Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add ScopeTag to section Corporate Device Identifier

    Working @Sodexo,

    Section : Enroll Devices / Corporate Device Identifier

    Would be nice to add a ScopeTag field in :
    - GUI
    - Excel File
    - Webservices

    it would be of a great value for "local admin" to quickly see devices belonging to there scope.
    We are in more than 80 country with more than 250 local admins entity which leverage different sets of devices.
    View on Default scope tag isn't an option (too many devices would popup from around the world)
    Relying on Dynamic group isn't an option for mobile since it take too much time, and doesn't allow…

    47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  2. Android Enrollment Token should allow automatic Scope Tag assignment

    Working for Sodexo,

    When creating enrollment token,
    it would be really nice to be able to assign a ScopeTag to devices enrolling with such enrollment token.
    Without depending on script or difficult to exploit dynamic groups.
    This way our local admin would almost instantly see device having the scopetag they are entitled to managed.

    thanks
    John PIGERET

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  3. Intune MAM support for Android face unlock

    New Android devices (Pixel 4) don't provide fingerprint unlock.
    Users must then use PIN unlock.
    Suggestion is to add MAM support for Face unlock on Android, to bring it to the same parity level as iOS - https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/32395231-intune-mam-support-for-ios-face-id

    264 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Conditional Access Policy "Require app protection policy" support for Teams mobile app

    Support Microsoft Teams mobile app for use with 'require app protection policy' access control in Conditional Access policies.

    Currently only OneDrive, Outlook, Cortana, and Planner are supported.

    https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-grant#require-app-protection-policy

    70 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to limit CPU usage from the Host Process for OMA-DM Client

    We've noticed that our Autopilot (intune managed) pc's occasionally have CPU spikes during the day at seemingly random times (probably based on the Intune scheduled tasks for doing OMA tasks), those spikes in CPU usage are revealed to be due to the Host Process for OMA-DM Client.

    This can spike to over 50% cpu and when in conjunction with other CPU heavy tasks can reduce a modern i5 computer to... a slow computer. This is immediately noticeable as it will trigger a FAN to start, so users DO notice it, regardless of the performance degradation.

    Please give us the ability…

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Display phone number for Android Enterprise

    Phone number should be inventoried on Android Enterprise Dedicated and Fully Managed devices.

    125 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  7. Android Dedicated: Block device use until all APPs and Settings are applied

    We need an option to asing required APPs and Restriction to Android devices and dont let to be use until all its applied. ( Same as Autopilot has)

    For example when we enroll a Android Dedicated Device it take 10 - 15 minutes until Dynamic Groups are updated and the device sync again with Intune so APPs or Restricctions came after that time. Its important to have all set before users can use them.

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow iOS devices on DEP to change their device name even template is applied at enrollment.

    We are using a template or all devices would be called iphone or ipad but we also want to allow users to change name on their devices. Everytime we do change the name from phone, it gets reverted back automatically.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  9. Complete and publish Windows Autopilot Companion Application for White Glove on AppStore and Google Play

    Microsoft needs to "productize" the Windows Autopilot Companion application Michael Niehaus created. When technicians see the QR code, they need to be able to use an official Microsoft Application to assign the user or rename the machine with Android or Apple phone. At this point, the QR code is shown but can't be used for anything and it feels incomplete.

    Microsoft, please make it happen.

    https://oofhours.com/2019/11/26/windows-autopilot-companion-app-
    updated-to-support-editing-the-computer-name-and-group-tag/

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support configuring "MAC randomization"-attribute for Android 10+

    The Android 10+ default setting for new WiFi-neworks seems to be "MAC-randomization = enabled" to prevent tracking across public WiFis.
    This setting should be changeable for Intune-configured networks to keep the network functional with MAC whitelisting-rules in your WiFi-configuration.

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. Intune - Change automatically Device Name after enroll device

    In other MDMs (such as WSO), we can modify the configuration so that when a device is enrolled, the device name is automatically modified, for example <enrollmentuser> - <OS> - <SerialNumber>. This functionality is calle Friendly Name. We need to do the same in Intune.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. Monitor: Encryption Report should include which Encryption method the device is using (128 or 256)

    Currently, Encryption Report under Device > Monitor does not include Encryption Method. It has Device Name, OS, OS Version, TPM Version, Encryption Readiness, Encryption Status, and User Principal Name.

    Please add what type of Encryption Method it is using.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  13. unable to use edge unless signed in

    would like the policies to be applied to the device and they arent unless the user is signed into the browser, I want the ability for the user to be forced to sign in so that they get the policies sent to the browser for management

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Restrict/Disable VPN from all Mobile Phones

    Description: There is requirement to Restrict/Disable VPN from all Mobile Phone/Tablet Devices via MS Intune Currently we create compliance policy for restricted apps which is having limitation of 100 apps per policy

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. separate Accounts from Windows Hello in Settings

    separate Accounts from Windows Hello in Settings

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support deployment of Progressive Web Apps with Intune

    With the new Edge browser, it would be awesome to support PWAs for enterprise application deployment via Intune.

    122 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Apps Policy Set to include Apple VPP Apps

    I understand the App Policy Set feature is in preview. During the course of selecting apps I noticed that synced VPP apps don't show up in the list. Is this omitted for technical reason or just something that is overlooked? I've read other users raising similar issue with Android apps too.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add Intune RBAC table (or similar) to docs

    I can't find detailed information in regards of each permission in Intune. The "Intune RBAC table"-document is out of date, but similar information such as that is what I'm looking for to have in the Intune Docs.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  19. 30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Always on VPN - Add the ability to configure interface metric in profile xml

    When deploying a VPN connection using Intune, there is no ability for us to configure the interface metric either in the device configuration profile GUI or in a profile xml. The interface metric is set to "automatic".

    Please add the ability for us to configure the interface metric in the profile xml. In the rasphone.pbk file on the client Windows 10 device, this is the IpInterfaceMetric parameter. The default setting is 0, which is automatic.

    In many cases we need to change this to a specific value such as 1 in order to solve DNS registration and other issues. It…

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base