Intune Portal, a user is able to Abort this by shutting down the device and Restart it.
    My Suggestion is to save the wipe state befor ´shutting down and continue the wipe at the Point where the device was turned off when it reboots.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  12. ‘Restricted Groups’ equivalent policy via Intune

    To manage local administrator groups and users via Intune without having to create custom OMA-URI settings

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  13. Intune Shared PC Mode - Windows 10 Pro

    I strongly suggest that Intune team look and rectify issue with the Shared PC Mode. Currently if we want to set up custom Lock screen picture via Intune it disables out Quick Access in File Explorer. However if you Enable Shared PC Mode via GPO or via PowerShell and .ppkg file created from Windows Configuration Designer that feature works without problem - Quick Access is still available in File Explorer.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  14. Intune Device Lock Policy

    The "Password" section of the Device Configuration Policy 'Windows 10 Device Policy' If the'password' is set to 'not configured' and 'Maximum minutes of inactivity until screen locks' set then the policy still applies.

    In order to fix this I had to toggle Required for the Password Field then I could access the Field "Maximum minutes of inactivity" and set it to Not configured.

    This seems like a bug. If the Policy is set to Not configured then it shouldn't configure anything but it was clearly configuring the maximum inactivity timeout still.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  15. Monitor feature for enabled administrative shared devices

    Hi Team,

    In Intune is there any service available for Monitor option to know administrative shared enabled devices ,or any feature that can disable administrative shared in end user device from intune, then its really helpful to protect and secured in cooperative environment .

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  16. Get report of last user to login to a device

    For reporting purposes, it would be beneficial to get a report of users that have signed into an Azure Ad joined device for shared computer scenarios. It would also be great if this report can be pulled with a REST Api.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  17. I would like a feature that allow me to set the time zone at deployment.Currently I am using a powershell script as a workaround.

    CUrrently while deploying with intune there is no way of setting up the time zone. While automatic time zone might work for some clients, I am behind a vpn from another country so that option will also be unusable for me.

    The only way of setting the time zone as of now is by using a powershell script , this is just a workaround.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  18. Disable Windows Hello after Azure Join/Windows Enrollment

    We need the ability to disable Windows Hello (PIN/bio-login), and force users to log in with Password, on devices Windows already enrolled with Intune.
    If users login with PIN/Windows Hello, mapped SMB shares and printers always prompts for password.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  19. Microsoft 365 Device Management SUCKS

    I was able to create a policy and apply it to my machines. And as I have stated I am EXTREMELY DISAPPOINTED and FRUSTRATED with Microsoft with the fact that my NONE of my previous policies or setting migrated to your NEW platform… Now I have to RECREATE all my update policies and everything else… SO GLAD I HAVE NOTHING BETTER TO DO THAN TO RECREATE WORK I HAVE ALREADY DONE!!!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improve timeliness of Device Compliance reporting

    We regularly see VERY long delays with Intune evaluating device compliance. A device will show as not compliant for HOURS after all compliance issues have been remediated, even after forcing check-ins and ensuring that check-ins worked. It often takes 4-6 hours or more - sometimes we have to wait until the following day for a device to show as compliant.

    This causes significant problems when you are using Conditional Access to require device compliance in order to access resources. This is a badly needed improvement - it causes problems every time we deploy a new computer.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base