Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support exporting and importing conditional access policies using PowerShell

    Support exporting and importing conditional access policies using PowerShell. This would be handy for backup purposes, but also for re-use of the same policy rules between test and production tenants.

    The Microsoft Graph API currently do not have any REST APIs for accessing and creating conditional access policies: https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/resources/intune_graph_overview

    Also vote under Azure AD: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19198480-support-exporting-and-importing-conditional-access

    161 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
    • Intune Graph API should be accessible non-interactively

      In order to automate tasks with Graph it is essential that scripts can be run non-interactively. Currently the Graph API requires a user login for delegated access to be able to access the /ManagedDevices/ endpoint of the API.

      Received confirmation from Peter Richards that this is currently not supported.

      Steps to reproduce
      Create an Application in Azure
      Populate and run this script
      $OauthTokenEndpoint = 'https://login.microsoftonline.com/tenantid/oauth2/token';

      $OauthRequest = @{
      grant_type="client_credentials"
      client_id = "clientidguid"
      client_secret = "clientidsecret"
      resource = "https://graph.microsoft.com"
      scope="DeviceManagementManagedDevices.Read.All"
      }

      $AuthResponse = Invoke-RestMethod -Uri $OauthTokenEndpoint -Method Post -ContentType application/x-www-form-urlencoded -Body $OauthRequest
      $Token = $authresponse.access_token

      #this query…

      118 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        6 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
      • Assign mobile application to user directly(not through the AD Group)

        There is the application flow:

        1. Admin uploads a mobile application(mobileAppId) as a blob to the Intune web Portal and configures it.
        2. User X(Non-Admin) using his mobile device has to install a mobileAppId to his or selected User's(targetUserId) mobile device which was enrolled as well. He(User X) should have the ability to click the button "Install". After clicking the request should be created and sent to the Microsoft Graph API(Intune) or any other(if exists) API. API should send the notification back to the targetUserId's device. After the confirmation message about starting the application installation process should be shown on…

        27 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          2 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
        • Manage device information from PowerShell cmdlets

          I've looked all through the MSONline module, and don't see any options to manage my end user devices. I need this information to write a connection into serviceNow, because of some business needs. I'm considering using Matt Graeber's excellent .net relection tool, decompile the cmldets and make my own!

          Is there a method I'm missing to get to devices from PowerShell?

          27 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
          • Allow Graph to update corporate device identifiers

            The only method of getting corporate devices identified in Intune is to upload a CSV.

            We'd like the ability to use native PS commands or Graph API to add new devices in as they are purchased.

            Graph allows me to get devices after they've been enrolled, but I want to add them in pre-enrollment.

            19 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              3 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
            • Secure authentication within PowerShell scripts for Intune MDM

              We would like to authenticate to services, like Azure Storage or Azure SQL from an Intune MDM PowerShell script.

              However, with PowerShell scripts in Intune MDM the source, including passwords are visible in plain text, for instance when you review the log files in C:\ProgramData\Microsoft\IntuneManagementExtension\Logs.

              We would like a secure way to safely authenticate with different services from PowerShell scripts in Intune MDM. For instance by being able to preconfigure one or more Credential- or Variable Assets passed (as parameter?) with the PowerShell script configured.

              A credential source provider could be Azure Key Vault or Azure Automation Credential- and Variable…

              10 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
              • Provide a way to access bitlocker recovery keys programmatically

                Provide a way to access bitlocker recovery keys programmatically.

                10 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  1 comment  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                • Run PowerShell scripts in a 64-bit environment

                  PowerShell scripts deployed through Intune run in a 32-bit environment, which causes issues when executing 64-bit commands. While this can be worked around by calling the commands through sysnative, it's extra hassle.

                  A more robust way of targeting scripts based on system architecture and having them execute in a 64-bit environment where available would remove the need for these work-arounds.

                  4 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                  • Improve/offer decent REST API for all Intune features

                    We are still in eval phase, and are supposed to use Intune with more than 100000 laptops/desktops in our company.

                    This means if the laptops have a 3years lifecycle, then there are more than 100 devices that must be deleted every day from Intune DB across the globe.

                    Please add ability to delete devices using a REST API, based on criterias like "Last Contact Date", as it is also impossible to know if a device has been stolen/lost/sold to broker. So we must be able to extract the attributes shown in Intune for each device, like we do currently with…

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      1 comment  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow viewing Device Management Powershell scripts in the portal

                      Having the ability now to use powershell scripts to manage devices is pretty neat. It would be even greater though if the uploaded scripts were readable (and maybe even editable) from the Intune portal, Thanks!

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                      • Include device serial in the /managedDevices/ data

                        Please include the device serial numbers for device data obtained here /managedDevices/

                        2 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                        • Don't see your idea?

                        Feedback and Knowledge Base