Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Documentation outlining the available key-values for O365 mobile apps

    In the app configuration policy blade under Intune for Azure, the top message states "Intune SDK-enabled apps support configurations in key-value pairs. Consult the documentation for each app to learn more about which key-value configurations are supported."

    I would like to see the documentation.

    71 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add Intune RBAC table (or similar) to docs

    I can't find detailed information in regards of each permission in Intune. The "Intune RBAC table"-document is out of date, but similar information such as that is what I'm looking for to have in the Intune Docs.

    54 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ablilty to export all Intune settings

    We need to be able to export all Intune settings in order to create documentation for D.R., as-built docs and audits. We should be able to do this in the console or via PowerBI.

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  4. CSP Power XML Examples

    Currently the Microsoft Article https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-power does not provide examples of the Power Options aka templates for end customer use. There are reference to generic examples via the link: https://docs.microsoft.com/en-us/windows/client-management/mdm/understanding-admx-backed-policies but nothing that shows clear syntax and proper syntax for the Power options. Please adjust the documentation to include these if possible.

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  5. Clarity on how to use/handle Compliance vs Configuration vs Hello for Business settings

    Today, in Intune standalone, there are multiple locations you can configure many items for Windows 10. One such example is password.

    If we look at password, you can set password restrictions or requirements in the compliance policy, and these are enforced. But you can also specify these as a configuration profile. There's also similar settings in Windows Hello for Business.

    As an admin, I'm not sure which take priority, or how to best utilise these settings in harmony.

    Another example is Bitlocker - there's a compliance policy, and also configuration profile. On this occasion, compliance doesn't actually enforce, it just…

    16 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  6. provide better guides and best practices

    I have spent days getting my head around how to add devices using the new (non-silverlight) interface. Documentation for the nuts and bolts, step by step real world use of the product truly sucks. Sorry. Even the basic procedure for adding devices and users is a trial and error experience at best. Do we use the CompanyPortal app or the website? Which user should enroll the device in Azure AD? Which user should do the MDM? To add insult injury, virtually every YouTube, Lynda.com and Pluralsight video online is for the old Silverlight interface.

    It's a great product. Now if…

    14 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  7. Update Hybrid Cloud Printing Documentation

    Update the Hybrid Printing Documentation to refelct actuall setup process, as current docuemntation does not advise on nececary steps:

    -Mention that to pubish a printer you need a windows 10 device, not server and a dedicated service account. Othewise you get OAuth errors.

    -Update App Proxy App setup to refect that you only need to make 2 apps not 4.

    -Inform that the published printers do not have the preferences, for example colour/black and white or size like a4, a3 etc.

    None of this is part of the original documentaiton, and if you actually follow the documentation it does not…

    12 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  8. Clarify the ambiguous wording for the "Built-in Device Compliance Policy | Has a compliance policy assigned" condition

    I've been debating whether this condition refers to the user or the device for over a week with the support team.

    If the "Built-in Device Compliance Policy | Has a compliance policy assigned" condition evaluates whether the user has 1+ compliance policy assigned to them, the condition should read "User has a compliance policy assigned" to match the "Enrolled user exists" condition above it.

    If the "Built-in Device Compliance Policy | Has a compliance policy assigned" condition evaluates whether the device has 1+ compliance policy assigned to them (which seem much more likely in the context), the condition should read…

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  9. Release notes for Intune Management Extension

    No release notes appear to be available for the Intune Management Extension. This is frustrating as it means there's effectively no visibility for system administrators as to what's changed/fixed in a given release.

    For example, I recently opened a support case regarding an issue that appeared to be a bug in the IME. It's now fixed, seemingly independent of my support case. I suspect it was fixed in IME v1.31.201 but I have no way of knowing due to the lack of any published documentation.

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  10. Email access is delayed for 1-3 hours when enrolling in Company Portal app and conditional access in Intune.

    Setup:
    - Conditional Access with Exchange On Premise
    - Default Access rule set to "Block"
    - Configuration Policy that configures the email client on iOS/Android

    After enrollment, it takes 1 - 3 hours for the device to become 'unblocked / access granted' in Exchange.
    This makes staging of the devices very difficult as we need the username/pass during enrollment & we can only start showing the email functionality after several hours.

    This is not mentioned in the documentation (as a matter of fact, the documentation states that it should be unblocked within 2 minutes). MS Support confirmed this is indeed…

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
    noted  ·  Nbigman MSFT responded

    This suggestion has been passed along to the documentation team.

  11. precedence and priority for conditional access controls. When compliance, MFA, and Hybrid Azure AD join are all checked – how does Intune de

    One of my questions, that I’ve never been able to get answered, it’s not in the Microsoft documentation, is the question of precedence and priority for conditional access controls. When compliance, MFA, and Hybrid Azure AD join are all checked – how does Intune determine which one is to be applied? If MFA is checked, will it always be presented to the user, or will it not be used when a device is compliant? What logic is used? Sadly the documentation is lacking for this.

    Please answer this question and help with documentation.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  12. Conflict resolution workflow

    Ensure when conflicts are identified -- whether during configuration or monitoring -- that a resolution workflow is presented with appropriate decision support guidance.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  13. Trusted IP Address has Changed

    OK, so Microsoft kind of revamped the way Trusted IP Address and MFA IP Addresses work in Intune / Azure AD.

    There is Zero (0) notes on the release of this change that I can find anywhere.

    So far as I can find there is Zero (0) documentation on how this functionality works.

    Please provide updated documentation on Conditional Access Rules.

    How to add the IP Addressing.

    How the functionality of the Trusted IP Addresses tick box works and functions.

    BTW, we are having an issue with some configuration, this may be the issue!

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  14. Sample configuration policy for Android for work in mircosoft intune

    Hi Supporter,
    When we read the configuration policy of IOS i saw the sample config and follow it. But when reading the similar on Android for work i don't see the sample, could you help me sample configuration ?

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  15. Copy and paste folders including permissions within Sharepoint

    To be able to copy and paste folders including their permissions, within Sharepoint.
    At present if copy and paste a folder and inherited permissions are removed and specific access is set for specific groups or users, all new permissions need to be re set up.

    I have a folder that groups are allowed access to, then folders within the initial folder that are specific to each user or users. Would be less time consuming if I could copy a folder with permissions, and paste.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  16. The Intune Documentation does not call out the differences between the modes you can enable for the Cloud Delivered Protection via policy.

    The Intune Documentation does not call out the differences between the modes you can enable for the Cloud Delivered Protection via policy. For example: 0x2 - High blocking level - aggressively block unknowns while optimizing client performance (greater chance of false positives)

    0x4 - High+ blocking level – aggressively block unknowns and apply additional protection measures (may impact client performance)

    What is different between 0x0 and 0x2 that makes it aggressively block unknowns, and for 0x4 what sort of Client Impact is expected.

    What I am finding mostly is the Intune documents for these features like I have shown you,…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  17. Intune App Wrapping iOS

    Clarification Question for this Microsoft Doc: https://docs.microsoft.com/en-us/intune/app-wrapper-prepare-ios

    When wrapping the iOS app via Intune App Wrapping, does the wrapping not change the App IDs and can only wrap working apps with matching provisioning profiles?

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  18. Need better guidance on how to enroll devices at our customers - basically enrollment guide for resellers

    Need better guidance on how to enroll devices at our customers - basicall enrollment guide for resellers

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  19. Supported platforms for device level passcode reset Android devices enrolled with a work profile No however in

    Supported platforms for device level passcode reset Android devices enrolled with a work profile No however in

    For Android Enterprise device owner or work profile devices running version 8.x or later, after the reset passcode is selected from the console, the MEM Intune admin is presented with a temporary passcode. The temporary passcode must be entered on the device. The temporary passcode for the device will be displayed in the console for 7 days.

    This documentation is confusing us

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide overview about App PIN groups, SSO and SLO capabilities per app

    We enforce App PIN via Intune MAM. Also we'd like to have Single-Sign-On and Single-Log-Off across all managed apps. There is no overview showing which app supports what.

    Regarding the App PIN e.g. Word, Excel and PowerPoint share a common PIN but the Yammer app uses a different one. Why do we need to find that out in own tests instead of it being documented?

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base