Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Windows 10 AD Domain

    I would like to see Intune support AD domain joined devices be supported. We have a bunch of outside sales reps who we would need to manage all of their hardware remotely with intune and we can only manage half of what the use (their Iphones).

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. Windows 10

    I would like to see Intune support AD domain joined devices be supported. We have a bunch of outside sales reps who we would need to manage all of their hardware remotely with intune and we can only manage half of what the use (their Iphones).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. automated enrollment when staging PC's with MDT

    Automated enrollment when staging PC's with MDT would be a great feature. The possibility to add an extra step to an MDT task sequence. i know that there is a GPO for domain joined devices to auto enroll but for AAD only devices i don't think there is anything available

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add the feature to prevent the fraudulent use of security groups using different MDM Authority

    ■Description:
    We would inform you that there are customers who are using the environment with MDM Office 365 and Intune in parallel.

    Originally, it is not preferred to use the security group to multiple MDM Authority.
    Despite it, some of the customers have used the security groups to enroll in MDM Office 365 policy enrollment destination by applying Intune policies that had been used before.
    As a result, the unexpected behavior happened then the security group got damaged eventually.

    To prevent the fraudulent use of security groups using multiple MDM Authority, we hope the feature will be added that allows…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable the [Lost Mode] function of iOS even if you are not setting the device to [Monitoring Mode].

    In order to improve the usability, I hope the feature will be improved that allows using [Lost Mode] of iOS even if you are not setting the device to [Monitoring Mode].

    Thank you for your consideration.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Automatically identify owner of device during enrollment.

    I am missing the ability to automatically identify the owner of the device during enrollment. It is most likely that the person enrolling the device is the actual owner of the device. The users have to go through a lot of steps to enroll their phones. To install apps from the company portal a user needs to be identified on the device. When this do not happen automatically, the user need to go through even more steps to install apps. I opened a ticked with Microsoft, but the case got resolved with the following note : This is by Design…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow laptop devices to enroll without the need for local administrative rights.

    None of our Windows users are local admins on their devices, therefore to enroll their device we need to log in as an administrator, update the user as a local admin, and we can then complete the enrollment process. Bypassing this would mean that we can send out instructions rather than needing to manually update the rights of the machine.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. terms & conditions -> assignments confusing UI

    If I go to enrolment restrictions -> assignments, I get a + Select Groups with a group list below it that I can remove if required

    However, if I go to terms & conditions -> assignments, the UI is a bit different and confuse as well.

    The 1st time you open, you have the select groups to include (what can easily be identified where you need to click)

    however, once you click the text changes to select groups to exclude

    the UI for t&c as well as to enrolment restrictions -> assignments should be the same

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Terms and Conditions (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  9. On Screen recording needs to disable in iOS once device is enrolled in Intune

    All iOS & Android device users can easily turn on screen recording feature even if device is enrolled in Intune, and create video of the outlook mails.
    Which has been blocked in new update of blackberry UEM 12.8.0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. select device configuration profiles to be applied on the device during enrollment if device is not compliant

    if a user enrolles an e.g iOS device in intune and the device is not compliant, all assigned device configuration profiles are applied on the device. it would be good to be able to select, which configuration profiles are applied if a device is not 100% compliant to avoid e.g certificates or email profiles are downloaded to the device

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Policies  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow certs on Android without passcode

    When I deploy certs to Android it fails unless the device has a passcode. This is dumb please fix

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  12. Implement the option to make the files uploaded to Azure portal masked by GUI.

    ■Description:
    For security reasons, some organizations need to locate the Wi-Fi administrator and the administrator of Device Configuration profiles separately. For that reason, the global administrator does not want to inform the Wi-Fi password to the administrator of the Device Configuration profile.

    In Intune, we are requiring to upload the ". xml file" in order to deploy the custom Wi-Fi profiles. It is problematic from a security point of view because it can be confirmed the uploaded Wi-Fi password when the administrator of the Device Configuration profile accesses to the existed Profile blade on Azure portal.

    Therefore, I would like…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. Disable 'Multiple User' functionality of Android

    I'd like to be able to disable Android users from creating secondary users and bypassing our policy restrictions.

    https://source.android.com/devices/tech/admin/multi-user

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  14. AutoPilot: Use CompanyPortal app to push/collect DeviceID data for already deployed Win10 computers

    One of the biggest problems with AutoPilot is getting the deviceID info from existing devices that are only cloud managed.

    It would be helpful to be able to pull DeviceID and Current Computer name from the CompanyPortal app installed on Windows 10 1703+ devices.

    Assumptions:
    MMD Management: Intune on Azure Portal (at least migrated from silverlight) (Intune or EMS E3+ for license)
    Authentication: Azure AD Joined with at least a P1 AzureAD license assigned
    Device: Windows 10 devices that support AutoPilot (so far 1703+)
    Application: Windows Store App "Company Portal" is installed

    Possible workflows -

    1) Since the device is…

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Manage update from Google Play for Work

    We would like to be able to manage the Google Play for Work application from Intune.
    That is, you can configure how you can update the applications managed by Android for Work, only Wi-Fi, 4G or both.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable "All Groups" functionality in RBAC scope

    Primary objective is to provide a central team that are not Intune Service Administrator the ability to assign apps to ANY group in Azure AD without having to define each group.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Role-based Access Control (RBAC)  ·  Flag idea as inappropriate…  ·  Admin →
  17. should be able to view Power bi link in managed browser

    Can’t view a power bi link in managed browser

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
  18. SharePoint Online Conditional Access don't work with DEM enrolled devices

    Our devices was enrolled with DEM, and as it turns out SharePoint Online Conditional Access didn't support this. Condition was that the devices is "Compliant" in Intune, which it was, but still no SharePoint Access. Intune support told me that it's not supported. Why? Please fix....

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  19. SCUP

    Provide SCUP the ability to pull down macOS specific 3rd Party patches for deployment through SCCM.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. How to disable the Windows 10 Express File totally

    PROBLEM STATEMENT:

    How to disable the Windows 10 Express File

    WORKAROUND ANALYSIS:

    What we did here is to disable the Windows 10 express file settings. But the previous downloaded updates when the settings still enabled still the download the express because as per MS Premiere it was already save in DB and could not clear it.

    I have to download the latest one where the express is not enable, then the files being downloaded is back to normal without the express files.

    IMPACT TO BUSINESS:

    The affected here are the Storage and network bandwidth because the files is too big…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base