Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to limit CPU usage from the Host Process for OMA-DM Client

    We've noticed that our Autopilot (intune managed) pc's occasionally have CPU spikes during the day at seemingly random times (probably based on the Intune scheduled tasks for doing OMA tasks), those spikes in CPU usage are revealed to be due to the Host Process for OMA-DM Client.

    This can spike to over 50% cpu and when in conjunction with other CPU heavy tasks can reduce a modern i5 computer to... a slow computer. This is immediately noticeable as it will trigger a FAN to start, so users DO notice it, regardless of the performance degradation.

    Please give us the ability…

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. Lock Windows 10 screen with PIN

    It would be practicable if there was a way to block the screen of a W10 user with a pin, like MAC's.
    Let's say we have to block a computer within seconds because a user is contaminated, but we still need the data for forensic investigations (otherwise we could just wipe the device)

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disable Windows Hello on Windows Devices after Intune Enrollment

    There is no way of disabling Windows Hello after Intune enrollment, and when using mapped SMB shares and PIN logon, you always get prompted for a username/password to browse the folders.

    We need the ability to disable Windows Hello (PIN/bio-login), and force Password login on Windows devices already enrolled in Intune.

    551 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    31 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. End user experience after device is been deleted

    When device is deleted or retired from Intune, the end user cannot login there anymore which is excelent feature but it should be more informative. Current text on Windows 10 login screen still is:
    "The Password is incorrect. Try again."

    ..then user calls Service Desk and everyone is confused...

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. Redirect Video, Downloads and Music

    On top of KFM, we would like the ability to add Videos, Downloads and Music to redirect to One Drive for Business. The ability to do this with GPO is seamless but as we transition to Intune MGMT, this capability is not available unless via scripting.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Timezone not honored from OOBE after Intune Wipe

    When on-boarding a device with Windows Autopilot, the region selected (e.g New Zealand) in the OOBE is honored as the time zone for the device. If the device is then wiped in Intune, the region selected in the OOBE on the subsequent Autopilot on-boarding is ignored and the time zone is set to the default for Windows, Pacific Standard Time. A work around such as a PowerShell script to set the timezone or using a CSP can be used, but become complex in a multi time zone environment and can cause problems with the Autopilot Enrollment Status Page timing out…

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. AirServe provisioning with activation code

    We are using Surface Hub, since it's not supporting iOS screen mirroring, we are using AirServer, challenge we are facing is that AirServer require activation code for activation. we raised a case with Microsoft Support where we have been told that Intune does't support AirServer provision with activation code

    This is a bit of a challenge since we have more than 100 Surface Hub across 7 countries

    Appreciate if Microsoft can fast track this feature

    Attached is the MS Support email where they requested us to raise it here

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  8. Send custom notifications to Desktops

    This article describes sending remote notifications to iOS and Android devices. How about Windows and macOS too?

    https://docs.microsoft.com/en-us/mem/intune/remote-actions/custom-notifications

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  9. Be able to export uploaded Applocker files in WIP policy

    In Windows Information Protection (WIP) policy, users can upload applocker xml files to 'Protected apps' or 'Exempted apps'. However, there's no way to export those uploaded xml files from Intune Portal. There's only a delete option. We request to export uploaded xml files in WIP policy.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. HEIF & HEVC

    HEIF Image Extension & HEVC Video Extention Codec needs to view the iPhone live photos on the windows 10 machine. This is becoming a major issue as in an enterprise environment where companies use VMware horizon VDi machines like Geraldeve LLP where windows 10 is the main OS and iPhone is the main mobile device and users want to download there picture on the windows 10 machine but they cannot view the live photos. As 3rd Line Engineer, I have worked out and find the solution which I want to suggest to Microsoft to fix this issue as soon as…

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add LAPS support into Intune

    Add Microsoft Local Administrator Password Solution into Intune

    1,741 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    42 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support German umlaute or special characters in Win32 deployment detection scripts

    When using a PowerShell script to check the user Win32-installation (detect script) German umlauts (ä, ö, ü) are not working correctly. The script uploaded to Intune is encoded in UTF8-BOM and works locally. After uploading, the script does not return the expected result.

    Attached script checks for a lnk-file on the users desktop called "Archiv öffnen.lnk". A second Win32-app (configured exactly the same) checks for "Archiv sperren.lnk" and is working/detecting fine.

    Intune Support [Case #:19996363] does not deal with that, as "Power shell scripts is out of Intune scope boundaries".

    Please check the Intune PowerShell upload sanitising or the download…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable enrollment status page for device groups

    Please add feature to add ESP not only for users but for groups of devices as well.
    This is needed when creating different client types and dont want to require push on all application on all types
    i.e. pushing specific applications to kiosks and other to user enrolled devices (where we often choose too add a very small amount of apps during ESP)

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automate Work or School Account removal & deregistration

    Administrators require an automated method for the removal of Work or School accounts from Windows workstation settings; Powershell, GPO, etc. In addition, it appears it may also be required to sign users out of ID-based Office products to make this happen.

    There are many circumstances in which one would desire to deregister and dejoin devices from Azure AD. A critical example is tenant to tenant migration which happens frequently during mergers and acquisitions. Most such migrations involve a cutover strategy. Using the GUI to derigister devices from Azure AD is unacceptable even for small organizations, especially with today's mobile-first remote…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. Improvement in MDM Diagnostic Information Report

    Hi Team, I have noticed that MDM Diagnostic information report generated from a Client PC to check what all policies are configured. It doesn't displays all the values configured in Intune. Opened a case with Microsoft and they told me that it's like that only which is a bit of issue from L0\L1 level troubleshooting point of view. Attached screenshot for same. if this can be improved to display all policies client is getting from Intune.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  16. Control Windows Spotlight in Windows 10 Pro

    Allow consumer features, and Spotlight in general, to be blocked in Windows 10 Pro via InTune configuration profiles.
    Understand this is currently limited to Enterprise, but the "Pro" means "Professional" and many of our SMB clients deploy this OS with EMS licenses.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow ability to Disable Bitlocker that is currently active on Azure Joined/Intune devices

    Allow ability to Disable Bitlocker that is currently active on Azure Joined/Intune devices through Intune policy

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. Turn Windows features on or off

    I want the option to turn Windows features on or off, and assign it to users/devices, without using PowerShell script.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. ‘Remove built-in Windows apps’, like Mail, Calendar, Mixed Reality Viewer, My Office, Feedback Hub, Xbox, Groove Music

    Intune Configuration to ‘Remove built-in Windows apps’, like
    Mail, Calendar, Mixed Reality Viewer, My Office, Feedback Hub, Xbox, Groove Music, and maybe others.

    This was started at one point, but retracted for whatever reason. It'd be nice not to have to resort to 3rd party decrapifier scripts to do what should be built-into Intune for Enterprise Win10.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Fix "Remediation failed" messages when applying UserRights CSP

    If someone try to enforce privileges to a Win10 Enterprise device (using CDATA tricks for formatting...) using UserRights CSP, these settings work fine on the enduser device.

    However, there is no way to know if they have been applied properly, as Intune GUI always reports such settings with "Remediation failed".

    The Intune tech support told us, that it is because "If the value returned by the Get operation doesn't match the value supplied by the Add or Replace operations, then Intune reports a compliance error."
    (source : https://docs.microsoft.com/en-us/intune/custom-settings-windows-10#find-the-policies-you-can-configure).

    From engineering/IT point of view, it is much appreciated to have…

    52 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 10 11
  • Don't see your idea?

Feedback and Knowledge Base