I'd like to remove the need for a user to have to enter their UPN when launching Onedrive for Business for the first time on an Intune enrolled device (similar to a mail profile, but for OneDrive for Business). Seems to be an obvious ask to keep Microsoft tools all auto configured when enrolled76 votes
Dynamic Device Groups are syncing at 'random' times. It would be nice if manual synchronization of Dynamic Device Groups would be possible. We are using DDG's for deploying applications and policies to iPhones. Customers are experiencing that they sometimes have to wait up to 24 hours for applications to deploy because the DDG's are not synchronizing. If it would be possible to manually or schedule synchronization this would be a major help.33 votes
Currently, if an IT professional wants to either test Windows intune features or demo the features to potential customers, you have to sign up for a trial. Features change so often though, and (my customers anyway) often want to see what the product does and you end up signing up for multiple trials and rebuilding your lab/ PoC environment. My MSDN subscription includes $150 of Azure Credit, Intune should be there as well23 votes
Azure credits work differently than trial accounts, as you’ve seen.
One thing some people don’t realize is, we have no limit to the number of trial Intune tenants you can create for a single email address. Believe me, I’ve created dozens on my Microsoft email address. We don’t care how many you create, though there is a limit that each tenant can have only one trial account. I know, it means you have to keep recreating environments, but at least it lets you see what’s new any time you want.
If you are a Microsoft Partner, we have benefits that help with this. You can check out https://wpc.microsoft.com.
Hi, Carl, can you give us more information about what you mean? What are the specific uses cases you are looking for?
Have a shared device configuration where users can check in and check out of a device it will grad specific policies for the user while they are checked into the device.
For example it will allow them to download e-mail when they are checked into the device.16 votes
Currently we can view by the device name but this value is setup by the user on their phone. Normally is a nick name or a shortname, like Johns iPhone. I want to view by the employees AD name so that it's easy to find someone.16 votes
There are only a few limited device attributes that can be used for dynamic device groups in Azure. Please can you add some more? A few of interest personally would be.
* Dynamic device group for DEP Enabled (non DRS joined devices) - As DEP Enrolment in Intune does not DRS register, an attribute to collect all affected devices (for reporting and remediating would be ideal)
* Device Threat Level – an attribute to pull back all devices with a specific threat level, i.e. High, Medium, Low, None (as per screenshot showing it working in ConfigMgr)14 votes
I have a number of admins and as I need them to manage mobile devices, I need to make then Global Admins.
Please provide an option to make this more granular11 votes
I would like conditional access to be able to block users without a valid Intune license instead of just ignoring the policies.11 votes
Add field to add comments for any actions that admin may apply to a device.
"Locked device per Incident Ticket #123."
"Retired device per Service Request #456."
Comment field is helpful for when a user calls Help Desk to report his MDM is no longer working, agent can refer to comments field for history of actions that have been done to device.7 votes
It would be useful to be able to assign users to a group based on their device ownership. Particularly where we want to make some apps available for users with personal devices, but required for users with company devices. Currently the User groups need to be manually updated, so a mathod to dynamically add the registered user of a device to a user group based on the ownership (or other attributes) of their device would be handy.6 votes
We are looking for an notification email when end users license is removed or revoked without Global admin interaction.
We are looking for an notification email when end users license is removed or revoked without Global admin interaction. We need this email to be triggered to all global admins.
Id like to be able to use certificates as a MFA mechanism as well OTP. This would add extra functionality to SCCM hybrid scenarios where we use SCEP and NDES4 votes
To retire/Wipe data once a Intune MDM user leave the organization needs Global Admin or Intune Admin rights. Ideally this should be a helpdesk routine task. There is no Powershell command available to automate this task too. From a User lifecycle management this is a major drawback as we manage Airwatch and MobileIron also which has RBAC to do this4 votes
I can create dynamic user groups eg all users where department equals Sales
I can create dynamic device groups eg all devices where device Type equals iPad
What I would like to be able to do is create a dynamic group that matches all iPads for users that are part of the Sales group.
This allows for greater granularity scoping policies and app assignments in Intune where i may issue multiple iOS devices to the Sales team and need to manage their iPad and iPhone separately.3 votes
Makes Microsoft stores in India for your customers and In Microsoft mobile phone Increase more Apps in App store.Microsoft mobile best of other mobile.3 votes
Create a group on intune
assign a user that has a FQDN (not a .onmicrosoft.com address)
Apply EMS license to the group (may affect with other licenses)
It changes the users primary email alias to .onmicrosoft.com
If you have on-prem active directory syncing to Office 365, you cannot change the alias back.
The only way to fix is adding a proxy address in the custom attributes in the on-prem active directory which is a slow process for large groups of users, as you can only do 1 by 1.
Office 365 support suggested I posted this on here.3 votes
we can only send out one TOU for our users to accept when enrolling. We need to separate Data protection and User agreement per Legal in EU
And with GDPR, all data processing consents must be separate from other acts of acceptance so come May 2018 a single consent for data protection and the user agreement will not be valid for data protection in the EU.
I would like the option to add multiple TOU to our tenant3 votes
It would be great to have a feature for deleting links that are deployed on web app of management portal.
The reason is I have deployed wrong links on multiple mobile phones and now I cannot remove links unless I unenroll them and enrol them .again3 votes
We are setting up group membership and found the best way to do it was to create dynamic distribution groups that are added by the "department" field in AD. The issue is that when you attempt to add that group in Intune, it only sees security groups.
Current workaround is the create the dynamic group and then create a security group where the criteria for membership is to be part of the dynamic group.1 vote
- Don't see your idea?