Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Intune - Default Calendar/Contact/Mail Account on iOS devices

    The ability to set the default calendar/contacts/mail account when an iOS device is enrolled with Intune.

    66 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Mix User Groups assignment and Device Groups exclusion

    We need a solution to configure Intune policies and software deployment for a large customer who has users with registered AND AAD, who have connected W10 devices that we both like to manage with Intune.

    We want to apply (mainly security related) policies to the registered devices (BYOD) and policies and software to the AAD connected devices (corporate devices). Now that we apply the configuration to user groups, how can we say that we keep the software packages away from the registered devices and apply them to the connected devices for the same users?

    We tried to apply the configuration…

    64 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Set custom background and logos via Android Enterprise device configuration policy

    Currently setting custom backgrounds on Android Enterprise MDM devices in Intune is only available for devices that are in a kiosk mode configuration, it would be useful to enforce a custom background and logo on managed Android Enterprise devices within Intune in a non-kiosk mode configuration.

    Is this something in the pipeline?

    62 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Provide the possibility during installation to give the Device a predefineded hostname

    In an Enterprise Devices do follow a Special naming convention. Currently it is not possible to rename the devices or give the devices a predefined Company hostname during installtion. It would be good if at least an Input field would be available to give the device a hostname. Or if the Admins could predefine a hostname during the enrollment process of the Hardware ID.

    Thank you in advance

    58 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  5. retain Intune cached MSI with out auto delete

    We have deployed single MSI to Windows 10 MDM enrolled computer using Intune

    We can see the cache location - C:\Windows\System32\Config\SystemProfile\AppData\Local\mdm

    How can we retain the cached MSI without getting deleted automatically ?

    Is there a way to configure the cache period ?

    57 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe.

    Completely separate the "Remove company data" and "Factory reset" buttons far enough apart to avoid accidental full device wipe. Currently these buttons are right next to one another and it is very easy to accidentally perform a full device wipe (factory reset) on a user's personal device - losing all data, versus the intent of just wiping the company data. Consider putting the "Factory reset" button in the "..." more section -- away from the primary choices.

    55 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  7. The ability to block specific dangerous / malicious applications

    The ability to block specific dangerous / malicious applications for iOS and Android. (competition can do it)

    52 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    noted  ·  3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. access file server on on-premises network

    Will Microsoft deploy an application like secure context locker from AirWatch to access on-premises file server and links. Then, use container concept to protect the downloaded data on the application.

    52 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Users to be automatically signed into the Company Portal App after enrollment from DEP.

    From Out-of-Box, After enrolling into Intune and having Company Portal deployed as 'required', it would be good if users where automatically signed into the Company Portal App and skip the need for a secondary login phase.

    I don't know the purpose of this.

    It should know whether or not the device is Manually or automatically enrolled.

    51 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. how to track SIM changes or prevent SIM changes on mobile devices in Intune

    how to track SIM changes or prevent SIM changes on mobile devices in Intune

    This has become a crucial requirement because other MDM solutions have it right from the beginning.

    Thanks.

    Rizmi

    44 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Preview of notifications on lock screen iOS/Knox

    It would be a great Security benefit if we got the ability to Block Notifications from showing preview content on the Lock screen. MFA one-time codes and preview of emails are readable from the Lock screen.

    42 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Option to delete device from AAD when deleting it from Intune and automate lifecycle

    We use the option to automatically join a device to MDM when performing joining it to AAD. Currently when we delete a device from MDM, it is automatically removed from MDM (and the device certificate is revoked in our PKI). However we still need to manually remove the device from AAD. We would like an option to also automatically remove the AAD registration. It would be great when it was also possible to clean the registration from the Off365 Office Installs (portal.office.com/Account#Installs). Adding rules to automatically cleanup inactive stations (eg based on #days inactive or user account disabled) also eases…

    41 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China

    Microsoft Intune is not able to remote wipe and reset password for managed mobile devices in China. This is confirmed by Microsoft Support and escalation team. As per replied "This is due to Chinese government policies, this function is not fully functional in mainland China. Therefore the service cannot be guaranteed to work with all features".

    Unfortunately if a Enterprise Mobile Device Management solution cannot even effectively and reliably remote wipe a Corporate device when it is lost, which is instrumental and basic for managing Corporate mobile devices, it cannot be branded as a Enterprise MDM solution. We will now…

    39 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add device information to reporting (MAC, Phone number, IMEI, SIM)

    The information when you click on a device is VERY limited.

    We use MAC addresses to allow access to our corporate wifi. With BES I can get this easily. Intune....nothing. This means I need to ask each user to gather their MAC address.

    Other things that are missing that should be easily gathered:

    Phone number
    IMEI
    SIM

    There are more but this is the important one.

    While I hate using BES it seems to consistently beat Intune in the simplest of things that should be part of the starting tool set for any MDM.

    For us this needs to be…

    37 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Show display settings in the managed home screen

    Currently the managed home screen allows the user to adjust volume settings, set bluetooth setting, and view device information. I would also like to give the device users the ability to adjust the display settings on a device.

    Features like being able to adjust the brightness of the screen, turn on and off auto brightness, set the sleep interval, and the ability to turn on and off the auto-rotation of the screen.

    We like the ability to lock down the tablets with the managed home screen, but it would be nice to give the device users the ability to adjust…

    36 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. see what groups in Azure AD a specific device lives in

    I would like to have the ability to see what groups in Azure AD a specific device lives in. There are cases where I need to put devices in specific groups. Later, I need to replicate what a device has on it to another device. I need to know which groups a device is a member of.

    36 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Staging capabilities for deployments

    It would be nice to have the ability to pre-stage a device prior to the user logging into the Intune Company Portal App.

    In a competing product, this is possible. A deployment person can log in, and do any prep work (for example. having to copy files into an App on an iPad that takes hours) long before giving the device to the user to sign in.

    This is preventing us from using Intune fully until this is resolved.

    Screen shots attached to show the setting in the competing product.

    Text below explains the Staging ability:

    • Single User (Standard)…

    35 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Secure corporate enrollment with user enrollment later

    Add the ability to enroll a device with no user affinity and then at a later time allow the user to enroll the device for user affinity without the need to wipe or remove MDM. This would allow the ability to send a device to a user with the Intune agent on it and then allow the user to enroll with their username and password.

    35 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Security and Event logging to SIEM and others via Syslog/PowerShell

    Ability to monitor what is happening with your devices and users.

    34 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  20. dynamic group rules needs Management Name device attribute associated with it

    With the inclusion of the Management Name property, I believe a device attribute should be created that is associated with it allowing Dynamic Group Rules functionality. I would like to create dynamic group criteria based on the Management Name I associate with a device. For example: (device.managementName -contains "MyCustomManagementName")

    33 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base