Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Is there any way I can setup the VPN Profile in white-glove itself then after the Reseal, device shipped to remote user. Then when the user

    Is there any way I can setup the VPN Profile in white-glove itself then after the Reseal, device shipped to remote user. Then when the user open up and at the time of network connection. It should bind the Home Guest network with VPN Profile and should connect to Office Corporate Network. Could you please think & provide me suggestions how to achieve this .This will help me the remote user with Hybrid Azure ADProfile setup

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  2. email profile for android device owner devices

    we need the option to deploy email profiles to android devices enrolled as "device owner" not only for "work profile" devices

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow HEX NetworkKey when setting up WPA or WPA2 wifi profiles.

    Currently when creating a WPA or WPA2 Wi-fi profile, the Pre-Shared key field only allows entry of 8 - 63 characters. HEX NetworkKeys are 64 characters long.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  4. Android Enterprise Fully Managed Wi-Fi Profile Support for WPA2

    Is there a plan to support the deployment of Android Enterprise (Fully Managed) WPA2 Wi-Fi profiles? It seems the policy can only support WPA.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  5. import pfx certificate

    With Airwatch MDM and BES12/UEM MDM, you can create a configuration profile where you can easily import a pfx certificate file that you can assign to your user and your VPN profile.

    With BES12 MDM, importing a pfx certificate is easy.
    https://docs.blackberry.com/en/endpoint-management/blackberry-uem/12_10/administration/jth1399034187513/amo1418143666469/sending-the-same-client-certificate-to-multiple-devices/ake1371674383366

    Intune does not have this capability. https://docs.microsoft.com/en-us/intune/protect/certficates-pfx-configure

    Intune wants to integrate our domain ADCS/PKI services which is a bit of work and too complicated.

    Can this be way of importing pfx certificates be developed for Intune?

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  6. Get custom settings for Android Enterprise Fully managed/Dedicated Devices

    Would be great If I could configure Custom wifi profile with Username password same way we can do for Windows and Android Work profile.

    We have Zebra Devices and OEMconfig does not give this option either, but everytime there is a new option in Zebra OEMconfig we need to a new Version of MX, which already most of our devices (even if pretty new) still cant have the latest version.
    So if that would be possible to have on Intune side it would be great.
    Thanks

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  7. Default to computer name for Intune Certificate Connector name

    When adding a new Certificate Connector for Intune the new connection is given a very opaque and uninformative name. It would be more useful to default to something like the underlying computer name to make it clear where the connector is installed. This information does not appear to be surfaced through the Intune blade in Azure.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  8. Detect AD CS during Intune Certificate Connector installation

    The Intune Certificate Connector is not supported for installation on the same server as is running an AD CS enterprise CA. This being the case, it'd be nice if the installation would detect this scenario and block installation or warn the user.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  9. Event log name conflict with Intune Certificate Connector

    The Intune Certificate Connector service creates an event log on startup titled "Microsoft Intune Connector". Unfortunately, due to limitations in the .NET API used to create the event log only the first 8 characters are significant. This results in an installation failure if another log already exists at the top of the "Applications and Services Logs" hierarchy which begins with "Microsof". An example of such an application is Windows Admin Center.

    As the service is started during installation the entire MSI installation will fail and needs to be cancelled. Even if the service was not started during installation, it would…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow to get information about enrolled certificates via Intune/Graph API

    There is an option to see enrolled to devices certificates via Intune portal and report this data to CSV. However it is not possible to get the same information using GraphAPI or PowerShell. There is a need to get this information using REST call or PowerShell.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. SCEP Profile - Devices - Allow DNS domain names that begin with a number

    When configuring a SCEP Profile for a device certificate, it is not possible to configure a domain name that begins with a digit (0-9).

    Working: {{AADDeviceID}}.one234.com
    Failing: {{AADDeviceID}}.1234.com

    The UPN and E-mail address attributes (with an @ at the start of the domain) are accepted as they should be.

    Confirmed with SCEP Device Profile for Windows and iOS. Assume Android will have the same incorrect input RegEx applied.

    Thanks
    Russell

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  12. wifi enterprise android

    Add support for Android dedicated devices Enterprise Wi-Fi configurations using PKCS certificates (machine or user based). Currently the only options for Wi-Fi on dedicated android devices is using WPA Pre-shared keys, this is not very enterprise friendy. Need to support EAP-TLS with PKCS certificates. Works fine on iOS, just not Android.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  13. Suppress notifications option for configuration profile updates

    Changes to a Wi-Fi profile on Android notifies our +4k BYODs, causing a 10% flood of questions to our helpdesk. Please give option to suppress this notification.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  14. Deploy Trusted Certificates to more cert stores like Trusted Publishers

    For Win10, allow certificates to be deployed to additional cert stores like Trusted Publishers. We need this to deploy a large number of code-signing certs.
    As of now only the Computer Root/Intermediate and User Intermediate stores can be selected to deploy a cert to. This is not flexible enough and will require us to create custom Win32 apps to deploy certs.

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. wifi profile Remember my credentials for this connection

    Can you add Remember my credentials for this connection each time I'm logged on. When I deploy Windows Wi-Fi profile I have to enter the user name and password every time I login. I use Wi-Fi enterprise type.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  16. Fix when adding other e mail

    If I have first set up my MICROSOFT management profile, it does not allow me to add other e mail profiles to outlook. When I type in my gmail credentials as an example and it gets to the screen that says “allow access” , it just hangs there and never processes. The only way to then add personal e mail to outlook is to completely delete the Microsoft management profile and wipe all e mail from my phone, then add gmail first before adding my work e mail. Every time I change my password for personal mail this happens. Please…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  17. Ability to remove cached user PKCS certificate stored in Intune

    We're using an Intune configuration profile to obtain a PKCS certificate for the user from an internal PKI as per the documentation at https://docs.microsoft.com/en-us/intune/certficates-pfx-configure.

    We have a problem where if the UPN on the user object is changed, Intune continues to push down the previously issued certificate with the old UPN. If the old certificate is deleted from the store via the Certificates MMC, Intune simply pushes down the old certificate again at the next sync.

    As far we can see, there is no way to force Intune to forget the previously issued certificate. The only way to do…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. Intune PSK Generator tool

    Previously i used Intune PSK Generator Tool for creating Custom Wi-Fi XML profile.

    I could not get the Tool now.

    How do create Android custom profile with Pre Shared Key.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  19. Check Point Capsule per-app VPN profile for Android devices

    Intune per-app VPN custom profile supports only Only the Pulse Secure and Citrix connection types as per the document https://docs.microsoft.com/en-us/Intune/android-pulse-secure-per-app-vpn

    Also Intune supports Check Point Capsule VPN profile, and it works perfectly.

    Please add Check Point Capsule per-app VPN profile for Android devices

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. Disable user notification for exchange on-prem access control

    Currently when we setup Intune connector for exchange on-premise, we can enable conditional access to require devices accessing exchange to be compliant.

    We have configuration option to modify the user notification message when the device is not compliant, but we do not have a way to disable it. This feature is likely borrowed from the default device access rule in exchange admin center that blocked device will receive a user notification asking the user to enroll the device.

    But the notification can be annoying and even after enrollment user will still receive this user notification for some time. It would…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base