Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Folder redirection to Onedrive for Business

    I would like to have a Intune Policy to redirect, for example, the Documents folder of an Azure AD Joined device to Onedrive for Business of the user.

    544 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow LOB apps on devices managed in Android Kiosk Devices (COSU)

    When a device is configured with Android Enterprise and the Microsoft Managed Home Screen in kiosk mode (as per here https://docs.microsoft.com/en-us/intune/android-kiosk-enroll), it is not possible to deploy LOB apps to these devices. If apps are sideloaded manually, they're automatically deleted by the device policy.

    Being able to deploy LOB apps (or creating a whitelist) for Android Kiosk devices would allow Android Kiosk mode to be used to its full potential.

    325 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    27 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →

    I was talking with our Android team about this one. They said “This is already supported. However LOB apps must be deployed by either uploading through the Google Play iFrame in Intune or using a dev account for Google Play.”
    Does that satisfy the spirit of the request?

  3. Extend the SCEP enrollment profile with additional Active Directory attributes

    At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

    155 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

    AS of the week of April 23, 2018, you can use the OnPremisesSamAccountName the common name in a custom subject on an SCEP certificate profile. For example, you can use CN={OnPremisesSamAccountName}).

    As of Dec 11, when you create a SCEP certificate profile in Intune, you can now use the AAD_DEVICE_ID variable when you build the custom subject name. When the certificate is requested using this SCEP profile, the variable is replaced with the AAD device ID of the device making the certificate request.
    https://docs.microsoft.com/en-us/intune/whats-new

    I don’t think it gives you everything you want, but how close are we?

  4. Allow organizations to remove the full wipe option from non-company owned devices

    Allow an organization to define user-owned devices and remove the ability to perform full wipes on those devices.

    147 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Android Dedicated Device - Enforce PIN for Device Unlock

    Enable a way we can enforce a policy to set a PIN code on Corporate Owned Dedicated Devices (Kiosk mode) PIN at a device level.

    At present we are having to get our onsite IT staff to manually set a PIN on the device after enrollment, but still the users could go in and change the lock screen method from PIN code to Swipe, thus removing the security aspect.

    126 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  6. Granular control on email notifications in Outlook App for Intune MAM enabled users

    Presently using Intune MAM policies there are no controls to manage new email notification for Outlook mobile app. When an email is received, body of email is displayed in notifications which is a major security concern. There is a need of granular control where Intune admins can control if email notifications for outlook app can be disabled, enabled with only subject line or sender or combination of both.

    124 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remotely uninstall specific app(s) from a particular device

    It is now possible to perform app selective wipe but this function is for Microsoft apps only. It is also possible to uninstall a specific app from all devices. However, there is no way to select specific apps to uninstall from a particular device. This feature is useful for troubleshooting app installation or to force-install for only one device/user.

    114 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the week of Nov 26, 2018, you can remove any app on corporate-owned supervised iOS devices. You can remove any app by targeting either user or device groups with an Uninstall assignment type. For personal or unsupervised iOS devices, you will continue to be able to remove only apps that were installed using Intune.

    Does this fill the request, or do you need to be able to remove apps on personal or unsupervised devices?

  8. Search,sort, and/or filter on any column in a view in the console

    Please make the UI so that we can search, sort, and/or filter on any column in a view in the console? For instance I want an easy way to filter to see only apps that are for Windows, or only apps that are Line of Business, of only WSfb.... etc.

    107 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, thanks for supporting this issue in UserVoice. What would really help here is to get a list of the views that are still NOT searchable, sortable, or filterable. We’re going to have to approach this one view by view. In https://devicemanagement.microsoft.com/ please either give me the full path to navigate to the screen you’re talking about, or post a screen shot (and be sure to blur any names or identifying info before posting).

  9. Option to force users to accept terms and conditions each time they enroll a new device.

    Currently, once a user accepts the deployed Terms and Conditions across one of their enrolled devices, they will not be required to accept the Terms and Conditions again on any of their other devices.

    From https://docs.microsoft.com/en-us/intune/terms-and-conditions-create:
    "Users only have to accept updated terms and conditions once. Users with multiple devices don't have to accept terms and conditions on each device."

    This is a request to create the option to force users to accept deployed terms and conditions each time they enroll a new device, even if they have already accepted them on the first device they have enrolled.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Apply filters for Apps expiration in Azure as same as Classic Portal

    For a Large enterprise its Difficult to keep a track of App expiry date and notify the vendors or relevant dev teams. In Classic portal earlier we could apply the filters and get a consolidated report of app about to expire in next 40 days.

    Same feature does not imply in Azure Admin console , We have to manually check the App expiry for iOS provisioning profiles.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  11. MDM Initiated Activation Lock

    With iOS 9.3, EMM providers can work with Apple’s DEP servers to enforce activation lock on the device and override the activation lock if necessary.

    Please enable this iOS 9.3 feature.

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →

    As of the Oct 2018 release, when a device is not compliant, you can create an action on the compliance policy that locks the device remotely. This is supported on iOS, as well as Android, MacOS, Win10 Mobile, and WinPhone 8.1 and later.

    Does that get you want you need or is there something else still missing?

  12. Assign all devices in a dynamic group to a device category

    It would be great if we could assign devices to a category based on their dynamic group assignment. We have a naming convention for all of our Windows PCs that we can create a Dynamic Device group to query that name and since we know that devices that follow that convention are always going to be company-owned Windows 10 devices, we would like to be able to assign every device in that group to our "Corporate Windows 10" Device Category.

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. Windows 10 IoT enterprise support in InTune.

    It would be great to have the ability to manage windows 10 IoT builds with InTune as an MDM solution

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Prevent apps to be uninstalled

    Some mobile apps could be required by the company as mandatory on the device (antivirus for instance). Having a feature that could prevent user to uninstall some application could help on a better user support.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the week of April 23, 2018, If an end user uninstalls a required app, Intune automatically reinstalls the app within 24 hours rather than waiting for the 7 day re-evaluation cycle. It’s not exactly preventing the uninstall, but is it close enough that we can call it complete?

  15. Setup a notification message for intune to inform system admins about the expiry date of Apple APN certificate.

    Allowing the Apple iOS APN certificate to expire causes a lot of headache to system Admins, the users will have to enroll devices again. so there should be a notification option to remind admins to renew. and the notification (email, SMS, popup notice,...) should occur at least a month in advance.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add already joined devices to autopilot for reimaging

    It would be nice to be able to add already joined devices into Autopilot program (like a writeback or sync) for re imaging purposes. This would make re-purposing hardware simple and easy for users and admins alike.

    I cannot gather the hardware ids through AzureAD (cloud only) with no WMI capabilities and limited AAD attributes being available.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the release the week of Oct 1, 2018, you can apply Autopilot profiles to enrolled Win 10 devices that have not already been registered for Autopilot. In the Autopilot profile, choose the Convert all targeted devices to Autopilot option to automatically register non-Autopilot devices with the Autopilot deployment service. Allow 48 hours for the registration to be processed. When the device is unenrolled and reset, Autopilot will provision it.

    Does that get you what you want? If not, what’s missing?

  17. Add help option for each device setting

    When configuring the device settings the meaning and impact of the options are not always clear at first sight. Especially for the target group school administrators who are often IT skilled teachers. A help section/link with a detailed explanation per setting would be very helpful.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Intune for Education  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, Liz on our EDU team posted this comment:

    Hello- I am a member of the Intune for Education product team. We’ve recently added more tooltips next to settings in the console to help users quickly understand what each device setting does. For more in depth descriptions of all settings visit: https://docs.microsoft.com/en-us/intune-education/all-edu-settings-windows

    Does that get you enough help options on the device settings? If not, post a comment and let Liz know what we are missing!

  18. Custom Reports in the Intune portal

    Power BI is very flaky, Data doesn't load, time outs etc leading to a very frustrating experience. Even the MS EMS team haven't been able to make it work on my Tenant, which begs the question, why should we have to use Power Bi? All I actually want is a dump of all hardware devices and their associated properties/owners into a csv. This should be available from within the Intune portal itself. The reporting is very poor and needs to be improved.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune Data Warehouse  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, Jimmy, Adam on the engineering team said
    “Hi Jimmy, the All Devices view in Intune recently updated to a new and improved export infrastructure which should make exporting this data quicker and much more reliable. The output is a zipped CSV file and of course you can do this from the Intune portal as well as through Microsoft Graph API.”
    Does that fix your issue?

  19. Software Publisher tool for Mac OS

    Currently it is not possible to publish apps using a Mac OS device because the Software Publishing tool is not compatible with Mac OS (Intune standalone obviously). This is a major blocker in a Mac only environment.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Microsoft Managed Home Screen providing ability to provide different themes or wallpaper for Android devices within Intune

    I would like the Microsoft Managed Home Screen (Google Play App) to provide the ability to manage themes and/or background wallpaper for our corporate Android devices within Intune.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base