Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deploy unique computer certificates using Intune/SCEP/NDES

    We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

    The story behind this idea is as follows:

    We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

    488 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      9 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    • Add a policy to prevent device unenrollment from Company portal

      Companies provide devices to their employees and generally wants to make sure that these devices will always remain managed through Intune. It could be interesting to have a policy that prevent users to unenroll a device identified as a company device from the Intune company portal.

      439 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        33 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
      • Folder redirection to Onedrive for Business

        I would like to have a Intune Policy to redirect, for example, the Documents folder of an Azure AD Joined device to Onedrive for Business of the user.

        380 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          18 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
        • Deploy printers

          Give us the option to deploy printers with Intune

          360 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            13 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

            You can deploy AirPrint settings for Mac and iOS – https://docs.microsoft.com/en-us/intune/air-print-settings-ios-macos

            You can configure some printer settings under device restrictions for Windows 10 – https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10

            But I’m hearing from a few people that this still doesn’t really help users get to local printers, and that seems the original intent. (@Henrik, if you’re getting this, please weigh in!)

            We won’t call this one complete. I’m switching this to “noted”, meaning we know you want it. Thanks again for the feedback!

          • Change registereed owner for corporate owned devices

            We shouldnt have to reenroll a device everytime a device changes owner. Please can you make it possible to change the device owner for corporate devices so we can propally audit without additional software? Kinda the purpose of an MDM

            292 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              12 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
            • Provide options to disable or prevent factory reset option for Personal devices.

              Provide the ability to prevent a factory reset from being able to be performed for devices enrolled as personal devices. Only allow an enterprise or selective wipe for said devices. It's way too easy for a mistake to be made which can open up a can of legal issues. Our current MDM (Airwatch) allows for this and the device wipe option only appears on the admin console for corporate owned devices.

              174 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
              • Remove duplicates

                Every time when you rebuild (reinstall Windows and Intune client) a corporate PC witch was already managed by Intune a duplicate computer record is added to Intune database. Now we manually removing duplicates every month. Can you automate it?

                172 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  noted  ·  5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                • Allow Device Serial Number

                  Allow the use of Device Serial Number when assigning devices to a Intune Azure AD Device Group. We have thousands of iPads that are DEP enrolled and assiged the User-Agnostic Attribute. We also have multiple DEP profiles. These devices do not have users names or email addresses assigned to them. They all have the same device name also, i.e. iPad. Thus, there is no way to open an Azure AD Device Group and add a specific device to it because the only attribute(s) that make one iPad different from the other is: Serial Number, IMEI, or the Unique Identifier. None…

                  156 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                  • Extend the SCEP enrollment profile with additional Active Directory attributes

                    At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

                    130 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

                      AS of the week of April 23, 2018, you can use the OnPremisesSamAccountName the common name in a custom subject on an SCEP certificate profile. For example, you can use CN={OnPremisesSamAccountName}).

                      As of Dec 11, when you create a SCEP certificate profile in Intune, you can now use the AAD_DEVICE_ID variable when you build the custom subject name. When the certificate is requested using this SCEP profile, the variable is replaced with the AAD device ID of the device making the certificate request.
                      https://docs.microsoft.com/en-us/intune/whats-new

                      I don’t think it gives you everything you want, but how close are we?

                    • Retiring and deleting devices takes way too long

                      When working with a user on the phone, and we need to retire and reenroll a device, the process of retiring takes a very long time, which becomes frustrating for not only myself, but for the user who wants to get their problem resolved and get back to work. Please work to improve the speed for operations like this within the console,

                      114 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        16 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                      • BYOD - Changing Intune Device Enrollment Limit to 1 for only a few users in Intune while allowing other users to enroll upto 5 devices.

                        We know by default in the intune tenant we can define “Mobile Device Enrollment Rules” that can allow up to a Maximum of 5 devices per user to be enrolled into intune. So in BYOD scenario the users are able to enroll up to 5 devices into Intune.

                        So in this BYOD scenario, sometimes we want to allow only certain users or User group to be able to enroll their devices but just 1 device into intune not 5 devices. While other users should be able to enroll up to 5 devices as configured under “Mobile Device Enrollment Rules” in…

                        94 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                        • Device Location for android and windows devices

                          You have device location for iOS, please bring that to the other platforms!

                          It's an incredibly important feature, and we can't fully migrate until its included. Every other MDM solution ever has this feature.

                          86 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Copy files to mobile devices

                            Hey

                            Create feature to deploy files to devices.

                            I really need this feature on Android devices

                            83 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              7 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Sequence of Policy/Applications

                              Other MDM solutions allow policies and mandatory applications to be ordered. Or a priority set to them. So what I'm looking for a is a priority for a deployment. This way I can enforce that WIFI policy or line of business apps are installed before the Office apps (at 500MB a piece).

                              71 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Copy/Clone/Duplicate Device Configuration Profile

                                When we inevitably need to create a new Device Configuration Profile for an employee with slightly different needs than the rest of the group we must recreate an entire profile from scratch for just the smallest difference, such as longer screen lockout time. If we could duplicate/clone/copy an existing Device Configuration Profile it would save time and potential errors.

                                67 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Selective Wipe for Azure AD Joined devices

                                  Please add the option to do a selective wipe on Azure AD Joined/Workplace joined devices.

                                  Azure AD Join and MDM auto enrollment are enabled with Intune and Azure AD Premium. When a Windows 10 Mobile is started for the first time (OOBE) it is possible to “Sign in with a work account” to join Azure AD and auto enroll in Intune. (https://technet.microsoft.com/nl-nl/itpro/windows/manage/join-windows-10-mobile-to-azure-active-directory#how-to-join-windows-10-mobile-to-azure-ad). When a Windows Mobile device is configured this way Single Sign On works for Mail, Calendar, Edge and the Business Store, which is great. But when the Selective Wipe option is initiated from Intune it does…

                                  67 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Mail Notification for Enrolled Devices

                                    I would like the ability to configure a mail notification when a new device is enrolled on the Intune portal. This will allow the admins to quickly categorise new devices as soon as they are enrolled.

                                    63 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Push encrypted content to device

                                      Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

                                      In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

                                      60 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Ability to modify APN (Access Point Name)

                                        Customers wants the ability to change the Access Point Name for enrolled devices from a public to a private owned one.

                                        53 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • The ability to block specific dangerous / malicious applications

                                          The ability to block specific dangerous / malicious applications for iOS and Android. (competition can do it)

                                          51 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            noted  ·  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 9 10
                                          • Don't see your idea?

                                          Feedback and Knowledge Base