Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enroll Mac without Company Portal

    Would be much easier to enrol Macs without the Company Portal app and just enrol Macs using a Profile (Similar to the Apple Configurator enrolment, but for the Mac.)

    Would be easier for those that need to enrol a Lab of Macs that don't have DEP or needing to install Company Portal on every single one manually.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. Specify Airprint printer by hostname

    Currently you can only specify printers by IP address in the Device Profile for iOS Airprint. We require hostnames for our print servers for the purposes of using round robin clusters of IP addresses.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. Deploy DMG and APP also (Not just pkg)

    It would be great to be able to Deploy DMG, and app, maybe even scripts, Like for Teamviewer deployment.
    I'm pretty certain most options were available in SCCM.

    Thanks

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. support multiple Partner device management entires

    modify intune to support multiple partner device management application IDs that can support multiple MDMs being able to write devices into Azure AD.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. MacOS - Create Standard vs. Administrator user plus use AAD Credentials

    It will be great if MS Intune can have the ability to create standard vs. administrator account. Ideally if the possibility will include the usage of AAD/AD credentials and account.

    Example:
    During the DEP enrollment the user account will be created while the Intune admin will have possibility to choose if the user will be standard or administrator. (Same we have with Windows 10 Autopilot)
    During the DEP enrollment the AAD account can be used to enroll the macOS devices (same feature which Jamf Connect offers).

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. When sharing an iPhone contact that has Custom Labels, custom labels do not save

    The format of the contacts saved through a corporate account on an iPhone does not work with iOS (according to Apple support) and causes custom labels to be lost when sharing the contact with another iPhone user.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support more genularity in screen lock settings (macOS)

    When setting the lock screen or idle time it is a little restrictive. You can chose 5 minutes or 10 minutes. It would be good to be able to choose any number of minutes or at a minimum allow for 10 minutes.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  8. USB Connection Restriction Policy for MACos

    Like the Windows 10 policy set a restriction for the MACOS. Apple Configurator has the restriction available in policy, "Allow USB drive access in Files App". Just please add to Intune options.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  9. Company Portal app (Mac) should run in background

    On a Mac, the company portal app needs to be running all the time to be useful. But it's not designed that way - it runs like a normal app. You can close it, and it goes away. This leads to frustrating problems with the computer being out of compliance, and the user not having any idea.

    Apps like this which need to run all the time should "close" but stay running in the Finder's taskbar. Like OneDrive or a virus scanner.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. MacOs Packages support for choices xml files

    It would be great if there was support for adding a choices xml-file to the intune package so we can control installation options for packages.
    This is very much needed for packages like Cisco AnyConnect where it let's you pick what components to install during the installation.

    It is manually done like this:

    Generate the choices file:
    installer ‑showChoicesXML ‑pkg /path/to/AnyConnect.pkg ‑target / > /path/to/choices.xml

    Install command:
    installer ‑showChoicesAfterApplyingChangesXML /path/to/choices.xml ‑pkg /path/to/AnyConnect.pkg ‑target /

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  11. mac disk encryption support

    Native/Intune support of File Vault Disk Encryption for MAC

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. Wifi MacOS wpa-tls allow multiple root certificates for validation

    In wifi profile for macos, WPA-TLS, in server validation it should be possible to select multiple trusted certificates. You can currently only select one.

    This works and is possible for iOS plattform.

    Please look into this so we can have The same flexibility on macOS as on iOS

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Location Services MacOS

    Add location services for MacOS as a Intune Configuration Profile setting, since this is required for automatically set the TimeZone.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. See recovery keys in Azure portal after the "Wipe" command is issued

    After issuing device wipe, MacOS devices sometimes get stuck in Wipe Pending state, it would be useful to still have the possibilty to see the recovery keys in order to be able to access the device. In current state it is not possible to see recovery keys once the Wipe command is issued.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. Implement institutional recovery key (IRK)

    Please implement the ability for Intune to deploy and control institutional recovery keys.

    https://support.apple.com/en-us/HT202385

    Personal recovery keys are not enough for enterprise.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  16. Error message is incorrect in Company Portal app

    We disallow personal Macs from enrolling in Intune. When a Mac tries to enroll and the serial number is not marked as corporate, the Company Portal error doesn't explain the issue. Instead it says that the Mac is a virtual machine and that is the issue. This is very confusing to end-users. Please fix the error message.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make InTune for Mac fit for purpose.

    InTune for Mac is abysmal.

    MS should do some basic research into MDM for Mac and what other vendors are doing before engaging in any further UserVoice crowd-sourced, ad-hoc tinkering.

    The product is so far behind the others.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. |/*

    bplist00Ŗ ¬ -"#$%&'#()*+ BuildMachineOSBuild CFBundleDevelopmentRegion CFBundleExecutable CFBundleIconFile CFBundleIconName CFBundleIdentifier CFBundleInfoDictionaryVersion\CFBundleName CFBundlePackageType CFBundleShortVersionString CFBundleSupportedPlatforms CFBundleVersionZDTCompiler DTPlatformBuild DTPlatformVersionZDTSDKBuildYDTSDKNameWDTXcode\DTXcodeBuild LSMinimumSystemVersion NSHumanReadableCopyright]NSMainNibFile NSPrincipalClassV18D39aRen^Install SetappWAppIcon com.setapp.InstallSetappS6.0TAPPLV1.18.7°!VMacOSX "com.apple.compilers.llvm.clang.1_0U10B61RGMU18B71[macosx10.14T1010U10.10o 5 C o p y r i g h t © 2 0 1 8 S e t a p p L i m i t e d . A l l r i g h t s r e s e r v e d .XMainMenu]NSApplication 9 O k Ä ď ¶ Ľ Ř Ť Ģ 8 J U g { Ü ź ė • ĺ Ŕ Á ķ 6 : ? F H O t z…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Mark OSX Devices as Non-Compliant when dis-enrolled from intune

    Currently devices show as compliant even several days after disenrollment from intune. According to support it is currently not supported to mark these devices as non-compliant despite the compliance policy. This is a basic function of an MDM solution.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enforce filevault encryption

    Intune should be able to enforce Filevault encryption. At this point in time when Filevault policies is enabled the user is able to cancel the encryption indefinitely and therefore Intune cannot be used to set policies that can be used for audit ref Microsoft support Ticket #:18767886 that ended with the conclusion that this is not possible.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base