We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

The story behind this idea is as follows:

We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

Today very limited reports exists for MDM, there is no report for software inventory on Mobile devices.

In Apple Configurator, part of the enrollment profile is the ability to set options for the lock screen such as what information is displayed, and set a lockscreen wallpaper. In a school environment, being able to display the device name and brand the lock screen with a custom background would be increadibly useful, and this currently is not able to be done via InTune/ConfigMgr.

Add this functionality please.

The Team of Intune and Outlook did a great job but we believe that there are still some limitations to overcome:
- We need the capability to sync determined objects to local OS native apps/phone without limitations, like Contacts through Outlook for iOS. Outlook for iOS, for example, is a good application that provides mail and calendar features. However, since the contacts are not synced to the native OS phone, calls/SMS are not recognized.
- We know we can use ActiveSync for contacts, however, in case of MAM, we wouldn´t allow ActiveSync in our mobile devices.

I want the ability to block updating to the newest iOS version. I have users who don't listen when I send out an email blast to not update their devices but I still get users who either don't read or just ignore the email. I want the ability to set the highest version that I want available and to disable updating to the newest version until I release it. Same type of deal as when I have to approve Windows updates.

Every time when you rebuild (reinstall Windows and Intune client) a corporate PC witch was already managed by Intune a duplicate computer record is added to Intune database. Now we manually removing duplicates every month. Can you automate it?

It'd be nice to push out software more quickly than what is currently available. The current setting only allows 8 hours as the minimum time.

At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

To allow the use of SMS and caller ID,contacts contained within the Exchange ActiveSync contacts configuration needs to be accessible to the local device, the ability to configure a profile to just allow the synchronizing of contact or the export of contacts from the outlook managed app to the device is necessary. Email access cannot be allowed outside of the managed apps.

Hi, It will be good if Intune provide feature of application deployment according to priority because some applications needs some prerequisite application to be deployed first.

The ability to deploy provisioning packages by Configuration Manager and Microsoft Intune as a deployment type. This will introduces a lots of new opportunities to deploy/configure Windows (Mobile) 10 clients.

Missing the ability to automatically enroll Windows 10 devices that are hybrid Azure AD Joined, for agentless management. This would favour the use of agentless management for domain joined devices.

As of today, there's no option for admins to view the currently installed apps on devices. only the ones that were installed via Intune. black\white listing doesn't really help because they are only after users has enrolled their devices. everything that happens before the enrollment doesn't show up.
this area requires an improvement

Hey

Create feature to deploy files to devices.

I really need this feature on Android devices

The ability to block specific dangerous / malicious applications for iOS and Android. (competition can do it)

Nowadays with the amount of mobile data consumed by mobile devices only seems to increase, it would be great if Intune was able to monitor and report on mobile data usage across Mobile/Wifi and Roaming zones for each mobile device Intune manages. Windows and Android have this built into their OS's and iOS has a very good third party app you can use which works great.

It would also be great if this was supported for both Intune only and SCCM hybrid environments, perhaps with a dashboard or at least some decent SSRS reporting.