Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Users on managed devices need browser-only access with no ability to download, print, or sync files for SharePoint and OneDrive Online

    I cant manage to have browser-only access with no ability to download, print, or sync files on managed device for SharePoint Online and OneDrive for Business Online for Windows 10 devices . I have a CA which block unmanaged windows 10 devices. I have another CA which grant access to windows 10 complaint devices (enrolled in Intune and marked as compliant). i have a customer who wants to block unmanaged windows 10 devices and allow browser-only access with no ability to download, print, or sync files on managed device for SharePoint Online and OneDrive for Business Online for Windows 10…

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to setup conditional access policy to only allow access to specific applications from certain WAN IP addresses

    Ability to setup conditional access policy to only allow access to (proportions of applications in) Office365 from trusted IPs. Currently this is not possible without ADFS claim rules.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Our exisiting CA policy does not block email clients like Newton, Inbox for all etc.. which uses legacy auth. How do we block them?

    We users circumventing our policy of accessing corp email on non-enrolled devices. We need to have option to block all third party that use legacy auth via Intune; only allow native and Outlook app

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Need enrolment *** Office 365 accessing to happen ONLY if the device contains an Anti Virus and if it is updated

    Need enrollment *** Office 365 accessing to happen ONLY if the device contains an Anti Virus and if it is updated.

    if this can be achieved, will be happy since we have this requirement standing long time with.

    Please reply with positive feedback.

    Rizmi

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  5. Inconsistent Remote task experience with AAD and WPJ Windows 10 PCs

    Work Group or Domain joined/WPJ: Only Wipe available

    AAD (OOB): Wipe not available, Reset Password, Lock available

    Work Group/AAD Join: Wipe not available, Reset Password, Lock available

    For WPJ machines Passcode and lock remote actions unavailable.
    Also, https://docs.microsoft.com/en-us/intune/deploy-use/use-remote-wipe-to-help-protect-data-using-microsoft-intune
    Says Windows 10 does not support selective wipe for Azure Active Directory joined devices

    It will great if we get a consistent experience.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  6. Restriction settings for “Music, Podcast and News”

    It would be nice to have more granularity in the “Allow adult content in media store” settings in the Media content section of the iOS intune configuration policy. Just like for the other option like in TV or Movies or Apps sections.

    The “Allow adult content in media store” settings in the Media content section is indeed what drive this behavior and “Explicit” includes Adult content.
    Right now, contrary to the other Restriction settings the one for “Music, Podcast and News” is binary i.e. Explicit (including Adult) or Clean, there is no in between, for now

    It would be nice…

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enable device groups conditions

    Enable in "conditions" filters based on device groups. This will enable different policies assigned to COD Devices and BYOD Devices coming from the same user.

    eg: user John has a COD device that is not compliant and he is not using the correct client app. I want to enforce compliancy AND approved app.

    the same user has another device (BYOD). I want to enforce only approved apps.

    Thanks

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow Conditional Access use for Azure MFA licensing

    It would be great if Conditional Access could be included in the Azure MFA per user or per auth license.
    A lot of customers want MFA with a conditional access policy to apply MFA to all users and to skip MFA for trusted IP locations.
    Under the current licensing AADP1 is too expensive for Office 365 SMB customers. There should be a conditional access 'basic' version that works with Azure MFA.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  9. Antimalware/Antivirus check for complaincy/Conditional Access

    Would be good if there was an ability in Intune Conditional Access to check if a Virusscanner is installed and up-to-date. Also support 3rd party vendors. Mac/Windows specifically (as Android/iOS) have this ability.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  10. Detect and block Developer Mode

    If it is possible somehow, please make possible to detect or even block developer mode for devices. We need to secure files stored on mobile devices and with developer mode are accessible freely.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  11. Conditional Access un-check Windows mobile and Windows devices then saved they disappear completely!

    When configuring Conditional Access - if Windows mobile and Windows devices check-boxes are un-checked, and then the configuration is saved, ONLY iOS and Android are offered as options from that point forward. I can find no way to get the options to include Windows devices.

    see screen shot of options after this is saved -the Windows configuration options are gone.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. Blocking Word, Excel and PowerPoint

    I would like to be able to block MS apps like Word, Excel and Powerpoint using Conditional Access. I created with an url link but that it is not support but MS Teams or Planner does.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  13. Windows 10 Pro Lockdown per user

    I have windows 10 Pro laptops, Bring your own device. They will log on with their azure AD account. What I want is block all personal apps eg (abode photoshop, any Exe files they user locally when they are logged on with their domain account..... only use apps which we deploy vi Microsoft Intune . When they log back as local user they can access every thing they want. Can we create a policy per user to block apps in Microsoft Intune.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  14. Conditional Access for PC Managed devices allowing EAS access.

    Conditional Access for PC Managed devices allowing EAS access would enable the use of the Mail app in Windows 8.1 and Windows 10.

    I've spoken with Intune Support and they've recommended enrolling the devices under MDM, but this isn't a reasonable expectation in many circumstances.

    0 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
1 2 3 4 6 Next →
  • Don't see your idea?

Feedback and Knowledge Base