Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Please allow DEVICE groups to be used for available (Include/Exclude) apps.

    In some cases we need to limit based on devices, rather then user groups.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Single App Mode for fully managed enrolled devices

    We would need the possibility to assign one app as a single app mode on a personalised fully managed enrolled device which restricts the app to be locked on the screen when it is opened, so you can't exit the App without a passcode.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Automatically download Language Experience Pack during OOBE

    I would love to see automated language experience pack down during the OOBE, firstly to provide the OOBE in localised language and secondly to make this available before the user get to the desktop.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. windows update option in autopilot and white glove process

    would like to have windows update option in autopilot and white glove process after connected to the internet network step.

    the reason is because when the vendor ships the device, sometimes the patch version has some autopilot bugs and requires IT to manual patch it via removable device and restart before proceed with autopilot and white glove process.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improvement in MDM Diagnostic Information Report

    Hi Team, I have noticed that MDM Diagnostic information report generated from a Client PC to check what all policies are configured. It doesn't displays all the values configured in Intune. Opened a case with Microsoft and they told me that it's like that only which is a bit of issue from L0\L1 level troubleshooting point of view. Attached screenshot for same. if this can be improved to display all policies client is getting from Intune.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  6. Apple VPP Apps - Display License type in assignment summary

    Currently, it isnt possible to see the license type of an Apple VPP sync'ed app without drilling into the Assignments and choosing "edit".

    Assignments and License type

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Please allow for renewal of VPP tokens without having to redeploy everything from scratch.

    Currently when your VPP token expires, you get an updated one from Apple, upload to Intune, delete the old token, and then you have to go through and re-deploy every single application tied to VPP, when a simple update of the token is all that is needed.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Access

    So the access that I allowed into my phone is only for work related apps? They will not be looking into my contacts, text messages, pictures, or any of my social media accounts? Only asking because I don’t feel my private life should be subject to anyone else’s viewing other than myself!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Apply Updated Powershell Script Only to Newly Enrolled Devices

    We have scripts we want to update where the updated script only needs to be run on a go-forward basis, not retroactively for all assigned users. Currently we have to build groups to handle this condition manually, which is not ideal. Jamf has the concept of applying a configuration profile only to devices moving forward when you make an update to a policy. It would be nice to have this option for Powershell scripts rather than having them re-run on every machine whenever the script gets updated.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  10. Crash reporting as part of endpoint analytics

    Crashes (Blue Screens, etc) aren't currently surfaced centrally in the reporting section of InTune.

    It would be useful to have a view across all endpoints about common crashes to help better manage software rollouts and updates.

    This is like the Startup Performance remediation, except it's User Quality of Experience instead.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  11. ASR Rule "Block persistence through WMI event subscription" missing

    The ASR Rule "Block persistence through WMI event subscription" can not be configured via Intune.

    Not via the "Devices | Configuration profiles" nor via "Endpoint security | Attack surface reduction"

    However, this is advertised in Windows Defender ATP, Microsoft Secure Score, and docs.microsoft.com

    https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction#block-persistence-through-wmi-event-subscription

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add Scopte tags to DEP profiles

    For one DEP token, i have multiple profiles for different teams (each teams will be responsible for one profile)

    We want to delegate the profile assignement to these teams.
    I want to limit their visibility to their profile, to avoid errors and misconfiguration.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Role-based Access Control (RBAC)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Feature Request Android - Corporate-owned, fully managed user devices - Password Prompt

    When using fully managed user device enrollement profile and selecting a device configuration profile for android with device restriction policy. The password option does not make a promp on the device as it not a option. This is needed and a must have option. now users have to set a passsword themselfs to mark the device compliant.

    https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-android-for-work

    Device Owner devices will not be prompted to set a password. The settings will be enforced and you will need to set the password manually. The policy enforcing this will report as failed until you set the password that meets your requirements.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  14. Last iCloud Backup

    I'd like to see the Date of the last iCloud Backup.
    My company need this information for checking if every phone is doing its iCloud Backup.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. Disable (Windows) Apps

    Currently, when I do not want a Windows App to be deployed to Windows devices, but I do not want to delete the App, I have to remove the Assignments.
    If I want to deploy the app again someday in the furture, I have to add Assignments again (we have assignments based on user groups and sometimes, there are a lot of them that needs to be added again).

    I would be nice to just have a Disable option, so it will not be deployed anymore, but I do not have to configure anything.

    Thanks.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Samsung KME API for Intune

    We are in the process of moving to Android Enterprise in Intune and have stumbled across a number of issues. One of them is not being able to effectively separate AE DO devices to AE Kiosk mode device, due to using dynamic device groups.
    This is mostly to do with the device types being the same for both the standard and the kiosk build. There is no identifier that can be used to distinguish between the two if using dynamic device groups.
    The only possible way to do this is to manage the kiosk devices manually via an assigned group.…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  17. Selective wipe displays inaccurate device names.

    Selective Wipe request does not display the device's name correctly even though the device is protected with Windows Information Protection and is currently enrolled in Intune. It would also be quite better if administrator is provided the ability to remove stale devices in the list. Intune seems to keep old devices in the list even if the device name was repeated multiple times. This makes initiating Selective Wipe requests to devices more difficult.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add Managed Devices App Configuration as an option to add to a Policy Set

    Within Policy Sets, there is no ability to add an App Configuration policy for Managed Device Application Configuration. The only option currently is Managed Applications. It would be nice to be able to create custom policy sets around our MDM devices.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Automatically Set Time Zone Based on Location

    Currently there is no completely free and easy to use way to set the time zone for a machine automatically, specifically a machines belonging to a multinational Organization. Currently the best alternative is to push a script to a device that uses API's from Azure Maps, Google TimeZone, etc. Most these have a limit to how many free calls can be completed a month.

    Can some sort of solution be built into Intune that you can check mark to set time zone based off location of device?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  20. Configure Trusted Sites in Edge Chromium Via Intune

    We need to be able to set Trusted Sites in Intune. Lawyers do not like having to click to trust a website's Security Certificate; they call the HelpDesk every time, Even if they have been to that page a hundred times. Right now Intune's OMA-URI settings only work with IE, we need it to translate to Edge Chromium as well.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 149 150
  • Don't see your idea?

Feedback and Knowledge Base