Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Set IntuneMAMUPN When Deploying App Protection Policy

    Automatically set the value "IntuneMAMUPN" to {{UserPrincipalName}} when deploying an App Protection Policy to managed devices. Without this setting, The policy is not enforced properly in apps that are targeted by the protection policies. It currently must be done in a separate App Configuration Policy (you have to create a policy for every single app).

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  2. MAM "Encrypt Org Data" requires Device PIN on unmanaged device for custom apps

    In the BYOD scenario, when we require "Encrypt Org Data" as per https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-ios#encryption in the app protection policy, we see a different experience for iOS Store Apps versus custom LOB apps which have been wrapped with the Intune Wrapper.

    For iOS store apps, an App PIN is sufficient to satisfy the "Encrypt Org Data" requirement. This is the desired user experience as the controls are only applied to the application.

    However for custom LOB apps, Intune also prompts the user to set up a Device PIN to satisfy the "Encrypt Org Data" requirement. This is not the desired user experience…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  3. There is no Microsoft 365 admin app in Conditional Access & Intune App Protection.

    The Microsoft 365 admin app isn't in the Intune App Protection & Conditional Access app, so we can't apply policies.

    When will the app be added to the policy?

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  4. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Microsoft Intune - Data Leakage policy is allowing to download and save documents to iCloud. Need an option to block saving to iCloud.

    Microsoft Intune - App protection policy is allowing to download and save documents to iCloud. Need an option to block saving & downloading organisation data to iCloud.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Block Windows 10 Device Access to Corporate Data Based on Operating System Edition (e.g.Home, Professional, etc.)

    Block Windows 10 Device Access to Corporate Data Based on Operating System Edition (e.g.Home, Professional, etc.)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  7. "Block Screenshots Windows 10 Desktop"

    "Block Screenshots Windows 10 Desktop" we have the option for Windows 10 Mobile, but not for Windows 10 Desktop, the idea is block screenshot, screen captures and print screen in a general way, like ScreenWings that is a Anti-screenshot solution, but a Native way, Maybe we can add this to App Protection Policies for Windows 10 Desktop.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  8. add an option in the policies to select apps based on the category

    Please can you add an option in the "app protection policies" to select apps based on the category, rather than having to get the app bundle ID for each app.

    This will ensure any new app we categorise as say "Company use" automatically is part of the policy and prevents data sharing, or human error.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Use the same broker app for Android and iOS when using MAM+CA

    If we use MAM and CA, we have to use MS Authenticator as anchor app for iOS, where as Intune company porta should be used l for the same purpose on Android.

    We would like this to be simplified. Since we are not using Intune MDM and are only focusing on MAM policies, why cant we use the same app for both platforms ?

    We have heard that Apple doesn't support use of company portal due to their proprietary architecture / sign in data sharing between apps.
    As such, Intune company portal may not be the right app for MAM…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Conditional Access Policy "Require app protection policy" support for Teams mobile app

    Support Microsoft Teams mobile app for use with 'require app protection policy' access control in Conditional Access policies.

    Currently only OneDrive, Outlook, Cortana, and Planner are supported.

    https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-grant#require-app-protection-policy

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Dynamics 365 Remote Assist in App Protection

    Dynamics 365 Remote Assist should be available in App Protection policies just as MS Teams and other Microsoft applications

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Encryption should not happen for client logs

    If app has capabilities to write client logs to local storage and send to developers via email apps, There should be way to not to encrypt client log file when "Encrypt org data" policy is enabled. Otherwise if customer sends client log files those are encrypted logs and that wont be useful for developers.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Camera app does not work in Yammer when app protection policies are applied

    Confirmed by Microsoft Support (#19970488) the camera app does not work in Yammer for Android when app protection policies are in place.

    Works fine when policy is removed.
    Send & receive org data to other apps = policy managed apps
    Apps to exempt = com.samsung.android.video, com.sec.android.app.camera

    The same policy works fine in Word but when trying to post in Yammer and selecting "take a photo" the camera launches and takes a pic, then crashes

    "This issue is a known issue as we confirmed with our internal team but any client did not posted it on User voice so far."

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  14. MFA authenticator app should either support MAM policies or device Pin enforcement

    what good is MFA if the user does have a pin on their phone?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  15. remove devices enrolled in App management only from the admin portal.

    The only option that we have currently is to remove company data, however the device entry would remain there which would be visible only when you visit the admin portal and navigate to Device>Manage Devices.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Protection for Teams desktop app

    Need to have the option to protect Teams for unenrolled devices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  17. When using a Microsoft Edge, we want MAM to implement a function inhibits uploading a data of corporate area to a personal area.

    [What we want]
    1.We can upload a data of corporate area from OneDrive for Business to an in-house system within Microsoft Edge.
    2.Do not allow to upload a data of corporate area to a personal area.
    3.To separate a corporate area and a personal area,do not configure the Whitelist URL within Microsoft Edge.

    If Microsoft Edge and OneDrive for Business configured as target apps of same app protection policy, I can upload organization data files to personal Google Drive by doing the following.
    After logging in to Google Drive on the Microsoft Edge app, press "PC version" from the menu…

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  18. the ability to automatically add new apps to a default app protection policy

    Request: create a system to automatically add new apps with App Protection policy support to an existing policy. If multiple policies exist nominate a policy as default where app new apps are added.

    My org has a policy that mandates apps should be in a policy as it enforces DLP controls. When the MS Office app was released it was usable for a short period of time without a app protection policy allowing some scenarios where data could be uses in a non policy compliant way.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  19. App Protection Policies should also apply to guest accounts

    Hi,

    we noticed that App Protection Policies are not applied to our guest user accounts.
    This would mean, that we have to either monitor our data within Cloud App Security or block access to mobile apps for guests entirely.
    That not how collaboration should work :D

    If there is similar idea, please feel free to comment. Thanks!

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow Visual Studio Code to be added to Intune App Protection policy.

    Would it be possible to allow Visual Studio Code to be added to the Intune App Protection policy?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 8 9
  • Don't see your idea?

Feedback and Knowledge Base