Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Intune Device Compliance Evaluation not stable (False/Positive)

    Intune Device Compliance sometime fails to evaluate the correct data.

    We set "Windows Firewall" to be a device compliance setting. The Windows Firewall is running fine but Intune fails to detect (False/Positive) with custom error message:

    -2016345612 (Syncml(500): The recipient encountered an unexpected condition which prevented it from fulfilling the request)

    We're also getting sometimes Issue with Evaluation of Bitlocker Settings.

    335 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    32 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  2. Disable Windows Hello on Windows Devices after Intune Enrollment

    There is no way of disabling Windows Hello after Intune enrollment, and when using mapped SMB shares and PIN logon, you always get prompted for a username/password to browse the folders.

    We need the ability to disable Windows Hello (PIN/bio-login), and force Password login on Windows devices already enrolled in Intune.

    325 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make it possible to migrate from Computer (intune agent) devices to MDM devices

    With the new Intune Portal within the Azure Portal the 'classic' Intune Agent gets more and more obsolete.

    I don't know when the intune agent will be end of life of if it wil be end of life. (maybe something to document?)

    I would like to see a possibility where the 'classic' intune agent gets uninstalled and the device gets enrolled in MDM (Intune MDM) automaticaly.

    So for example, I have 300 computer devices managed by Intune through the Intune Agent. I want these computers (that are in use) to be enrolled in MDM instead of the Intune Agent in…

    76 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  4. No auto-restart with logged on users for scheduled automatic updates installations

    Intune lacks the equivalent of the group policy setting "No auto-restart with logged on users for scheduled automatic updates installations".

    There are many mission critical environments where we're only able to force updates 1-day a month during a very specific maintenance window.

    With this setting, computers should only install updates after deadlines have passed and updates become mandatory.

    66 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  5. Rotate Bitlocker Recovery Keys Periodically

    The device would be more secure if we have bitlocker key rotation option available at Intune Device configuration policies or by any other methods.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  6. Intune Device Lock Policy

    The "Password" section of the Device Configuration Policy 'Windows 10 Device Policy' If the'password' is set to 'not configured' and 'Maximum minutes of inactivity until screen locks' set then the policy still applies.

    In order to fix this I had to toggle Required for the Password Field then I could access the Field "Maximum minutes of inactivity" and set it to Not configured.

    This seems like a bug. If the Policy is set to Not configured then it shouldn't configure anything but it was clearly configuring the maximum inactivity timeout still.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  7. Endpoint Protection Alerts

    It would be nice to have the critical alerts for endpoint protection send an email to the effected user when a issue is detected.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  8. manage personal computers as computers?

    I wish there was some kind of support for Intune to manage personal computers as computers. I run a computer repair shop and I see lots of people falling for these scams involving overseas people offering remote managed services, but instead of offering real services, they just install fake AV software and spyware, and charge big money for it too! I'd like to offer a legitimate service that includes managed AV and "light" system monitoring (health status), and Intune seems to include this, but only for Pro versions of Windows. Can Intune not run in a limited fashion on Home…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →

    Hey, an update on this –
    Windows 10 Home does support very limited MDM capabilities. Intune is able to manage Windows 10 Home. Many of the CSPs (configuration service providers) are disabled on Home version, and if Intune tries to push these to Home devices, these CSPs will fail. This is by design.

    I’m not marking it “complete” because you’re saying “manage personal computers as computers” and this would really be “manage personal computers as mobile devices.” But in case this helps you at all, here you go.

  9. Ability to perform Office365 updates through Intune

    Believe this feature does not exist currently. We need to have the ability to update Office 365 updates through Intune with better control. Hope am not overloooking any feature which allows us do this currently.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  10. The ability to only allow specific machines to access corporate email via outlook e.g. corporate windows clients

    Since migrating to EO plan1 we have allowed access to corporate email.
    We are regulated so security is very important.
    In this respect (due to the type of content shared by email) we have restricted any devices accessing EAS via non-company devices. We have also blocked OWA. Next, we need tto stop non-corporate devices from accessing email through outlook.

    I've been told intune could have dont this but it cannot..
    suggestions. ?

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow deployment of driver updates (available from MU) to managed PCs

    WSUS allows admins to deploy certain driver updates (available from MU) to managed PCs, while Intune does not currently support driver deployment.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  12. Dashboard Update Intervals

    One major negative aspect of the well designed dasboard is the time it takes, until changes become visable.
    Warnings and critical massages stay a very long time, which is confusing with hundrets of clients involved.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  13. Disable Windows Hello after Azure Join/Windows Enrollment

    We need the ability to disable Windows Hello (PIN/bio-login), and force users to log in with Password, on devices Windows already enrolled with Intune.
    If users login with PIN/Windows Hello, mapped SMB shares and printers always prompts for password.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  14. Intune Device settings docs downloadable as .csv file from Intune UI

    From this doc https://docs.microsoft.com/en-us/intune/configuration/device-restrictions-windows-10 you can see every single thing you can configure in Intune and it is broken down per section. It'd be great to select a button in Intune UI, and then get all the settings downloaded.
    This would be perfect to document "As-built" configurations done in Intune.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  15. Get report of last user to login to a device

    For reporting purposes, it would be beneficial to get a report of users that have signed into an Azure Ad joined device for shared computer scenarios. It would also be great if this report can be pulled with a REST Api.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  16. Intune Shared PC Mode - Windows 10 Pro

    I strongly suggest that Intune team look and rectify issue with the Shared PC Mode. Currently if we want to set up custom Lock screen picture via Intune it disables out Quick Access in File Explorer. However if you Enable Shared PC Mode via GPO or via PowerShell and .ppkg file created from Windows Configuration Designer that feature works without problem - Quick Access is still available in File Explorer.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  17. I would like a feature that allow me to set the time zone at deployment.Currently I am using a powershell script as a workaround.

    CUrrently while deploying with intune there is no way of setting up the time zone. While automatic time zone might work for some clients, I am behind a vpn from another country so that option will also be unusable for me.

    The only way of setting the time zone as of now is by using a powershell script , this is just a workaround.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  18. Improve timeliness of Device Compliance reporting

    We regularly see VERY long delays with Intune evaluating device compliance. A device will show as not compliant for HOURS after all compliance issues have been remediated, even after forcing check-ins and ensuring that check-ins worked. It often takes 4-6 hours or more - sometimes we have to wait until the following day for a device to show as compliant.

    This causes significant problems when you are using Conditional Access to require device compliance in order to access resources. This is a badly needed improvement - it causes problems every time we deploy a new computer.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  19. Endpoint Protection should detect all AV software versions

    Endpoint protection not disable when kasperksy installed pop-up displays on log on
    Users on startup get error, "this app has been turned off and isn't monitoring your computer" when using Kaspersky Endpoint 10

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  20. Microsoft 365 Device Management SUCKS

    I was able to create a policy and apply it to my machines. And as I have stated I am EXTREMELY DISAPPOINTED and FRUSTRATED with Microsoft with the fact that my NONE of my previous policies or setting migrated to your NEW platform… Now I have to RECREATE all my update policies and everything else… SO GLAD I HAVE NOTHING BETTER TO DO THAN TO RECREATE WORK I HAVE ALREADY DONE!!!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base