Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Set computer name via script, or more advanced options

    During enrollment, a computer name is currently created with a template that may or may not contain random characters, or the serial number. That template is limited.

    It would be helpful to use a script to set the computer name, or more advanced options, to set the name.

    It doesn't make sense to change the name after the device has been enrolled, and is more difficult following a hybrid AAD join.

    For example, our infosec team has strict requirements for computer naming for quick discovery during investigation: Device type (Desktop/Laptop), State, Location, and serial number.

    This can be accomplished via…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Disable Reboot for "Device Restrictions" Profile Deployment

    During an autopilot setup, if there is a "Device Restrictions" profile assigned, it will reboot the device to the login screen and the user must login again in order to complete the User ESP. Please make the reboot happen after the User ESP or preferably don't make the reboot happen at all. That way the user only has to sign in once.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Data copy tool for replace scenario

    Data copy tool for replace scenario
    We understand that MSFT recommends using One Drive for Business for this purpose. Yes, It works for most of use cases but not for all (use cases of restricted data). In the past, MSFT had Windows Easy Transfer tool but that is not available now. We need an simple GUI utility tool for transferring user data from one computer to another (assuming both computer are available in network). Tool should have capability to click and select folders, PST, IE, Edge, Chrome favorites, mapped network drives, printers. This tool will be operated by the end…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. prevent the autopilot device name template from setting the same name more then once

    These settings in the deployment profile will result in multiple machines having the same hostname
    Apply device name template
    Yes
    Enter a name
    W10-%RAND:4%

    For instance W10-0001 will be assigned to multiple laptops.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Full Zero touch: Add Wifi config in the Autopilot profile

    As of today, October 16th 2019, the end-user has to connect manually to the network if using Wi-Fi during the Autopilot deployment process. This has many caveats where inefficieny, security and breaking the later configuration for Intune Wi-fi profiles with certificates if using the same network as during setup.

    Please include the option to apply Wi-fi configuration using certificates during the onboarding process vi

    See reference:
    "For devices with an Ethernet connection, no user interaction is required; for devices connected via Wi-fi, no interaction is required after making the Wi-fi connection (choosing the language, locale, and keyboard, then making a…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. AutoPilot Support for Windows 10 IoT Enterprise LTSC

    We're in a situation where we need to use Win 10 Enterprise Iot LTSC for a Kiosk deployment. We can't use self-deploying profiles because of a TPM device attestation bug in 1809 so we must use user-driven deployment, but we can't because of the lack of DEM support for AutoPilot. Rendering AutoPilot completely useless in our scenario.

    Support for Windows 10 IoT Enterprise LTSC is surely a must have!

    Allowing DEM support for Autopilot:
    https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/37411972-allowing-dem-support-for-autopilot?fbclid=IwAR3kRRCaCq7J9oqkduOW2yvA4Bku3avDPRDaRk0PsqmDySNf8Vk8r5DaEqk

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Install Intune Apps through PowerShell script or API (GraphAPI) or any other

    This will help admins with AutoPilot and having control of what gets installed in what order plus have full control of the deployment.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. export you managment log files to the cloud instead of local disk

    Please allow the export of managment log of local pc logs from the console to the cloud or even to the azure portal device page.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support B2B/Guest identities within Intune and Autopilot

    Add in support for using B2B/Guest accounts from another tenancy within Intune and also Autopilot. Currently, if I invite an identity from another tenacy and then take that identity through Autopilot, it fails with "Something went wrong. That username looks like it belongs to another organisation. Try signing in again or start again with a different account". I've read that Intune doesn't support B2B/Guest identities. Please support B2B/Guest identities for Intune and Autopilot.

    Thanks

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Please provide us options to create local account during or after OOBE of Window AutoPilot​

    I would like to see the option to create local account during or after OOBE of Windows AutoPilot.​
    In current design of Autopilot profile, local account will not be created.​

    I tested OOBE in Autopilot profile which configure Hybrid Azure AD join.​
    OOBE was done successfully, however, the account could not access domain controller and could not sign in, due to network issue.​
    I could figure out the cause of this problem was network problem and fixed it, but this issue is very inconvenient when users are in a hurry for setup.​

    It would be great if we…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enrollment Status Page required app install behaviour

    Currently if you specify blocking apps within the Enrollment Status Page and there are additional required app deployments there is no way of ensuring the blocking apps are installed before any additional ones. It would be good to change this default behaviour

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Filter on Group Tag Windows Autopilot

    I use Group Tags for automatically assigning multiple Windows Autopilot Profiles on HW Hash Upload - Currently I can filter on Model and Purchase Order, but I think it would be useful to filter on Group Tag also

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Applying WDAC (Windows Defender Application Control) policy should not force reboot after 10 minutes

    If one have a configuration profile that actives WDAC (Windows Defender Application Control) on Windows 10, it will break the Enrollment Status Page flow during the AutoPilot process, forcing a reboot after 10 minutes before everything has been applied, leaving it in a state which is far from optimal, and impacting the user experience in a really bad way.

    The AutoPilot process must deal with this type of forced reboot, especially since the usage of WDAC is increaing across organizations.

    75 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Multifactor Unlock configuration to WHfB Windows enrollment options, Security Baseline and CSP.

    Our Info Sec team won't allow PINs for WHfB unless we use Multifactor Unlock. Currently this cannot be configured in Intune except perhaps by an ADMX backed custom CSP. This needs to be added to the WHfB configuration pages for Windows Enrollment, the Security Baseline and Identity Protection Profile type in Device configuration profiles.

    Here is the documentation on the GPO that needs to be translated. https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock#create-the-multifactor-unlock-group-policy-object

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to deploy with Intune autopilot in self deploying mode to Azure AD Hybrid

    Now, when you select "Self Deploying" the "Hybrid" drop down goes away. We'd like to do self-deploying + Hybrid at the same time.

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Deploy Apps and Configurations during autopilot process only

    If converting existing devices to autopilot, it would be great to have only certain configuration policies and application deployments to only apply during the autopilot process,

    At the moment, if I try to convert existing devices to autopilot and then use the standard dynamic all autopilot devices group, existing devices receive policy, which is dangerous for policies such as domain joining (hybrid).

    Same thing applies to newly built devices via autopilot, any changes to the existing profiles get applied to existing machines.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow individual assignment of Intune AutoPilot profiles for devices added from the Partner Portal

    When I add devices for AutoPilot via the partner portal, the AutoPilot profiles that have been set up in Intune are not available for assignment. At the moment, it seems that, because Intune AutoPilot profiles are assigned via group, the profile doesn't get automatically assigned to new devices until after it has been enrolled (especially if using dynamic groups) which means that settings such as device name don't apply until the machine is rebuilt.

    Please could we either have the ability to assign Intune AutoPilot profile when we import it into the partner portal,

    or

    Please could we be allowed…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Additional functionality on "Windows Autopilot devices" is needed

    All the properties of a device listed in "Windows Autopilot devices" should be available in the exported report and not just the 6 columns that are displayed on the Azure Portal.
    Also ability to search with device name would be useful.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow using a FIDO2 key for Windows Autopilot provisioning process

    Currently it seems at the Welcome screen of a machine setup for Windows Autopilot we can't use a FIDO2 key to login, however the Authenticator passwordless feature works. Tested out the new fast ring Insider Build .ISO images and haven't seen the ability to initiate the process with a FIDO2 key, only the ability to use the key at the normal login screen. I hope for this to be added soon for further testing with FIDO2 keys, also when it is added allow the Autopilot wizard to prompt for which Azure AD account you want to provision the machine with…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support for Federated Domains with Windows Autopilot

    At present when using Windows Autopilot, a user on a federated domain is unable to sign in to complete the set up. However domains that aren't federated are supported. With this in mind, please can support be added for Federated domains within Windows Autopilot?

    This feature would be incredibly useful in enterprise environements, where Hybrid Azure AD isn't an option.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base