Microsoft

Microsoft Intune Feedback

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos which you do not want to grant a license to Microsoft. See the “User Voice Terms of Service” link below for more information.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Auto Enrollment based on Device and not user

    There needs to be a way to have your on prem AD joined Windows 10 systems be able to be auto enrolled to Azure AD / Intune with out having to login to every single system. Maybe group policy? Maybe some power shell scripts? Because right now Intune is useless to my organization if I have to login to every single 2000 systems to configure Intune.

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
    • Geo-Fencing & Time-Fencing Feature

      The ability to apply/remove policies based on location that could be Country, Subnet, or even Wifi Network. Also, apply/remove policies based on time. For instance, disabling Facebook while on working hours and enabling it back out of working hours.

      193 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        13 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
      • Push notification of user via sms, email or message on screen

        Abitity to warn a user via a custom notification via sms, email or message on screen.

        334 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          noted  ·  12 comments  ·  Silverlight Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
        • Sync Exchange contacts with local device contacts

          To allow the use of SMS and caller ID,contacts contained within the Exchange ActiveSync contacts configuration needs to be accessible to the local device, the ability to configure a profile to just allow the synchronizing of contact or the export of contacts from the outlook managed app to the device is necessary. Email access cannot be allowed outside of the managed apps.

          81 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            noted  ·  3 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
          • 77 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →
            • 281 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                24 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
              • Manage supported devices for users only in these groups as Android for Work

                The "Manage supported devices for users only in these groups as Android for Work" option is currently broken. This is documented here: https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/enroll-hybrid-android

                Please fix this so that we can have both Android and Android for work users enrolled.

                4 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                • Priority based Application deployment

                  Hi, It will be good if Intune provide feature of application deployment according to priority because some applications needs some prerequisite application to be deployed first.

                  65 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    4 comments  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →
                  • Manage iOS updates via MDM

                    Manage iOS updates via MDM. Apple has supported managing iOS operating system updates since iOS9 was released. Please add this functionality to Intune. Without the ability to manage the iOS updates we have no way to ensure devices are kept up to date and are adequately secured with the latest iOS security and bug fixes.

                    171 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      9 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                    • Native deployment of provisioning packages as deployment type

                      The ability to deploy provisioning packages by Configuration Manager and Microsoft Intune as a deployment type. This will introduces a lots of new opportunities to deploy/configure Windows (Mobile) 10 clients.

                      60 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        noted  ·  1 comment  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →
                      • access file server on on-premises network

                        Will Microsoft deploy an application like secure context locker from AirWatch to access on-premises file server and links. Then, use container concept to protect the downloaded data on the application.

                        4 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          1 comment  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                        • Contacts in Local Phone

                          The Team of Intune and Outlook did a great job but we believe that there are still some limitations to overcome:
                          - We need the capability to sync determined objects to local OS native apps/phone without limitations, like Contacts through Outlook for iOS. Outlook for iOS, for example, is a good application that provides mail and calendar features. However, since the contacts are not synced to the native OS phone, calls/SMS are not recognized.
                          - We know we can use ActiveSync for contacts, however, in case of MAM, we wouldn´t allow ActiveSync in our mobile devices.

                          112 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            noted  ·  5 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                          • No option to disable hotspotting

                            Data use by employees is a big concern. Our employees currently need managers approval before we turn on hotspotting.

                            I don't see an option to manage hotspotting in InTune. This is definitely something that needs to be added as it can lead to very high cellular bills if employees use it when they aren't supposed to be.

                            3 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              3 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                            • Support for deploying App-V packages

                              Right now people have to use the MSI packages generated by the App-V sequencer, rather than having native handling for the .AppV package format as SCCM does. This means that people have to resort to powershell scripting, or squeezing scripts into MST transforms in order to use App-V features such as custom configuration files or connection groups.

                              Also the MSI packages are very unreliable since they were mainly created for test scenarios rather than live deployments - for example they fail to uninstall when an application is in use, and you have to remove the previous version manually before installing…

                              156 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                noted  ·  4 comments  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →
                              • Support for "URLStringProbe" and / or "DNSServerAddressMatch" for iOS VPN on Demand in Intune Hybrid setup

                                We urgently require support for VPN on Demand for Apple iOS devices in a hybrid setup.
                                It must also support "URLStringProbe" configuration and / or "DNSServerAddressMatch"
                                We are using Juniper / Pulse Secure with Apple iOS (latest iOS version)

                                For more information, see:
                                https://help.apple.com/deployment/ios/#/ior69b9b7600

                                and
                                https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html

                                9 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  1 comment  ·  Hybrid  ·  Flag idea as inappropriate…  ·  Admin →
                                • Microsoft Certified Trainers(MCT) should have easier access to Intune while teaching classess that demo Intune

                                  I was asked by Intune support to post here. I am a Microsoft Certified Trainer that teaches the 20697-2 Windows 10 course. That course has a lot of Intune content. The course calls for teaching Azure, Office 365 and Intune. There is more Intune material in the course than any of the other cloud topics. As an MCT it is pretty easy to get access to Azure and Office 365, but VERY difficult to get access to Intune without having to go through support. And even after getting access, it is only for 30 days. Which means that when I…

                                  6 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    3 comments  ·  Company Portals  ·  Flag idea as inappropriate…  ·  Admin →

                                    Hi, John, I totally hear you. I was an MCT before I came here, back in the old days of newsgroups – maybe we ran into each other in the virtual cafe. I’ve had conversations with the training group, and with the engineering group about the overall difficulty of labbing in the cloud environment. It’s not just the subscriptions, though that definitely a pain point. It’s also being able to reset to a clean environment without having to build it all from scratch every time. I don’t have anything to report, but know that I bring it up every chance I get.

                                  • Make "Managed Browser" a "Conditional Access" rule for accessing Azure AD App Proxy

                                    Many companies would like to make internal websites available to personal devices. Microsoft Intune has a managed browser app. I would be great if it could be set as an "Conditional Access" rule for some of the WebApps published using the Azure AD App Proxy.

                                    + a "Conditional Access" that could define whether to allow "Personale (BYOD)", "Corporate", (Both - Personale + Corp.) or "Unknown"
                                    Thanks to Adrian Hyde for the idea. Let's get the vote up

                                    This post is also related to Azure AD App Proxy post:
                                    http://feedback.azure.com/forums/169401-azure-active-directory/suggestions/9575541-make-managed-browser-a-conditional-access-rule

                                    156 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      noted  ·  9 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Allow blocking of iOS update

                                      I want the ability to block updating to the newest iOS version. I have users who don't listen when I send out an email blast to not update their devices but I still get users who either don't read or just ignore the email. I want the ability to set the highest version that I want available and to disable updating to the newest version until I release it. Same type of deal as when I have to approve Windows updates.

                                      94 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        6 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →

                                        We always have problems when it comes to updates and mobile phones because unlike desktop OS, the carriers have most of the control and the platform vendor has the rest.

                                        What we do offer now is the ability to use Conditional Access to block based on min or max OS version, so if they upgrade (even when you tell them not to) they can be shut out.

                                        There’s a brief reference in this blog post to releasing it in hybrid, https://blogs.technet.microsoft.com/microsoftintune/2016/01/06/coming-soon-support-for-new-windows-10-features-apple-vpp-for-business-and-more/ and standalone went live in the latest updates.

                                        What do you think – would you call this complete based on having some admin control, or would you hold out for the PC-like experience of blocking updates, even if it’s something that would have to come from someplace other than Intune?

                                      • Require passcode" (maxGracePeriod) policy should be enforced or just be set to 0 by default

                                        Hello,

                                        iOS password grace period should be set to 0 by default. Currently, setting an auto-lock policy for iOS devices doesn't work properly as the device is locked after the set period of time but it can be postponed by the user for up to 4 hours:

                                        On the device, go to Settings -> Passcode -> Require Passcode -> you can change this setting to up to 4 hours which shouldn’t be possible. The policy only changes settings in Settings -> General -> Auto-lock to the set amount of minutes determined by the MDM policy.

                                        This behaviour is set by…

                                        5 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          3 comments  ·  Mobile Device Management  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Software Inventory for mobiles

                                          As of today, there's no option for admins to view the currently installed apps on devices. only the ones that were installed via Intune. black\white listing doesn't really help because they are only after users has enrolled their devices. everything that happens before the enrollment doesn't show up.
                                          this area requires an improvement

                                          41 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            5 comments  ·  Software Management  ·  Flag idea as inappropriate…  ·  Admin →

                                            I’m moving this into ideas, since it’s something that doesn’t exist and could be considered. but one of the problems we run into is whether or not the operating system will let us tell what apps are installed. The OS can consider that privileged information and it may not let the management service know what is installed outside it’s sphere.

                                            Then there’s whether the OS will let us actually prohibit an app as opposed to just telling you which devices have apps you’ve blacklisted. We work very closely with the manufacturers of the mobile OSs – we can ask, beg, tell them how much it hurts users – but at the end of the day, the OS manufacturer still makes the final call.

                                            (This includes Windows and Windows Phone, by the way – even though we are “One Microsoft”, we are still different groups and priorities can vary when it…

                                          ← Previous 1 3 4 5 6 7 8
                                          • Don't see your idea?

                                          Feedback and Knowledge Base