Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. L2TP iOS VPN Support

    L2TP VPN has been supported in iOS for quite some time but it is not supported as a VPN in inTune. It would be nice to have it supported as a VPN so that I don't have to deploy a custom iOS profile.

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support for authMode in Windows 10 Wi-Fi profiles

    We need the support for the authMode setting in the WLAN XML schema to enforce machine only authentication for Wi-Fi profiles.

    WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1"><MSM><security><OneX xmlns="http://www.microsoft.com/networking/OneX/v1"><authMode>machine</authMode></OneX></security></MSM></WLANProfile>

    We are having to use custom OMA-URI profile to prevent Machine and User authentication.

    16 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to easily set Diffie-Hellman Group in VPN IKEv2 profile

    In the UK our organisation is required to follow NCSC (National Cyber Security Centre) guidelines for VPN profile configuration, specifically in our case the Foundation level configuration as outlined here:

    https://www.ncsc.gov.uk/guidance/using-ipsec-protect-data

    This requires us to set a DH Group of 14, which is not easily possible in the Azure portal GUI and would make life much easier for many others in the UK who are in the same position and who prefer not to use custom OMA where possible. Please could it be added as an additional option in the Base VPN section?

    15 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  4. use Cellular instead of WIFI in OMA-URI settings

    currently for cellular data setting, only "Data Roam" is available, we would like other settings like "use cellular instead of WIFI" in OMA-URI settings as well.

    6 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow us to configure Per-App VPN as below

    We are now planning to configure the service scheme as below:

    a) Multiple users will use one VPN service certification
    b) To configure VPN connection (Per-App VPN) for each apps are planned

    However, above configuration is not available at current Intune, and this situation force us to have tough Intune administration.

    Detail for the Intune setting at our environment.
    ----------
    a) is not available at VPN configuration profile (*1), so customer create mobileconfig at custom policy as a workaround.
    However, it is not available to enable this custom policy as a Per-App VPN (*2).

    If we are able to configure…

    36 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add ability to set network properties (Domain, Private or Public)

    For a cloud-only organization, being able to define on-prem networks as "private" would be a great add for Intune managed Windows 10 devices that are only AAD joined. This is utilized by Windows Firewall. Currently, a wired network in the office defaults to "public", which is not ideal.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  7. Per App VPN appliance

    Looking for Microsoft to develop a native VPN client for MDM managed devices. Ideally we'd like this in the form of Windows server or Linux appliance. This capability would allow us the ability to spin up infrastructure to support per app VPN capabilities

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  8. VPN only if no corporate Wifi

    It would be good to be able to configure a VPN profile in a way that it just activates/connects if the device is NOT connected via an (Intune-configured) corporate Wifi-profile.
    This feature was available in a former SCCM-Intune-hybrid-configration.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add support for Citrix VPN on Android Work Profiles

    Android Device Admin enrollment supports Citrix VPN, but Work Profiles do not. As we approach the release of Android Q (10.0), Device Admin will no longer be an enrollment option with full support from Google. Parity is needed here, especially considering that Citrix is one of the few options offering NAC.

    24 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add possibility to create an automatical Signature Email using fields present in Active Directory

    This request was arrived from an our customer, request was to have possibility on InTune to create automatically signature Email, using fields already present on Active Directory … We'd like create for iOS devices …

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. Re-Deploy Certificate individually to user or device

    Actually Intune doesn´t allow to force re-deployment of a certificate to a user or device once it has been already deployed during Enrollment Process. The only way to force a new certificate deployment requires or re-enroll the Device, change the Certificate Profile, in order to notify to Intune the need to deploy the new Certifiate Template or create a new Certificate Profile.

    All the solutions previously mentioned have implications, more than the assignment of a simple certificate, such as re-enrollment of the device or change Profile template to all the users asigned to the profile, not only the device/user that…

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  12. Revoke/Delete SCEP Certificates from Intune Admin Web UI

    I would like the ability to revoke/delete a SCEP certificate via the Intune web UI, without needing to retire the mobile device. Scenario: I republished my VPN profile multiple times, and each time new certificates were issued to the mobiles, without revoking/deleting the previously used certs. So now my Certificate Compliance Report includes extra, valid certificates, for each user (which aren't on the mobiles). This makes for a cluttered report.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  13. Profiles that use certificate based authentication should not be installed until the certificate is installed

    For configuration profiles that use certificate based authentication they should not be installed until the associated certificate is installed.
    We use certificate based authentication for e-mail using ActiveSync. This uses two different profiles; one is a profile with the e-mail configuration the other is a profile with the user certificate. The e-mail profile typically installs before the certificate profile, Once the e-mail profile is installed it prompts the user to enter their password. If they enter their password it uses their password instead of certificate based authentication.
    If we configure our e-mail profile to use certificate based authentication we need…

    25 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  14. Tell your exlsting Thailand

    Desprilnk at Thailand

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. hotspot

    We need the ability to configure the tethering & portable hotspot. Our staff use hotspots while roaming and at meetings off site. It would be nice for us to extend a standard hotspot configuration so that more than one user can automatically connect to a deployed hotspot. we could deploy this hotspot configuration to our Windows 10 laptops so there is no brain connectivity. With a corporate deployed password we would be able to fix our costs to our devices/staff usage only, no sharing passwords with 3rd parties.

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  16. Push configurations manually to selected devices

    Sometimes it is quite handy to have the option to push configuration/profile manually to selected devices (would be quite helpfull during issue - https://blogs.technet.microsoft.com/intunesupport/2018/09/15/known-issue-certificate-based-authentication-issue-with-pulse-secure-7-0-0-for-ios/ ).
    Other MDM solutions has that option, but with Intune you have to re-enroll device instead, or fake profile change to push it to all devices.

    14 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support for PKCS Certificates for Windows 10 WiFi EAP Authentication

    Currently Intune only supports SCEP user certificate profiles for client authentication within Windows WiFi Enterprise profiles.

    Including the ability to call PKCS-based user certificate profiles would bring Intune capability to near-feature parity with the group policy based equivalent.

    31 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. Alert when iOS certificates are expiring

    Notify admin when a certificate is about to expire on MDM services

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  19. Windows 10 Wi-Fi profile, missing settings

    Recently there came an option to add Wi-Fi network onto Windows 10 devices directly in the portal without XML., wonderful.
    I am missing some options, that is possible to set with the XML file that is not possible from the portal, randommac for example.
    <MacRandomization xmlns="http://www.microsoft.com/networking/WLAN/profile/v3">
    <enableRandomization>false</enableRandomization>
    <randomizationSeed>2437303395</randomizationSeed>
    </MacRandomization>

    8 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support configuring Cisco Anyconnect clients on Windows 10

    It works for mobile devices, but not on Windows 10.

    9 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base