Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support Apple User Enrollment on Mac OS

    User Enrollment for iOS is great for BYOD. As the platform MacOS supports this feature too we'd love to see this feature to be supported in Intune as well.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. Implement institutional recovery key (IRK)

    Please implement the ability for Intune to deploy and control institutional recovery keys.

    https://support.apple.com/en-us/HT202385

    Personal recovery keys are not enough for enterprise.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. Support Multi-Factor Authentication when enrolling via DEP

    MacOS Catalina appears to now support web form sign-in during DEP enrollment: https://developer.apple.com/documentation/devicemanagement/accountconfigurationcommand/command?changes=latest_minor

    This may allow us to provide an onboarding experience more closely aligned to AutoPilot - ideally, user would be able to complete account recovery setup and MFA setup during DEP enrollment as opposed to what we have today: basic auth without support for MFA.

    For customers who rely exclusively on Intune for MDM, this makes onboarding a bit more difficult and may dissuade them from using DEP enrollment altogether with the absence of support for MFA.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. Deploy and manage macOS Office 365 updates

    Please add the capability to deploy and manage updates to Office 365 (Word, Powerpoint, Excel, etc) on macOS devices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. USB Connection Restriction Policy for MACos

    Like the Windows 10 policy set a restriction for the MACOS. Apple Configurator has the restriction available in policy, "Allow USB drive access in Files App". Just please add to Intune options.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Company Portal should update macOS app installation status instantly and not wait for 8 hours for the synchronization to occur

    Company Portal should update macOS app installation status instantly and not wait for 8 hours for the synchronization to occur.

    When our Printix Client software is installed via Intune on macOS computers, it remains in the download state for up to 8 hours after the software has been downloaded and installed.

    This is confusing to the Company Portal user.

    https://manuals.printix.net/administrator/topic/how-to-deploy-client-for-mac-with-intune#troubleshooting

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Mark OSX Devices as Non-Compliant when dis-enrolled from intune

    Currently devices show as compliant even several days after disenrollment from intune. According to support it is currently not supported to mark these devices as non-compliant despite the compliance policy. This is a basic function of an MDM solution.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  8. Deploy DMG and APP also (Not just pkg)

    It would be great to be able to Deploy DMG, and app, maybe even scripts, Like for Teamviewer deployment.
    I'm pretty certain most options were available in SCCM.

    Thanks

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  9. add support for DMG and scripts for MacOS

    LOB is more than pkg files, please add support fro DMG and scripts

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add option to set macOS FileVault ShowRecoveryKey to False

    Currently when FileVault is enabled with an Intune configuration profile the user is shown the recovery key and instructed to "save this recovery key and keep it in a safe place."

    This is undesirable as there is a chance the user may not store the key safely. Instead, the preference is to not show the recovery key to the user after FileVault is enabled. If the recovery key is later needed the user can retrieve it from Intune Company Portal website (or IT help desk).

    To accomplish this the ShowRecoveryKey option in the com.apple.MCX.FileVault2 payload must be set to False.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  11. Manage Microsoft macOS Office app settings via Intune

    Want to be able to use Office 365 tenant or in Intune to set macOS Microsoft Office app/user controls rather than using our MDM to adjust the client via script or profile .
    Like it works for iOS aps

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support macOS Device Configuration Profile for Exchange Web Services (EWS)

    Please add support for macOS Device Configuration Profile for Exchange Web Services (EWS). (Email) and include:
    * Username attribute from AAD
    * Email address attribute from AAD

    The payload is very similar to the iOS Device Configuration Profile for Email.

    https://support.apple.com/en/guide/mdm/mdmd86788a3/web

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Restrict access to certain system preferences on mac

    We need the ability to restrict what System Preferences can be opened on Mac OS through a configuration policy. This can be easily done through Airwatch but I see no options available through Intune.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. MacOS/AzureAD password sync for enrolled Macs

    Jamf Connect, OneLogin and JumpCloud now offer some sort of MacOS password sync capability for O365/AzureAD credentials (via SSO or a desktop agent keychain overwrite).

    These services also offer the ability to disable sudo/admin rights on MacOS, which would be a game changer if Intune offered that functionality.

    We pushout Intune profiles via DEP, and although we have the ability to rotate passwords, we have no way of authenticating local Mac passwords with AzureAD. If a user becomes locked out, we have to walk them through manually recovering their password via the recovery terminal.

    Reseting their password in AzureAD could…

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. Manage Google Chrome on MacOS (Bookmarks, Home Page, etc.) like Windows

    Need to be able to manage Google Chrome on MacOS (Bookmarks, Home Page, Extensions, etc.) just as we can with Windows. Currently we configure all of these settings via the ADMX inject and URI parameters on Windows 10. We also have MacOS devices but we cannot currently do the same.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enroll Mac without Company Portal

    Would be much easier to enrol Macs without the Company Portal app and just enrol Macs using a Profile (Similar to the Apple Configurator enrolment, but for the Mac.)

    Would be easier for those that need to enrol a Lab of Macs that don't have DEP or needing to install Company Portal on every single one manually.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. When sharing an iPhone contact that has Custom Labels, custom labels do not save

    The format of the contacts saved through a corporate account on an iPhone does not work with iOS (according to Apple support) and causes custom labels to be lost when sharing the contact with another iPhone user.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. |/*

    bplist00Ŗ ¬ -"#$%&'#()*+ BuildMachineOSBuild CFBundleDevelopmentRegion CFBundleExecutable CFBundleIconFile CFBundleIconName CFBundleIdentifier CFBundleInfoDictionaryVersion\CFBundleName CFBundlePackageType CFBundleShortVersionString CFBundleSupportedPlatforms CFBundleVersionZDTCompiler DTPlatformBuild DTPlatformVersionZDTSDKBuildYDTSDKNameWDTXcode\DTXcodeBuild LSMinimumSystemVersion NSHumanReadableCopyright]NSMainNibFile NSPrincipalClassV18D39aRen^Install SetappWAppIcon com.setapp.InstallSetappS6.0TAPPLV1.18.7°!VMacOSX "com.apple.compilers.llvm.clang.1_0U10B61RGMU18B71[macosx10.14T1010U10.10o 5 C o p y r i g h t © 2 0 1 8 S e t a p p L i m i t e d . A l l r i g h t s r e s e r v e d .XMainMenu]NSApplication 9 O k Ä ď ¶ Ľ Ř Ť Ģ 8 J U g { Ü ź ė • ĺ Ŕ Á ķ 6 : ? F H O t z…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Company Portal app (Mac) should run in background

    On a Mac, the company portal app needs to be running all the time to be useful. But it's not designed that way - it runs like a normal app. You can close it, and it goes away. This leads to frustrating problems with the computer being out of compliance, and the user not having any idea.

    Apps like this which need to run all the time should "close" but stay running in the Finder's taskbar. Like OneDrive or a virus scanner.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Company Portal app (Mac) should run in background

    On a Mac, the company portal app needs to be running all the time to be useful. But it's not designed that way - it runs like a normal app. You can close it, and it goes away. This leads to frustrating problems with the computer being out of compliance, and the user not having any idea.

    Apps like this which need to run all the time should "close" but stay running in the Finder's taskbar. Like OneDrive or a virus scanner.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base