Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Display phone number for Android Enterprise

    Phone number should be inventoried on Android Enterprise Dedicated and Fully Managed devices.

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  2. Select all device of Bulk Device Action

    When I use bulk device action, I select OS and Device action.
    After that, I select device with using filter.
    But I can't select all filtered device, so I must select one by one.

    I want to select all filtered device by one click.
    Please make all select box.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable Google Backup Services on Managed Devices

    On Managed Devices we cannot enabled Google Backup. Users add their own Google account in the Play store and want to create/restore backups.

    357 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow Azure Hybrid AD Domain Join to use %SERIAL% or %RAND% variables for the Domain Join Intune Device Configuration Profile

    Currently, Azure AD Hybrid Domain Join (In Preview) does not allow the use of variables such as %SERIAL% or %RAND% but only allows the use of a simple prefix such as WIN10- for the computer name. This is an important feature that does currently exist for standard Azure Domain join but not Hybrid where customers need to ensure the device enrolls in Autopilot in Intune, but also in the local network AD domain.

    I wrote a blog post about this issue in more details here.

    https://www.moderndeployment.com/intune-hybrid-domain-join-error-80180005/

    Most customers use a standard Computer naming convention with the serial number OR asset…

    555 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. support multi track of macOS

    For compliance policy, macOS version check function should support multi track of macOS (such as 10.13.x, 10.14.x and 10.15.x).

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Intune Licensed Users/Assigned Users and not licensed

    We've been told that we're unable to pull a list of Assigned and not licensed users. It would be very helpful if Intune Administrators had the ability to export a list of either Intune Licensed Users/Intune Licensed Enabled Users or Intune Licensed Disabled Users.

    Specifically talking to the Assigned Users graph at Home > Apps > Monitor - App protection status page in your Microsoft Endpoint Manager admin center.

    The only solution we have at this point is to go one by one for hundreds if not thousands of users

    53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. data recovery agent

    Add the ability to add a Bitlocker Data Recovery Agent from internal PKI for AAD joined devices. This will provide ability for enterprise to always be able to recover/unlock the disk if the object has been removed from AAD since the recovery keys stored there get removed if/when the object is removed.

    We currently use the DRA for hybrid/on-prem devices but its delivered via GPO and no way natively to do this with Intune policies. We're working on a scripted workaround to deliver the DRA via LGPO.exe but its obviously not an ideal method.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Bitlocker Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Report to view the delta between Intune and CM device inventories

    Having a dashboard or report that could tell co-management Admins what devices are in Configuration Manager and not in Intune - and visa versa - would be extremely helpful.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Inventory (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support Teamviewer remote control integration for Android Dedicated and Fully Managed devices

    Intune's Teamviewer integration is not supported for android Dedicated or Android Fully Managed devices. With Intune and Google pushing us to use Android Enterprise for Android devices this is a much needed feature.

    We recently changed our remote control partner to Teamviewer because Teamviewer is Intune's partner. Now that we are moving devices to Android Enterprise as fully managed devices or dedicated devices we no longer have remote control functionality.

    This needs to be resolved as soon as possible.

    53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Remote Assistance/Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. 57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Lock Windows 10 screen with PIN

    It would be practicable if there was a way to block the screen of a W10 user with a pin, like MAC's.
    Let's say we have to block a computer within seconds because a user is contaminated, but we still need the data for forensic investigations (otherwise we could just wipe the device)

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. Disable Windows Hello on Windows Devices after Intune Enrollment

    There is no way of disabling Windows Hello after Intune enrollment, and when using mapped SMB shares and PIN logon, you always get prompted for a username/password to browse the folders.

    We need the ability to disable Windows Hello (PIN/bio-login), and force Password login on Windows devices already enrolled in Intune.

    551 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    31 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Support VPN Connectivity for Autopilot Hybrid Enrollment

    From the requirements here:
    https://docs.microsoft.com/en-us/intune/windows-autopilot-hybrid
    "Have access to your Active Directory (VPN connection not supported)."

    This requirement breaks the concept of having a device that could be shipped anywhere directly to a user. Large enterprises still have, and will continue to have applications that rely on domain connectivity for authentication. Many of these enterprises build their devices onsite and ship to users that never see the corporate network. Autopilot could never work in this scenario without users disclosing their credentials.

    The feature we would like is a secure means of establishing an AAO VPN tunnel during enrollment that would allow…

    719 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support Multi-Factor Authentication when enrolling via DEP

    MacOS Catalina appears to now support web form sign-in during DEP enrollment: https://developer.apple.com/documentation/devicemanagement/accountconfigurationcommand/command?changes=latest_minor

    This may allow us to provide an onboarding experience more closely aligned to AutoPilot - ideally, user would be able to complete account recovery setup and MFA setup during DEP enrollment as opposed to what we have today: basic auth without support for MFA.

    For customers who rely exclusively on Intune for MDM, this makes onboarding a bit more difficult and may dissuade them from using DEP enrollment altogether with the absence of support for MFA.

    71 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. Injuect Windows Updates and Feature Updates during whiteglove deployment

    We want to be able to get all the latest updates and feature updates during whiteglove setup. So a user receiving a freshly delivered computer does not have to wait until 1909 arrives (as even Surfaces by Microsoft sometimes are still delivered with 1903 or worse)...

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Include search button/search option for member serach under Groups-> Members in Intune Console

    User search criteria under group members is quite difficult, as we have to click on "load more" for couple of times if group has couple of hundred users and search with browser (Chrome/ IE) search option(Ctrl+F).
    No Console search option to find user is member of group at the movement.

    76 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Always on VPN - Add the ability to configure interface metric in profile xml

    When deploying a VPN connection using Intune, there is no ability for us to configure the interface metric either in the device configuration profile GUI or in a profile xml. The interface metric is set to "automatic".

    Please add the ability for us to configure the interface metric in the profile xml. In the rasphone.pbk file on the client Windows 10 device, this is the IpInterfaceMetric parameter. The default setting is 0, which is automatic.

    In many cases we need to change this to a specific value such as 1 in order to solve DNS registration and other issues. It…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. User devices in Intune to show ALL devices that the user owns

    The official documentation is below, but it is a bit dumb as USER devices should be showing ALL devices that the user is a primary user in (or there should be some way to easily get them/act on them)

    Q: I registered the device recently. Why can't I see the device under my user info in the Azure portal? Or why is the device owner marked as N/A for hybrid Azure Active Directory (Azure AD) joined devices?
    A: Windows 10 devices that are hybrid Azure AD joined don't show up under USER devices. Use the All devices view in the…

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. End user experience after device is been deleted

    When device is deleted or retired from Intune, the end user cannot login there anymore which is excelent feature but it should be more informative. Current text on Windows 10 login screen still is:
    "The Password is incorrect. Try again."

    ..then user calls Service Desk and everyone is confused...

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support Company Portal on ChromeOS -- how hard can this be?

    Begging for this support so I can use Outlook and Teams full apps with 365 corporate email on my trusty Chromebook.

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base