Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy email profile to Outlook for iOS/Android

    Instead of deploying a policy to configure the native email client, we need to be able to configure the (awesome) Outlook app

    2,028 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    135 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

    We are happy to announce that is now possible to deploy account setup configuration details for Outlook for iOS and Android through app configuration policies. For more information, see https://blogs.technet.microsoft.com/exchange/2018/01/30/now-your-enterprise-mobility-management-solution-can-be-used-to-simply-set-up-and-configure-outlook-for-ios-and-android-for-exchange-on-premises/

    We have additional refinements planned, for example, the "Ability to choose/configure Email client (i.e. Outlook) within mail policy” is planned for a future release. https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/8388312-ability-to-choose-configure-email-client-i-e-out

    There are a lot of moving parts and there were a lot of prioritization sessions across multiple teams, but your consistent feedback helped keep it high on our radar, and is still spurring us to deliver more in this area.

    We appreciate your feedback! Now that you have your votes back, we encourage you to vote for the next things you want to see.

  2. Extend MDM MSI deployment

    I would like the MDM MSI deployment (to MDM enrolled Win8.1+ clients) to be extended. Currently, only single MSI's are supported, I'd like this to include MSI's with .cab's, MSP files to patch installed MSI apps, and to be able to deploy .exe installers.

    1,313 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    65 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →

    As of March 15, 2019, we’ve announced that the public preview is complete and Win32 app deployment with Intune is now generally available. Or “GA” as we say here. :-)

    https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Sneak-peek-Public-preview-of-Win32-application-deployment-using/ba-p/264460

    I realize that we’re calling this complete based on Win32 app deployment to .exe, and only to Win10 clients as described in the blog. If there are still pieces of MSI deployment that you want and don’t have, please create new items and use the votes we returned to you from this one to help us prioritize future work in this area.

    Thank you so much for your feedback, and thanks for using Microsoft Intune!

  3. Add PowerShell support to manage the service

    It would be nice if PowerShell was supported to manage the service.

    1,071 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    27 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    I am happy to announce that as of Feb 25, 2019, the Intune PowerShell module is now available in the Microsoft PowerShell Gallery.

    Thank you so much for all of your feedback on this. If there specific things you still need in PowerShell, please use your votes to start new items with the details.
    Thanks for using Intune!

    https://docs.microsoft.com/en-us/intune/whats-new#week-of-february-25-2019

    https://github.com/Microsoft/Intune-PowerShell-SDK/blob/master/README.md

  4. 727 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    61 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    In a previous release, we introduced a new “management name” field, but it was not editable. I am happy to announce that starting the week of June 4, 2018, you can edit the management name field on a device’s Properties blade. To edit this field, choose Devices > All devices > choose the device > Properties. You can use the management name field to uniquely identify a device, which is the spirit of the request even if we didn’t make the actual name of the device editable.

    Thank you so much for your support, and your patience. You get your votes back now that this is complete, so please go vote up the next thing you want us to prioritize.

  5. Replace Silverlight portal with HTML version

    https://manage.microsoft.com requires Silverlight for regular access, and this is starting to cause an issue with Chrome and also IE

    601 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    28 comments  ·  Silverlight Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    Microsoft Intune and EMS Conditional Access capabilities are both now Generally Available in the Azure portal. From this point forward, all new Intune and conditional access features will be delivered in the new portal, so keep an eye out. https://blogs.technet.microsoft.com/enterprisemobility/2017/06/08/the-new-intune-and-conditional-access-admin-consoles-are-ga/

    We still have a very small number of customers who haven’t been migrated due to bugs on our side, and we’re fixing those as fast as we can. There are also accounts we haven’t migrated because they have configurations we can’t support in Azure. for more information, including how to tell if your account has been migrated, see http://aka.ms/intunemigrationblockers. But since we hit “GA”, we’ll call this complete.

  6. Deploy unique computer certificates using Intune/SCEP/NDES

    We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

    The story behind this idea is as follows:

    We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

    598 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. The ability to track all events/actions in Intune (Audit /Auditing)

    The ability to track all events/actions in Intune (Audit /Auditing). Basically the same as in the Azure Portal. Need to track who did what and when

    540 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    20 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    With the update in late November, Intune auditing now provides a record of change operations related to Intune. All create, update, delete and remote task operations are captured and retained for one year. The Azure portal provides a view of the last 30 days of audit data in each workload, and is filterable. A corresponding Graph API allows retrieval of the auditing data stored for the last year.

    Auditing is found under the MONITOR group. There is an Audit Logs menu item for each workload

    Thank you for your feedback!

  8. Manage BitLocker

    More and more we have clients who are getting all they need from Office 365 services. They no longer need servers or Active Directory. We often see the need to deploy BitLocker to these machines, which is currently a fairly manual process. I'd like InTune Standalone to be able to deploy and manage BitLocker without Active Directory or an Enterprise Agreement. Even if we had to pay a couple extra bucks per user, it would be 100% worth it. The other supposed cloud-based full disk encryption products are not very good, so I think it's a big opportunity to make…

    534 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Configure lock screen/wallpaper on iOS devices at enrollment (as per Configurator)

    In Apple Configurator, part of the enrollment profile is the ability to set options for the lock screen such as what information is displayed, and set a lockscreen wallpaper. In a school environment, being able to display the device name and brand the lock screen with a custom background would be increadibly useful, and this currently is not able to be done via InTune/ConfigMgr.

    Add this functionality please.

    525 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    44 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. Force device check-in

    I feel like I'm unable to manage the devices properly when I can't force a device check-in. For instance, if I change a configuration I can't force the users device to check-in and tell him "Try now", instead I have to wait for the standard cycle to trigger the device and my response has to be "wait till tomorrow and see if it works, if not - tell me" and I have to do the same over again.

    I would also like to have a policy to change the default cycle like most MDM's have.

    495 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    28 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Samsung Knox Mobile Enrollment

    It would be nice if Microsoft Intune supported enrolling devices with the Samsung Knox Mobile Enrollment.

    It would be great feature to help enroll Samsung Android devices into Intune Mobile Device Management.

    488 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    27 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →

    Yup, @George beat me to it on the thread, but restating using the “status update” so I can send mail to all subscribers with the good news. :-)

    We now support for enrollment of Samsung devices using Knox Mobile Enrollment. You can now procure, configure and manage Samsung devices on behalf of the company and enroll them centrally before delivering to users. With the combination of Intune and Knox Mobile Enrollment, your end-users enjoy a faster Intune onboarding experience with fewer clicks and no Android system prompts. This capability currently supports device admin for enterprise use and will be extended to device owner enrollments in a forthcoming release.
    https://cloudblogs.microsoft.com/enterprisemobility/2018/05/08/microsoft-intune-adds-support-for-knox-mobile-enrollment-on-company-owned-samsung-devices/

    Thank you all for your feedback! We are marking this #1 request in the Android category complete. Please go vote for other things you’d like to see us do!
    Cathy

  12. Support "to do" app for MAM Policies

    The users are starting to use the Microsoft "to do". Pleas enable it for MAM Policies.

    404 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    19 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  13. No option to enter a WiFi password when creating a WiFi profile with wpa or wep security

    Pushing out an iOS WiFi profile that contains wpa or wep security is useless without a password. When I attempt to create a WiFi profile and select wpa (any type) or wep I does not give me the option to enter a password. We have WiFi password that is shared among multiple sites and we do not want to distribute it to employees so they can't use it to connect personal devices.

    Every other MDM I have used has the option to enter a password.

    Is this expected or is this a bug??

    This may be a make or break…

    373 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    34 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    from the week of Nov 6:
    Wi-Fi connections support pre-shared keys on iOS
    Customers can configure Wi-Fi profiles to use pre-shared keys (PSK) for WPA/WPA2 Personal connections on iOS devices. These profiles are pushed to user’s device when the device is enrolled into Intune.

    When the profile has been pushed to the device, the next step depends on the profile configuration. If set to connect automatically, it does so when the network is next needed. When the profile is connects manually, the user must activate the connection manually.

  14. Conditional Access for Macs

    We would like to have conditional access for client computers that run OS X so users are enforced to enroll their devices as soon as they decide to install a mail client or OneDrive for Business.

    (split from https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/8793778-conditional-access-for-pc-s-and-mac-s)

    353 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →

    As of the most recent service release, you can now set a conditional access policy that requires Mac devices to be enrolled into Intune and compliant with its device compliance policies. For example, users can download the Intune Company Portal app for macOS and enroll their Mac devices into Intune. Intune evaluate whether the Mac device is compliant or not with requirements like PIN, encryption, OS version, and System Integrity.
    https://docs.microsoft.com/en-us/intune/whats-new

  15. Conditional access for on premise exchange and Outlook App

    The below link was updated on the 17th of December. This still states that it is not possible with an on premise Exchange solution “The Microsoft Outlook app for Android and iOS (for Exchange Online only)”.
    https://technet.microsoft.com/en-gb/library/dn818907.aspx

    This is directly affecting our implementation of Intune throughout our organisation.

    The Outlook App is used by many users and this would be blocked if we implement conditional access.

    The business needs to know if this is going to be corrected in future updates or if we are going to have to look at alternative solutions.

    Thanks

    313 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    You can now use Intune App Policy Protection (APP) and Conditional Access (CA) to protect access to on-premise Exchange data with Outlook Mobile. To add or modify an app protection policy, select Mobile apps from the Microsoft Intune blade within the Azure portal. On the Mobile apps blade, select App protection policies.

    https://blogs.technet.microsoft.com/exchange/2018/04/02/a-new-architecture-for-exchange-hybrid-customers-enables-outlook-mobile-and-security/

    Thank you for your support of this item. Please go vote for the next thing you think is most important.

  16. Manage iOS updates via MDM

    Manage iOS updates via MDM. Apple has supported managing iOS operating system updates since iOS9 was released. Please add this functionality to Intune. Without the ability to manage the iOS updates we have no way to ensure devices are kept up to date and are adequately secured with the latest iOS security and bug fixes.

    297 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. remote assistance/remote control

    Microsoft Intune should have a way to provide remote assistance to users running Windows 8 and 8.1.

    291 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  33 comments  ·  Remote Assistance/Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Make "Managed Browser" a "Conditional Access" rule for accessing Azure AD App Proxy

    Many companies would like to make internal websites available to personal devices. Microsoft Intune has a managed browser app. I would be great if it could be set as an "Conditional Access" rule for some of the WebApps published using the Azure AD App Proxy.

    + a "Conditional Access" that could define whether to allow "Personale (BYOD)", "Corporate", (Both - Personale + Corp.) or "Unknown"
    Thanks to Adrian Hyde for the idea. Let's get the vote up

    This post is also related to Azure AD App Proxy post:
    http://feedback.azure.com/forums/169401-azure-active-directory/suggestions/9575541-make-managed-browser-a-conditional-access-rule

    219 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
  19. Deploy applications to Mac OS X

    Allow deploying of applications to Mac OS X, including from SCCM in unified configuration architecture.

    215 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →

    As of the week of April 23, Intune will provide the capability to install macOS LOB apps from the Azure portal. You will be able to add a macOS LOB app to Intune after it has been pre-processed by the tool available in GitHub.
    https://docs.microsoft.com/en-us/intune/lob-apps-macos
    Since Michael the original poster says this might achieve desired functionality, I’m going to call this closed. If there’s something still missing, go ahead and open a new item. For example, this doesn’t provide macOS VPP support, and we don’t currently have an item for that, but feel free to submit one.
    Thanks for your feedback!!

  20. Modern authentication for native mail

    We need to be able to configure email profiles with modern authentication. It is supported now by iOS but not by Intune. This problem is making an MFA rollout to existing email profiles very difficult and leaving gaps in our ability to retire native emails when employees have to configure their own exchange profiles.

    Outlook is great and all but conditional access doesn’t prevent the native client from being used.

    205 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 9 10
  • Don't see your idea?

Feedback and Knowledge Base