Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Always on VPN - Add the ability to configure interface metric in profile xml

    When deploying a VPN connection using Intune, there is no ability for us to configure the interface metric either in the device configuration profile GUI or in a profile xml. The interface metric is set to "automatic".

    Please add the ability for us to configure the interface metric in the profile xml. In the rasphone.pbk file on the client Windows 10 device, this is the IpInterfaceMetric parameter. The default setting is 0, which is automatic.

    In many cases we need to change this to a specific value such as 1 in order to solve DNS registration and other issues. It…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  2. Android Enterprise Fully Managed Device and PKCS Certificates

    Our organization doesn't allow using of SCEP certificate deployment for WiFi and VPN authentication. For standard Android devices PKCS (PFX) and SCEP deployment are as option.
    Are there any near plans for PKCS support for Android Enterprise Fully Managed devices?

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  3. Support configuring "MAC randomization"-attribute for Android 10+

    The Android 10+ default setting for new WiFi-neworks seems to be "MAC-randomization = enabled" to prevent tracking across public WiFis.
    This setting should be changeable for Intune-configured networks to keep the network functional with MAC whitelisting-rules in your WiFi-configuration.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  4. Deploy Trusted Certificates to more cert stores like Trusted Publishers

    For Win10, allow certificates to be deployed to additional cert stores like Trusted Publishers. We need this to deploy a large number of code-signing certs.
    As of now only the Computer Root/Intermediate and User Intermediate stores can be selected to deploy a cert to. This is not flexible enough and will require us to create custom Win32 apps to deploy certs.

    81 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  5. Select Intune Certificate Connector in SCEP Configuration Profile

    For environments where separate user/device/usage certificate templates are required, the ability to select a specific or a group of Intune Certificate Connectors in the SCEP Configuration Profile.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  6. Automated distribution of personal certificates for signing emails in Outlook app with SMIME iOS

    Currently Outlook app does not allow the use of automatically deployed certificates with MEM using the Intune certificate connector. The user certificate must be exported, mailed, and manually installed before it can be used, after setting up prerequisites in Exchange Online. This methodology is not very scalable as is the option currently offered, which is the import of PKCS certificates into Intune. The desired option would be the possibility of being able to use the certificates already deployed using the Intune certificate connector infrastructure, as can be done currently with the native iOS app, or a similar option from Exchange…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  7. Certificate Connector should function like tunnel/WAP

    MobileIron Cloud provides a Connector which allows it to retrieve certificates from on-prem and then delivers them to the endpoints. I was completely dumbfounded when I discovered the Intune NDES Connector does not function the same way and that I am still left having to consider implementing a WAP. The Connector should have been that WAP. If Azure AD Connect can do it, why can’t Intune connectors? What is the point of the connector if I still have to build a WAP?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  8. LDAP client signing requirements

    Please provide an option to control the following setting using Intune

    "Network security: LDAP client signing requirements”

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  9. Android Enterprise Work Profile Wi-Fi Profile for Pre-shared Key

    Is there a plan to support Wi-Fi Profile with pre-shared key in Android Work Profile without use Custom Profile?
    Custom Profile show wi-fi password clear and anyone can see it.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  10. import pfx certificate

    With Airwatch MDM and BES12/UEM MDM, you can create a configuration profile where you can easily import a pfx certificate file that you can assign to your user and your VPN profile.

    With BES12 MDM, importing a pfx certificate is easy.
    https://docs.blackberry.com/en/endpoint-management/blackberry-uem/12_10/administration/jth1399034187513/amo1418143666469/sending-the-same-client-certificate-to-multiple-devices/ake1371674383366

    Intune does not have this capability. https://docs.microsoft.com/en-us/intune/protect/certficates-pfx-configure

    Intune wants to integrate our domain ADCS/PKI services which is a bit of work and too complicated.

    Can this be way of importing pfx certificates be developed for Intune?

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. VPN: define specific force tunnel exclusions for Optimizing Office 365 traffic for remote workers

    To reduce VPN traffic using with ForceTunnel VPN, we need for defining specific routing exclusions.

    It's great to be able to configure Office 365 route optimization with one click.

    Use case: Optimizing Office 365 traffic for remote workers with the native Windows 10 VPN client

    https://docs.microsoft.com/en-us/office365/enterprise/office-365-vpn-implement-split-tunnel#2-vpn-forced-tunnel-with-a-small-number-of-trusted-exceptions

    https://docs.microsoft.com/en-us/windows/security/identity-protection/vpn/vpn-office-365-optimization

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  12. email profile for android device owner devices

    we need the option to deploy email profiles to android devices enrolled as "device owner" not only for "work profile" devices

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  13. Include Profile support for Azure VNG configured with OpenSSL

    Would be good if the Intune VPN policies included support for OpenVPN especially those done via the Azure VNG appliances

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  14. Wi-Fi Profile to be added to device automatically prior to being sent out

    Please can it be made possible for iPhones to pick up our Wi-Fi profile prior to being sent out from our supplier? As it stands we currently receive iPhones from our supplier which are pre-enrolled with ABM. Each device we receive we have to manually connect to the Wi-Fi on our site which proves a pain. Our supplier in theory could power on the devices, connect to their Wi-Fi and pull down the configuration policy, it would be great if this policy could contain the settings for our Wi-Fi profile, as it stands the device has to be fully enrolled…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. per-app wifi

    Could we Get an PER-APP Wifi same as per-app vpn?
    We would like to have application using specific wifi and get disconnected from that wifi when not using the app.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  16. Is there any way I can setup the VPN Profile in white-glove itself then after the Reseal, device shipped to remote user. Then when the user

    Is there any way I can setup the VPN Profile in white-glove itself then after the Reseal, device shipped to remote user. Then when the user open up and at the time of network connection. It should bind the Home Guest network with VPN Profile and should connect to Office Corporate Network. Could you please think & provide me suggestions how to achieve this .This will help me the remote user with Hybrid Azure ADProfile setup

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  17. Display certificate details in Trusted Certificate configuration profile

    When viewing settings of a Trusted Certificate configuration profile, it would be helpful to admins to provide the details of the uploaded certificate. Currently all you see is the filename that was uploaded, which may or may not match the CA issuer or subject name.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. wifi enterprise android

    Add support for Android dedicated devices Enterprise Wi-Fi configurations using PKCS certificates (machine or user based). Currently the only options for Wi-Fi on dedicated android devices is using WPA Pre-shared keys, this is not very enterprise friendy. Need to support EAP-TLS with PKCS certificates. Works fine on iOS, just not Android.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support for authMode in Windows 10 Wi-Fi profiles

    We need the support for the authMode setting in the WLAN XML schema to enforce machine only authentication for Wi-Fi profiles.

    WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1"><MSM><security><OneX xmlns="http://www.microsoft.com/networking/OneX/v1"><authMode>machine</authMode></OneX></security></MSM></WLANProfile>

    We are having to use custom OMA-URI profile to prevent Machine and User authentication.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow HEX NetworkKey when setting up WPA or WPA2 wifi profiles.

    Currently when creating a WPA or WPA2 Wi-fi profile, the Pre-Shared key field only allows entry of 8 - 63 characters. HEX NetworkKeys are 64 characters long.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base