Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy Trusted Certificates to more cert stores like Trusted Publishers

    For Win10, allow certificates to be deployed to additional cert stores like Trusted Publishers. We need this to deploy a large number of code-signing certs.
    As of now only the Computer Root/Intermediate and User Intermediate stores can be selected to deploy a cert to. This is not flexible enough and will require us to create custom Win32 apps to deploy certs.

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  2. email profile for android device owner devices

    we need the option to deploy email profiles to android devices enrolled as "device owner" not only for "work profile" devices

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  3. import pfx certificate

    With Airwatch MDM and BES12/UEM MDM, you can create a configuration profile where you can easily import a pfx certificate file that you can assign to your user and your VPN profile.

    With BES12 MDM, importing a pfx certificate is easy.
    https://docs.blackberry.com/en/endpoint-management/blackberry-uem/12_10/administration/jth1399034187513/amo1418143666469/sending-the-same-client-certificate-to-multiple-devices/ake1371674383366

    Intune does not have this capability. https://docs.microsoft.com/en-us/intune/protect/certficates-pfx-configure

    Intune wants to integrate our domain ADCS/PKI services which is a bit of work and too complicated.

    Can this be way of importing pfx certificates be developed for Intune?

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  4. Is there any way I can setup the VPN Profile in white-glove itself then after the Reseal, device shipped to remote user. Then when the user

    Is there any way I can setup the VPN Profile in white-glove itself then after the Reseal, device shipped to remote user. Then when the user open up and at the time of network connection. It should bind the Home Guest network with VPN Profile and should connect to Office Corporate Network. Could you please think & provide me suggestions how to achieve this .This will help me the remote user with Hybrid Azure ADProfile setup

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sync Outlook for iOS Calendars to iOS native Calendar app

    This is now available for Contact sync in the Account settings (Within the Outlook app on iOS device, Settings>Tap the account>Toggle on "Save Contacts"> tap "Save to My iPhone" at prompt "Would you like to save your [#] Outlook contacts to your iPhone?" > Tap "OK" to allow Outlook to sync Contacts to the iOS Contacts app.) It would really help user buy in to Intune if there was a similar option to sync calendars to the native iOS calendar app.

    1,100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    59 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow HEX NetworkKey when setting up WPA or WPA2 wifi profiles.

    Currently when creating a WPA or WPA2 Wi-fi profile, the Pre-Shared key field only allows entry of 8 - 63 characters. HEX NetworkKeys are 64 characters long.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support for authMode in Windows 10 Wi-Fi profiles

    We need the support for the authMode setting in the WLAN XML schema to enforce machine only authentication for Wi-Fi profiles.

    WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1"><MSM><security><OneX xmlns="http://www.microsoft.com/networking/OneX/v1"><authMode>machine</authMode></OneX></security></MSM></WLANProfile>

    We are having to use custom OMA-URI profile to prevent Machine and User authentication.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  8. Android Enterprise Fully Managed Wi-Fi Profile Support for WPA2

    Is there a plan to support the deployment of Android Enterprise (Fully Managed) WPA2 Wi-Fi profiles? It seems the policy can only support WPA.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  9. wifi enterprise android

    Add support for Android dedicated devices Enterprise Wi-Fi configurations using PKCS certificates (machine or user based). Currently the only options for Wi-Fi on dedicated android devices is using WPA Pre-shared keys, this is not very enterprise friendy. Need to support EAP-TLS with PKCS certificates. Works fine on iOS, just not Android.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow us to configure Per-App VPN as below

    We are now planning to configure the service scheme as below:

    a) Multiple users will use one VPN service certification
    b) To configure VPN connection (Per-App VPN) for each apps are planned

    However, above configuration is not available at current Intune, and this situation force us to have tough Intune administration.

    Detail for the Intune setting at our environment.

    a) is not available at VPN configuration profile (1), so customer create mobileconfig at custom policy as a workaround.
    However, it is not available to enable this custom policy as a Per-App VPN (
    2).

    If we are able to

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support for PKCS Certificates for Windows 10 WiFi EAP Authentication

    Currently Intune only supports SCEP user certificate profiles for client authentication within Windows WiFi Enterprise profiles.

    Including the ability to call PKCS-based user certificate profiles would bring Intune capability to near-feature parity with the group policy based equivalent.

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  12. Get custom settings for Android Enterprise Fully managed/Dedicated Devices

    Would be great If I could configure Custom wifi profile with Username password same way we can do for Windows and Android Work profile.

    We have Zebra Devices and OEMconfig does not give this option either, but everytime there is a new option in Zebra OEMconfig we need to a new Version of MX, which already most of our devices (even if pretty new) still cant have the latest version.
    So if that would be possible to have on Intune side it would be great.
    Thanks

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  13. Default to computer name for Intune Certificate Connector name

    When adding a new Certificate Connector for Intune the new connection is given a very opaque and uninformative name. It would be more useful to default to something like the underlying computer name to make it clear where the connector is installed. This information does not appear to be surfaced through the Intune blade in Azure.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  14. Detect AD CS during Intune Certificate Connector installation

    The Intune Certificate Connector is not supported for installation on the same server as is running an AD CS enterprise CA. This being the case, it'd be nice if the installation would detect this scenario and block installation or warn the user.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. Event log name conflict with Intune Certificate Connector

    The Intune Certificate Connector service creates an event log on startup titled "Microsoft Intune Connector". Unfortunately, due to limitations in the .NET API used to create the event log only the first 8 characters are significant. This results in an installation failure if another log already exists at the top of the "Applications and Services Logs" hierarchy which begins with "Microsof". An example of such an application is Windows Admin Center.

    As the service is started during installation the entire MSI installation will fail and needs to be cancelled. Even if the service was not started during installation, it would…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow to get information about enrolled certificates via Intune/Graph API

    There is an option to see enrolled to devices certificates via Intune portal and report this data to CSV. However it is not possible to get the same information using GraphAPI or PowerShell. There is a need to get this information using REST call or PowerShell.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  17. wifi profile Remember my credentials for this connection

    Can you add Remember my credentials for this connection each time I'm logged on. When I deploy Windows Wi-Fi profile I have to enter the user name and password every time I login. I use Wi-Fi enterprise type.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. L2TP iOS VPN Support

    L2TP VPN has been supported in iOS for quite some time but it is not supported as a VPN in inTune. It would be nice to have it supported as a VPN so that I don't have to deploy a custom iOS profile.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add support for Citrix VPN on Android Work Profiles

    Android Device Admin enrollment supports Citrix VPN, but Work Profiles do not. As we approach the release of Android Q (10.0), Device Admin will no longer be an enrollment option with full support from Google. Parity is needed here, especially considering that Citrix is one of the few options offering NAC.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. SCEP Profile - Devices - Allow DNS domain names that begin with a number

    When configuring a SCEP Profile for a device certificate, it is not possible to configure a domain name that begins with a digit (0-9).

    Working: {{AADDeviceID}}.one234.com
    Failing: {{AADDeviceID}}.1234.com

    The UPN and E-mail address attributes (with an @ at the start of the domain) are accepted as they should be.

    Confirmed with SCEP Device Profile for Windows and iOS. Assume Android will have the same incorrect input RegEx applied.

    Thanks
    Russell

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base