Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy email profile to Outlook for iOS/Android

    Instead of deploying a policy to configure the native email client, we need to be able to configure the (awesome) Outlook app

    2,018 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    135 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

    We are happy to announce that is now possible to deploy account setup configuration details for Outlook for iOS and Android through app configuration policies. For more information, see https://blogs.technet.microsoft.com/exchange/2018/01/30/now-your-enterprise-mobility-management-solution-can-be-used-to-simply-set-up-and-configure-outlook-for-ios-and-android-for-exchange-on-premises/

    We have additional refinements planned, for example, the "Ability to choose/configure Email client (i.e. Outlook) within mail policy” is planned for a future release. https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/8388312-ability-to-choose-configure-email-client-i-e-out

    There are a lot of moving parts and there were a lot of prioritization sessions across multiple teams, but your consistent feedback helped keep it high on our radar, and is still spurring us to deliver more in this area.

    We appreciate your feedback! Now that you have your votes back, we encourage you to vote for the next things you want to see.

  2. Push notification of user via sms, email or message on screen

    Abitity to warn a user via a custom notification via sms, email or message on screen.

    1,382 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    75 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  3. Extend MDM MSI deployment

    I would like the MDM MSI deployment (to MDM enrolled Win8.1+ clients) to be extended. Currently, only single MSI's are supported, I'd like this to include MSI's with .cab's, MSP files to patch installed MSI apps, and to be able to deploy .exe installers.

    1,304 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    65 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →

    As of March 15, 2019, we’ve announced that the public preview is complete and Win32 app deployment with Intune is now generally available. Or “GA” as we say here. :-)

    https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Sneak-peek-Public-preview-of-Win32-application-deployment-using/ba-p/264460

    I realize that we’re calling this complete based on Win32 app deployment to .exe, and only to Win10 clients as described in the blog. If there are still pieces of MSI deployment that you want and don’t have, please create new items and use the votes we returned to you from this one to help us prioritize future work in this area.

    Thank you so much for your feedback, and thanks for using Microsoft Intune!

  4. Add PowerShell support to manage the service

    It would be nice if PowerShell was supported to manage the service.

    1,064 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    27 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    I am happy to announce that as of Feb 25, 2019, the Intune PowerShell module is now available in the Microsoft PowerShell Gallery.

    Thank you so much for all of your feedback on this. If there specific things you still need in PowerShell, please use your votes to start new items with the details.
    Thanks for using Intune!

    https://docs.microsoft.com/en-us/intune/whats-new#week-of-february-25-2019

    https://github.com/Microsoft/Intune-PowerShell-SDK/blob/master/README.md

  5. Enforce auto update for Apps in iOS devices via intune.

    I'm managing my corporate devices via Intune, and according to our internal policy I have disabled the App Store and allow app instillation via company portal only to control the allowed apps.

    I have problem with apps' updates, because App Store is disabled, Apps are not being updated, although I update the apps to the latest version in the company portal.

    It will be necessary to be able to manage/control apps update via intune.

    810 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    62 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  6. 724 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    61 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    In a previous release, we introduced a new “management name” field, but it was not editable. I am happy to announce that starting the week of June 4, 2018, you can edit the management name field on a device’s Properties blade. To edit this field, choose Devices > All devices > choose the device > Properties. You can use the management name field to uniquely identify a device, which is the spirit of the request even if we didn’t make the actual name of the device editable.

    Thank you so much for your support, and your patience. You get your votes back now that this is complete, so please go vote up the next thing you want us to prioritize.

  7. make Android Enterprise Widgets available on BYOD

    Widgets are not available on our BYOD managed Intune devices. There does not seem to be settings in the restriction profile to manage widgets. Our users have been very vocal about the loss of mail and calendar widgets unde Android Enterprise Management.

    Thank you

    628 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    61 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  8. Deploy unique computer certificates using Intune/SCEP/NDES

    We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

    The story behind this idea is as follows:

    We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

    598 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Replace Silverlight portal with HTML version

    https://manage.microsoft.com requires Silverlight for regular access, and this is starting to cause an issue with Chrome and also IE

    596 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    28 comments  ·  Silverlight Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    Microsoft Intune and EMS Conditional Access capabilities are both now Generally Available in the Azure portal. From this point forward, all new Intune and conditional access features will be delivered in the new portal, so keep an eye out. https://blogs.technet.microsoft.com/enterprisemobility/2017/06/08/the-new-intune-and-conditional-access-admin-consoles-are-ga/

    We still have a very small number of customers who haven’t been migrated due to bugs on our side, and we’re fixing those as fast as we can. There are also accounts we haven’t migrated because they have configurations we can’t support in Azure. for more information, including how to tell if your account has been migrated, see http://aka.ms/intunemigrationblockers. But since we hit “GA”, we’ll call this complete.

  10. Enable FileVault and key vaulting for OSX

    OSX High Sierra supports FileVault key escrow using the com.apple.security.FDERecoveryKeyEscrow mobileconfig payload.

    InTune should support enabling FileVault and receiving the encryption key. This mirrors the behaviour of Bitlocker for Windows.

    572 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →

    I am happy to report that as of the week of July 15, 2019, we started rolling this out – you can use Intune to manage FileVault key encryption for macOS devices. To encrypt devices, you use an endpoint protection device configuration profile.

    Our support for FileVault includes encrypting unencrypted devices, escrow of a devices personal recovery key, automatic or manual rotation of personal encryption keys, and key retrieval for your corporate devices. End users can also use the Company Portal website to get the personal recovery key for their encrypted devices.

    https://docs.microsoft.com/en-us/intune/whats-new#week-of-july-15-2019

    Thank you for your feedback, and thanks for using Intune!

  11. The ability to track all events/actions in Intune (Audit /Auditing)

    The ability to track all events/actions in Intune (Audit /Auditing). Basically the same as in the Azure Portal. Need to track who did what and when

    540 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    With the update in late November, Intune auditing now provides a record of change operations related to Intune. All create, update, delete and remote task operations are captured and retained for one year. The Azure portal provides a view of the last 30 days of audit data in each workload, and is filterable. A corresponding Graph API allows retrieval of the auditing data stored for the last year.

    Auditing is found under the MONITOR group. There is an Audit Logs menu item for each workload

    Thank you for your feedback!

  12. Manage BitLocker

    More and more we have clients who are getting all they need from Office 365 services. They no longer need servers or Active Directory. We often see the need to deploy BitLocker to these machines, which is currently a fairly manual process. I'd like InTune Standalone to be able to deploy and manage BitLocker without Active Directory or an Enterprise Agreement. Even if we had to pay a couple extra bucks per user, it would be 100% worth it. The other supposed cloud-based full disk encryption products are not very good, so I think it's a big opportunity to make…

    532 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Configure lock screen/wallpaper on iOS devices at enrollment (as per Configurator)

    In Apple Configurator, part of the enrollment profile is the ability to set options for the lock screen such as what information is displayed, and set a lockscreen wallpaper. In a school environment, being able to display the device name and brand the lock screen with a custom background would be increadibly useful, and this currently is not able to be done via InTune/ConfigMgr.

    Add this functionality please.

    525 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    46 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Force device check-in

    I feel like I'm unable to manage the devices properly when I can't force a device check-in. For instance, if I change a configuration I can't force the users device to check-in and tell him "Try now", instead I have to wait for the standard cycle to trigger the device and my response has to be "wait till tomorrow and see if it works, if not - tell me" and I have to do the same over again.

    I would also like to have a policy to change the default cycle like most MDM's have.

    495 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    29 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Samsung Knox Mobile Enrollment

    It would be nice if Microsoft Intune supported enrolling devices with the Samsung Knox Mobile Enrollment.

    It would be great feature to help enroll Samsung Android devices into Intune Mobile Device Management.

    485 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    28 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →

    Yup, @George beat me to it on the thread, but restating using the “status update” so I can send mail to all subscribers with the good news. :-)

    We now support for enrollment of Samsung devices using Knox Mobile Enrollment. You can now procure, configure and manage Samsung devices on behalf of the company and enroll them centrally before delivering to users. With the combination of Intune and Knox Mobile Enrollment, your end-users enjoy a faster Intune onboarding experience with fewer clicks and no Android system prompts. This capability currently supports device admin for enterprise use and will be extended to device owner enrollments in a forthcoming release.
    https://cloudblogs.microsoft.com/enterprisemobility/2018/05/08/microsoft-intune-adds-support-for-knox-mobile-enrollment-on-company-owned-samsung-devices/

    Thank you all for your feedback! We are marking this #1 request in the Android category complete. Please go vote for other things you’d like to see us do!
    Cathy

  16. Support "to do" app for MAM Policies

    The users are starting to use the Microsoft "to do". Pleas enable it for MAM Policies.

    404 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    19 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  17. No option to enter a WiFi password when creating a WiFi profile with wpa or wep security

    Pushing out an iOS WiFi profile that contains wpa or wep security is useless without a password. When I attempt to create a WiFi profile and select wpa (any type) or wep I does not give me the option to enter a password. We have WiFi password that is shared among multiple sites and we do not want to distribute it to employees so they can't use it to connect personal devices.

    Every other MDM I have used has the option to enter a password.

    Is this expected or is this a bug??

    This may be a make or break…

    373 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    36 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    from the week of Nov 6:
    Wi-Fi connections support pre-shared keys on iOS
    Customers can configure Wi-Fi profiles to use pre-shared keys (PSK) for WPA/WPA2 Personal connections on iOS devices. These profiles are pushed to user’s device when the device is enrolled into Intune.

    When the profile has been pushed to the device, the next step depends on the profile configuration. If set to connect automatically, it does so when the network is next needed. When the profile is connects manually, the user must activate the connection manually.

  18. Conditional Access for Macs

    We would like to have conditional access for client computers that run OS X so users are enforced to enroll their devices as soon as they decide to install a mail client or OneDrive for Business.

    (split from https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/8793778-conditional-access-for-pc-s-and-mac-s)

    353 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →

    As of the most recent service release, you can now set a conditional access policy that requires Mac devices to be enrolled into Intune and compliant with its device compliance policies. For example, users can download the Intune Company Portal app for macOS and enroll their Mac devices into Intune. Intune evaluate whether the Mac device is compliant or not with requirements like PIN, encryption, OS version, and System Integrity.
    https://docs.microsoft.com/en-us/intune/whats-new

  19. Conditional access for on premise exchange and Outlook App

    The below link was updated on the 17th of December. This still states that it is not possible with an on premise Exchange solution “The Microsoft Outlook app for Android and iOS (for Exchange Online only)”.
    https://technet.microsoft.com/en-gb/library/dn818907.aspx

    This is directly affecting our implementation of Intune throughout our organisation.

    The Outlook App is used by many users and this would be blocked if we implement conditional access.

    The business needs to know if this is going to be corrected in future updates or if we are going to have to look at alternative solutions.

    Thanks

    313 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    You can now use Intune App Policy Protection (APP) and Conditional Access (CA) to protect access to on-premise Exchange data with Outlook Mobile. To add or modify an app protection policy, select Mobile apps from the Microsoft Intune blade within the Azure portal. On the Mobile apps blade, select App protection policies.

    https://blogs.technet.microsoft.com/exchange/2018/04/02/a-new-architecture-for-exchange-hybrid-customers-enables-outlook-mobile-and-security/

    Thank you for your support of this item. Please go vote for the next thing you think is most important.

  20. Manage iOS updates via MDM

    Manage iOS updates via MDM. Apple has supported managing iOS operating system updates since iOS9 was released. Please add this functionality to Intune. Without the ability to manage the iOS updates we have no way to ensure devices are kept up to date and are adequately secured with the latest iOS security and bug fixes.

    297 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 10 11
  • Don't see your idea?

Feedback and Knowledge Base