Microsoft

Microsoft Intune Feedback

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos which you do not want to grant a license to Microsoft. See the “User Voice Terms of Service” link below for more information.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy email profile to Outlook for iOS/Android

    Instead of deploying a policy to configure the native email client, we need to be able to configure the (awesome) Outlook app

    1,561 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      98 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    • Add PowerShell support to manage the service

      It would be nice if PowerShell was supported to manage the service.

      731 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        14 comments  ·  Silverlight Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

        As we move away from the Silverlight console and into the Azure Portal, we can now provide you with a Graph API for Intune, similar to the APIs you may be using with other Azure services. The Intune Graph API enables access to Intune information programmatically for your tenant, and the API performs the same Intune operations as those available through the Azure Portal.
         
        For more information, see https://graph.microsoft.io/en-us/docs/api-reference/beta/intune_graph_overview
         
        Here’s an example of using PowerShell to call Graph API for Azure Active Directory.
        https://blogs.technet.microsoft.com/paulomarques/2016/03/21/working-with-azure-active-directory-graph-api-from-powershell/
         
        If automation was your main priority and you don’t care if it’s PowerShell or not,  I encourage you to move your votes away from this and onto other items. I’ve created a new Graph category so you can tell us what other things you’d like to see regarding Graph automation.

      • Windows 10 Upgrades (1511) via Intune

        The Windows 10 1511 Upgrade is not available via Intune. We use Intune as our Update Management platform (small business).

        I thought that the Windows update functionality in Intune should be like a WSUS in the Cloud. With peer-Distribution in Windows 10 and in Intune before it should be possible to not overload our Internet line.

        If this should not work by design then please Microsoft state clearly which of your products is designed for which Scenario.

        625 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          45 comments  ·  PC Management  ·  Flag idea as inappropriate…  ·  Admin →
        • Automatically deploy Intune PC Client for Azure AD joined computers

          Not entirely sure if this belongs here, or in Azure AD, however....

          From reading the documentation, it appears that the for Windows 10 Enterprise PCs, they can be managed automatically upon joining the Azure AD domain as mobile devices only.

          For corporate issued PCs, it would aid SMBs greatly if adding the Intune PC Client can be done automatically upon joining the PC to Azure AD. This would lower IT department's involvement in issuing new devices, so that company administration could just buy (for example) a Surface Pro and hand it to a new employee, along with the Azure AD/Office…

          515 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            22 comments  ·  PC Management  ·  Flag idea as inappropriate…  ·  Admin →
          • Push notification of user via sms, email or message on screen

            Abitity to warn a user via a custom notification via sms, email or message on screen.

            404 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              noted  ·  17 comments  ·  Silverlight Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
            • The ability to track all events/actions in Intune (Audit /Auditing)

              The ability to track all events/actions in Intune (Audit /Auditing). Basically the same as in the Azure Portal. Need to track who did what and when

              402 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                6 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
              • Extend MDM MSI deployment

                I would like the MDM MSI deployment (to MDM enrolled Win8.1+ clients) to be extended. Currently, only single MSI's are supported, I'd like this to include MSI's with .cab's, MSP files to patch installed MSI apps, and to be able to deploy .exe installers.

                386 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  18 comments  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →
                • 354 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    33 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                  • No option to enter a WiFi password when creating a WiFi profile with wpa or wep security

                    Pushing out an iOS WiFi profile that contains wpa or wep security is useless without a password. When I attempt to create a WiFi profile and select wpa (any type) or wep I does not give me the option to enter a password. We have WiFi password that is shared among multiple sites and we do not want to distribute it to employees so they can't use it to connect personal devices.

                    Every other MDM I have used has the option to enter a password.

                    Is this expected or is this a bug??

                    This may be a make or break…

                    336 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      26 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Manage iOS updates via MDM

                      Manage iOS updates via MDM. Apple has supported managing iOS operating system updates since iOS9 was released. Please add this functionality to Intune. Without the ability to manage the iOS updates we have no way to ensure devices are kept up to date and are adequately secured with the latest iOS security and bug fixes.

                      286 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        17 comments  ·  MDM - iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                      • Conditional access for on premise exchange and Outlook App

                        The below link was updated on the 17th of December. This still states that it is not possible with an on premise Exchange solution “The Microsoft Outlook app for Android and iOS (for Exchange Online only)”.
                        https://technet.microsoft.com/en-gb/library/dn818907.aspx

                        This is directly affecting our implementation of Intune throughout our organisation.

                        The Outlook App is used by many users and this would be blocked if we implement conditional access.

                        The business needs to know if this is going to be corrected in future updates or if we are going to have to look at alternative solutions.

                        Thanks

                        250 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          21 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                        • Geo-Fencing & Time-Fencing Feature

                          The ability to apply/remove policies based on location that could be Country, Subnet, or even Wifi Network. Also, apply/remove policies based on time. For instance, disabling Facebook while on working hours and enabling it back out of working hours.

                          239 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            19 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Software Inventory and Reporting

                            Today very limited reports exists for MDM, there is no report for software inventory on Mobile devices.

                            234 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              15 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Samsung Knox Mobile Enrollment

                              It would be nice if Microsoft Intune supported enrolling devices with the Samsung Knox Mobile Enrollment.

                              It would be great feature to help enroll Samsung Android devices into Intune Mobile Device Management.

                              204 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                6 comments  ·  MDM - Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
                              • Apple DEP with MFA Enabled

                                We have Intune included as part of our licensing with O365. Our company requires that MFA is enabled. This however does not work when using Apples Device Enrollment Program with Intune.

                                When a user has MFA enabled, when they are prompted for the username and password it is returned that the credentials are invalid.

                                We have tried to use an application password to work around this, however this does not appear to be supported either.

                                Ideally, as the enrolled DEP device is a known end point, while having MFA enabled, would it be possible to enable a logon to DEP/Intue…

                                202 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  9 comments  ·  MDM - iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                • Make "Managed Browser" a "Conditional Access" rule for accessing Azure AD App Proxy

                                  Many companies would like to make internal websites available to personal devices. Microsoft Intune has a managed browser app. I would be great if it could be set as an "Conditional Access" rule for some of the WebApps published using the Azure AD App Proxy.

                                  + a "Conditional Access" that could define whether to allow "Personale (BYOD)", "Corporate", (Both - Personale + Corp.) or "Unknown"
                                  Thanks to Adrian Hyde for the idea. Let's get the vote up

                                  This post is also related to Azure AD App Proxy post:
                                  http://feedback.azure.com/forums/169401-azure-active-directory/suggestions/9575541-make-managed-browser-a-conditional-access-rule

                                  174 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    noted  ·  9 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Deploy unique computer certificates using Intune/SCEP/NDES

                                    We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

                                    The story behind this idea is as follows:

                                    We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

                                    167 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Support for deploying App-V packages

                                      Right now people have to use the MSI packages generated by the App-V sequencer, rather than having native handling for the .AppV package format as SCCM does. This means that people have to resort to powershell scripting, or squeezing scripts into MST transforms in order to use App-V features such as custom configuration files or connection groups.

                                      Also the MSI packages are very unreliable since they were mainly created for test scenarios rather than live deployments - for example they fail to uninstall when an application is in use, and you have to remove the previous version manually before installing…

                                      166 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        noted  ·  5 comments  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Ability to choose/configure Email client (i.e. Outlook) within mail policy

                                        A menu that allows you to select the default mail app or the outlook client for the type of mobile device, perhaps once outlook is selected a selection of options appropriate to the application

                                        163 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          29 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

                                          Since this has a lot of moving parts we’d like to get more detail on this.
                                          1) • Do you want end users to be able to access corporate email only through Outlook app on iOS/Android/Windows10?
                                          2) • Do they want to block all email access from any other 3rd party or native mail clients on mobile devices?
                                          3) • Once the Intune mail profile goes down to the device – do you want to block the user from creating any manual profiles?

                                        • MAM support for OneNote for Android

                                          OneNote is a primary application in the Office Suite but deployment of a MAM policy is only supported for OneNote on iOS and not Android. We are forced to blacklist OneNote on Android as a result. Please provide MAM support for OneNote for Android.

                                          151 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            2 comments  ·  Mobile Application Management (MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 50 51
                                          • Don't see your idea?

                                          Feedback and Knowledge Base