Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Device whitlisting based on IMEI or UUID

    As part of migrating to O365 Exchange, IT-Security department concluded that they can no longer have a White List of which devices that are allowed to access the O365 services.
    Today, a normal AS / VPN is used to access the on-prem environment and therefore only approved devices can connect.
    - Company is buying devices for there users and they want to assure that users can only access the Company data from the devices that they got from the company, and access to the Company data from personal phones should be blocked.
    - based on IMEI/UUID Company Devices should specified…

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. Extend Conditional Access possibilities

    Extend the Conditional Access policies within Intune.
    A few suggestions which I would like to see in the coming updates in Intune.


    • Conditional Access to allow specific OS/OS version (device claims)

    • Conditional Access to Block Browser access as well, now Conditional Access is only targeted to Apps.

    • Allow to create more options within Conditional Access like:


      • Conditional Access for other O365 services like CRM




    • Update alle Microsoft Apps (for example Onedrive, Skype, Company Portal) to support Device claims (DRS) and certificates.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Use IMEI as unique device identifier and provide possibility to create policies based on IMEI.

    Use IMEI as unique device identifier and provide possibility to create policies based on IMEI.
    The desired functionalities are; white/black list IMEIs, pre-stage device enrolment based on IMEI
    Link/bind IMEI to the end user

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Update Company Portal to support device claims

    Update the company portal (and other O365 apps like Onedrive for IOS) to support device claims, If you want to allow only "isregistered" (Workplace joined) devices to get a token on ADFS you cannot check for isregistered at the moment as the company portal will then fail logging in.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Bad updates are being pushed

    If KB3114409 was flagged as a bad update in mid-December; why was it pushed out to my clients on January 4th? Why wasn't removed from Intune as soon as Microsoft pulled it?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  6. Full automatic Intune Exchange Active Sync configuration

    Hello,

    My company Exchange ActiveSync configuration uses :
    - user email
    - user password
    - Exchange Activesync server name
    - domain name
    - login name

    In order to have a full automatic Exchange ActiveSync configuration, I hope to have the following workflow :
    - to setup the Intune exchange configuration with user variables like for example $SAMAccountname, $password, $email
    - to set the "domain" parameter that is not an available parameter for now !
    - to set other parmeters like server name, ssl.
    - While enrollment, all Exchange configuration can be set automaticaly from a mix of fixed parameters (server…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. work with policy templates so that partners can build templates (or import/export policies) to use for all their customers

    work with policy templates so that partners can build templates (or import/export policies) to use for all their customers. Today parters are managing eg. 100 customers. With Intune they need to define the policy for every customer from scratch. It would be great if they could work with inherited partner specific policies across all their customers of if they could start (import) from a certain template.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  8. Use a group to allow or block registering a device with Intune.

    I would like to have the ability to block users from registering a device or connecting to the Outlook app for mobile devices unless they are in a specific group. I can enforce compliance rules, but if they meet the compliance requirements they get in. I want to block all access unless they get final approval from management and then I can add them to the group that allows access.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, David, are you talking about standalone Intune, or hybrid with Configuration Manager? In hybrid you pick the group you want and configure that on the Intune connector, so for hybrid, we already have what you’re asking for. But not for standalone.

  9. Intune admin console fails to load in Edge browser - states that it needs Silverlight when newest version installed

    Title says it all.

    Runnign Windows 10 enterprise latest build, fully updated.

    Just downloaded Silverlight and installed it again to ensure it was up to date.

    Still getting the error that states you must have Silverlight installed.

    Come on guys.....this is silly.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    Yup. Edge decided not to support Silverlight. Intune admin console still uses Silverlight. We’re working on a change but nothing to report yet. I’d merge this into “replace Silverlight with HTML version” but you’re already a supporter for that one in the Ideas forum.

  10. Send mail to admin when user install non-compliant app

    Be able to get the non-compliant app report by email. Now we have to login every time we want to see the status.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Policies  ·  Flag idea as inappropriate…  ·  Admin →
  11. Windows Hello Biometric Support For On-Premise Active Directory

    Although Azure support is nice, Windows Hello Biometric support should be brought to On-Premise Active Directory.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Computer Inventory Report - include group names in the report

    When this report is run for All Devices the group names are not included in output or exported - include group names so one report can be run for all devices, exported and analyzed by group - this will save a lot of time ... otherwise if you have 20 groups you have to run 20 reports for each group

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  13. CRM Online Compliance Policies

    I'd like to see a CRM Compliance policy like there is with SharePoint and Exchange.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Policies  ·  Flag idea as inappropriate…  ·  Admin →
  14. Let user know why enrolling fails on rooted phone

    I tried to enroll my Note 4 DEV Edition (Android 5.0.1) which has no locked bootloader. While I didn't have superuser enabled, enrolling still catches it which is fine, but instead of going in circles about enrolling, retrying, sometimes saying I'm enrolled and requiring an update and then failing on the update and then trying all over - wouldn't it be nice if it just detected root and notified me that I can't enroll for that reason?

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Links to Web Apps behave different in Safari than in Company Portal

    We have deployed several web apps through the company portal. We have these set as featured apps (They go to internally built applications, SharePoint sites, etc). When users on an iPhone click on the link in the portal it "installs" an icon on the phone's home screen. If they open "Company Apps" or "All Apps" from the portal it redirects to Safari (which is expected). The problem is that if they click the link from within Safari it goes to the website instead of creating the shortcut.

    Is it possible to change this so that when our staff click on…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Pass Company Portal login info to Managed Apps

    I'd like to see the Company Portal pass credentials to other managed applications. For example;
    1) I login to the Company portal with my O365 account
    2) Checks for compliance and prompts to install Outlook
    3) I open Outlook and it already signs me in with my O365 account, or at the very least, selects O365 and populates my email address.

    Users have been trained for YEARS to select "Exchange" so this would ease that burden. We also need users selecting O365 for effective device management.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  17. 0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Virus Detection File Path

    When Intune Endpoint Protection detects a virus it should display the file path where it was found on the endpoint. This is standard on most antivirus products.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Upgrading to New Device Allows Unmanaged Access

    I'm new to Intune and have confirmed with my 3rd party vendor the "feature" I'm about to describe is currently functioning properly. In my opinion this needs to change.

    I don't know the behavior with Android yet, this was only just discovered with an iPhone device.

    User gets new phone, backs up old phone, activates new phone, performs restore.

    The management policy did not get loaded to the new device, but Outlook app was installed. User was only asked for credentials and was then allowed unmanaged access to corporate email.

    I'm sure there are issues with how iPhones do restores…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base