Ideas
What features would you like to see?
All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.
Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.
-
Extend MDM MSI deployment
I would like the MDM MSI deployment (to MDM enrolled Win8.1+ clients) to be extended. Currently, only single MSI's are supported, I'd like this to include MSI's with .cab's, MSP files to patch installed MSI apps, and to be able to deploy .exe installers.
1,297 votesHere’s some more information about the public preview for Win32 app deployment.
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Sneak-peek-Public-preview-of-Win32-application-deployment-using/ba-p/264460And the video from Ignite: https://myignite.techcommunity.microsoft.com/sessions/64593?source=sessions#ignite-html-anchor
For those of you adding additional suggestions in the comments, please create them as new suggestions. When Win32 app deployment comes out of public preview, we’ll call this one complete and I don’t want your requests to get lost!
Thanks again for your support!
-
Push notification of user via sms, email or message on screen
Abitity to warn a user via a custom notification via sms, email or message on screen.
1,146 votesI can confirm that work on this feature is underway, but I don’t have any details to share about timing.
-
Add PowerShell support to manage the service
It would be nice if PowerShell was supported to manage the service.
1,076 votesWe haven’t forgotten that many of you want PowerShell to manage the service! I’ll update this thread when I have more information on that which I can share. In the meantime, here are a few things related to Graph that may be of interest to you:
November 2017 we released the Intune management extension, which lets you Manage PowerShell scripts in Intune for Windows 10 devices (https://docs.microsoft.com/en-us/intune/intune-management-extension)
We’ve announced that Intune APIs in Microsoft Graph are no longer in beta and are now generally available https://cloudblogs.microsoft.com/enterprisemobility/2018/01/31/intune-apis-in-microsoft-graph-now-generally-available/
At Ignite 2018, we demonstrate key automation scenarios using PowerShell, using Microsoft Graph APIs to simplify Microsoft Intune administration; and transitioning profiles, apps, and policies from a pre-production to production environment.
https://myignite.techcommunity.microsoft.com/sessions/64603Also, as of the Oct 29 2018 release we have a public preview for a new PowerShell module, which provides support for the Intune API through Microsoft Graph. More info…
-
Ability to choose/configure Email client (i.e. Outlook) within mail policy
A menu that allows you to select the default mail app or the outlook client for the type of mobile device, perhaps once outlook is selected a selection of options appropriate to the application
336 votesI can confirm this work is started. We’ll let you have more details about release when we have them.
-
Android for Work Device Owner mode
Is it possible to get Intune to allow Android for Work to be setup in Device Owner Mode? Possibly with the App and NFC "bump" to setup the config.
This possibly one of the requirement from within the NCSC guidance (https://www.ncsc.gov.uk/guidance/eud-security-guidance-android-6)
294 votesHi, if you caught our announcements at Ignite, we announced that we will support device owner mode for Android fully managed corporate devices. It will preview by end of year. Check out our EMS blog for more info
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-New-with-Microsoft-Intune-and-System-Center-Configuration/ba-p/262542
So we’ll call this “started”. :-)Also, we’ve been supporting Android kiosk mode since July.
-
Add firewall, AV, UAC to compliance policy
In Windows 10 1607 devicestatus.csp was extended to include support for AV, firewall and UAC status.
https://msdn.microsoft.com/en-us/windows/hardware/commercialize/customize/mdm/devicestatus-csp
However none of these features can be utilised in Intune compliance policies. We would like the ability to block access to corporate resources if AV or FW are disabled etc. Whilst Windows 10 device health attestation can check for ELAM this requires TPM 2.0.
As the Windows 10 product team has added these capabilities into the OS... please add them into Intune! Unlike configuration policies we cannot create custom compliance policies in order to take advantage of these features ourselves. Allowing custom compliance…
59 votesFor the release the week of Nov 6:
Admins can now configure the Firewall settings on a device using a device configuration profile
Admins can turn on firewall for devices, and also configure various protocols for domain, private, and public networks. These firewall settings can be found in the “Endpoint protection” profile.
https://docs.microsoft.com/en-us/intune/whats-new -
bulk enrollment (android)
At the moment we (IT) have to setup android devices manually and then get the user to enrol to intune.
This is proven difficult to managed and the enrolment rate is only %75.
is there a better way to pre enrol or bulk enrol devices ?
59 votesI can confirm this is being worked on now and should be delivered sometime this year.
-
add ability to view log files
Troubleshooting Intune is frustrating because admins can't see what is happening in the cloud. It would be easier if we could see detailed logs.
49 votesAs of the week of Jan 21, 2019, we have released a preview of operational logs, showing details on users and devices that enrolled, including success and failed attempts.
https://docs.microsoft.com/en-us/intune/whats-new#week-of-january-21-2019
We’ve had auditing logs for a while now.
Please check it out and let us know if it’s what you want. -
Report Customization
Possibility to create Custom Reports like SCCM
33 votesTake a look at our new Intune Data Warehouse feature – by integrating with PowerBI, you can create custom reports and dashboards. Does that get you what you need?
https://docs.microsoft.com/en-us/intune/reports-nav-create-intune-reports -
Deploy Mac VPP apps via InTune
Currently Intune only supports the deployment of iOS apps not Mac OS apps. To deploy the apps we need to rely on a separate MDM solution at a cost. We're looking to use InTune as a National solution (Australia wide) We have 100 Macs in our environment and they are becoming more difficult to manage.
26 votesI have to correct this status – we released VPP for iOS last spring, but MacOS VPP was not included at that time. We have fixed the error in the docs that made me think it was done along with iOS. However, I have confirmed that we have started this work and are eager to deliver it as soon as we can, like months, not years. I’m sorry for any confusion this caused.
-
Conditional Access for On-Prem Exchange with Outlook Mobile
Currently InTune treats Outlook Mobile as a separate device from the phone/tablet that it is installed on, so Conditional Access for OnPrem Exchange never approves it.
Given that InTune cannot selectively wipe email from Android, Outlook Mobile would be a great solution, if Conditional Access for On Prem Exchange worked.
Without it, we are forced to look for another MDM solution for Android Users.
25 votesAs announced at Ignite 2017, Outlook for iOS & Android will soon be fully powered by the Microsoft Cloud for hybrid Exchange on-premises customers. These updates will also provide support for management via Microsoft Intune, included in Enterprise Mobility + Security (EMS). This article outlines what the changes will provide for customers and how to apply to participate in the Technology Adoption Program (TAP) for this new architecture.
-
S/MIME encryption keys in Exchange profile for iOS
Currently Apple requires that the private keys are provided by the MDM system and must be included in the Exchange profile. Please add support for existing S/MIME private keys by an upload API function for the PFX files.
SCEP/PKCS profile is no option, because this would only generate new keys and not use the already existing keys of the user.
Thanks!23 votesI have confirmation from the program manager that this feature is in development. It should release in the next few months.
-
Better Management Options for the Managed Browser
1. Push bookmarked pages
2. Enable/disable the ability to edit bookmarks on a device
3. Allow and disallow sites from the same profile. For example, I only allow access to certain sites, but I want to blacklist a portion of the site without manually whitelisting everything else available on that site.
4. Option to disable navigation to microsoft site describing Intune. Our kiosk device users don't need that info.8 votesThis is really 4 requests in 1, so hard to get to “complete”. Today we released support for using policy to configure the default home page, which you didn’t ask for, and to configure bookmarks, which you did. So I will call this started, even though this is only for Android right now. iOS will come later.
https://docs.microsoft.com/en-us/intune/app-configuration-managed-browser -
Derived Credentials & CAC/PIV
As U.S. Government agencies establish plans to embrace mobile devices as alternatives to traditional desktop computers, special consideration must be given to ensure compliance with HSPD12 / FIPS 201 Personal Identity Verification (PIV) requirements. As such, NIST specification 800-157 outlines how PIV identities can be implemented and deployed directly on mobile devices. The mobile PIV credential is called a Derived PIV Credential.
6 votesI have confirmation from the program manager that this is in development. I don’t have details about when it will be shipped, though. Watch the What’s New page for information after we ship it.
https://docs.microsoft.com/en-us/intune/whats-new -
Get a report by mail
Same as SCCM, I would like Intune to allow me to subscribe to a specific report and send it to recipiants on a specific date\time.
most of the information they need is in those reports. in that way I can save time on creating portal management users and logins and stuff.
just get the necesary information by mail3 votesTake a look at our new Intune Data Warehouse feature – by integrating with PowerBI, you can use PowerBI’s subscription feature to get emailed versions of your dashboards.
https://docs.microsoft.com/en-us/intune/reports-nav-create-intune-reports -
Software Publisher requires each action Sign in
When publishing new or editing current applications you're prompted every time to sign in using the Microsoft Intune Software Publisher. This is very annoying. Further I see this item in a broader perspective of improving the Software Publisher including the other user voice items related to this topic.
https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/9926370-combine-external-apps-into-one-so-they-can-share
https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/9926388-when-viewing-apps-in-the-list-provide-enough-data
https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/9919752-intune-software-publishing-app-exe-is-not-workingHopefully improvements regarding the Microsoft Intune Software Publisher won't be postponed looking ahead the new Microsoft Intune Portal
1 voteAfter your tenant has been migrated to the Azure portal, you won’t need to use the Software Publisher to upload iOS or Android apps, but you may still need it for Windows apps for now.
https://blogs.technet.microsoft.com/enterprisemobility/2016/12/07/public-preview-of-intune-on-azure/
I know everyone wants it ASAP, but it will take a few months to migrate everyone. You will be notified when your tenant is ready for use on the new Azure portal. We appreciate your patience.
-
Report subscription feature
Administrators should be able to subscribe for the intune reports so that those can be available in their inbox directly.
1 voteTake a look at our new Intune Data Warehouse feature – by integrating with PowerBI, you can use PowerBI’s subscription feature to get emailed versions of your dashboards.
https://docs.microsoft.com/en-us/intune/reports-nav-create-intune-reports -
Add ability to run a report for a specifc period of time
Most reporting I have seen allows you to run a report for a certain period of time.
This needs to be added. Especially when people are tracking enrollments it would allow you to run a report on a specific day, week, month, or whatever.
This is a pretty basic part of reporting and would be great if it could be added.
0 votesTake a look at our new Intune Data Warehouse feature – by integrating with PowerBI, you can use PowerBI’s filters to scope the time period you want. Will that get you what you need?
https://docs.microsoft.com/en-us/intune/reports-nav-create-intune-reports
- Don't see your idea?