Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Error message is incorrect in Company Portal app

    We disallow personal Macs from enrolling in Intune. When a Mac tries to enroll and the serial number is not marked as corporate, the Company Portal error doesn't explain the issue. Instead it says that the Mac is a virtual machine and that is the issue. This is very confusing to end-users. Please fix the error message.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make InTune for Mac fit for purpose.

    InTune for Mac is abysmal.

    MS should do some basic research into MDM for Mac and what other vendors are doing before engaging in any further UserVoice crowd-sourced, ad-hoc tinkering.

    The product is so far behind the others.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. |/*

    bplist00Ŗ ¬ -"#$%&'#()*+ BuildMachineOSBuild CFBundleDevelopmentRegion CFBundleExecutable CFBundleIconFile CFBundleIconName CFBundleIdentifier CFBundleInfoDictionaryVersion\CFBundleName CFBundlePackageType CFBundleShortVersionString CFBundleSupportedPlatforms CFBundleVersionZDTCompiler DTPlatformBuild DTPlatformVersionZDTSDKBuildYDTSDKNameWDTXcode\DTXcodeBuild LSMinimumSystemVersion NSHumanReadableCopyright]NSMainNibFile NSPrincipalClassV18D39aRen^Install SetappWAppIcon com.setapp.InstallSetappS6.0TAPPLV1.18.7°!VMacOSX "com.apple.compilers.llvm.clang.1_0U10B61RGMU18B71[macosx10.14T1010U10.10o 5 C o p y r i g h t © 2 0 1 8 S e t a p p L i m i t e d . A l l r i g h t s r e s e r v e d .XMainMenu]NSApplication 9 O k Ä ď ¶ Ľ Ř Ť Ģ 8 J U g { Ü ź ė • ĺ Ŕ Á ķ 6 : ? F H O t z…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. Default enrollment profiles isn't automating and there's no select all

    The setting for default enrollment profiles doesn't work. It should assign the default profile to incoming Macs. Instead I have to assign them manually. Which is made worse by the lack of a "select all" checkbox. Please fix this ASAP.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. Edit a device's assigned user or user-affinity

    Devices enrolled by a user or without user affinity cannot currently be re-assigned without removing the device from management and then re-adding. We'd like the ability to assign a user to a device from the InTune console. This would allow technical staff to enroll a device, and then assign it to an end user later.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  6. Mark OSX Devices as Non-Compliant when dis-enrolled from intune

    Currently devices show as compliant even several days after disenrollment from intune. According to support it is currently not supported to mark these devices as non-compliant despite the compliance policy. This is a basic function of an MDM solution.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enforce filevault encryption

    Intune should be able to enforce Filevault encryption. At this point in time when Filevault policies is enabled the user is able to cancel the encryption indefinitely and therefore Intune cannot be used to set policies that can be used for audit ref Microsoft support Ticket #:18767886 that ended with the conclusion that this is not possible.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  8. macOS Compliance & Configuration Security Properties Discrepancy

    When setting up Compliance Policies and Configuration Profiles it's confusing because the password properties are inconsistent. E.g. minimum password length has a max of 14 in the compliance settings, and a max of 16 in the configuration settings.

    Our org-wide standard is 15 characters. I tried removing the password properties in the compliance policy and removed and re-added the profiles on the Macbook, but it still shows 14 characters as the minimum password length.

    There is also a discrepancy between the Maximum minutes of inactivity before password is required and Maximum minutes after screen lock before password is required. Perhaps…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to set preinstall/postinstall scripts to pkg installations

    It would be helpful if there was the ability to specify pre/post installation scripts for LOB applications.

    This would need to work in conjunction with the "Microsoft Intune App Wrapping Tool for macOS" so the scripts are included in the "intunemac" package.

    Scripts could be used to setup an environment that a PKG may need to install certain applications or make most installation setting changes that allow for a smoother silent installation and a better user experience.

    ex:
    - Cylance Protect looks for an installation token in a file. Otherwise it prompts the user after installation.
    - Changing default preferences…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support macOS Device Configuration Profile for Exchange Web Services (EWS)

    Please add support for macOS Device Configuration Profile for Exchange Web Services (EWS). (Email) and include:
    * Username attribute from AAD
    * Email address attribute from AAD

    The payload is very similar to the iOS Device Configuration Profile for Email.

    https://support.apple.com/en/guide/mdm/mdmd86788a3/web

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  11. Manage Google Chrome on MacOS (Bookmarks, Home Page, etc.) like Windows

    Need to be able to manage Google Chrome on MacOS (Bookmarks, Home Page, Extensions, etc.) just as we can with Windows. Currently we configure all of these settings via the ADMX inject and URI parameters on Windows 10. We also have MacOS devices but we cannot currently do the same.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. SCUP

    Provide SCUP the ability to pull down macOS specific 3rd Party patches for deployment through SCCM.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mac - Pushed version of Office needs to be current

    Currently the version of Office for Mac that is deployed via Intune is nine versions behind the current release. I would like the version deployed by Intune to be current -2 or better. In addition, it would be helpful to have the version displayed within Intune.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Restrict access to certain system preferences on mac

    We need the ability to restrict what System Preferences can be opened on Mac OS through a configuration policy. This can be easily done through Airwatch but I see no options available through Intune.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  15. macOS Intune MDM Agent diagnostics

    Provide some capability for the MDM Agent to perform diagnostics locally. For example:
    1. Interrogate last sync
    2. Force sync

    Currently when Intune MDM Agent doesn't pull a script, there is no way to find out why not.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Device Name Rule to MacOS Enrollment Profile

    Add the possibility to set a device name rule for MacOS, just as with iOS and Windows.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. macOS mount drive configuration profile

    Have a configuration profile that can mount network drive/share.

    It should add an entry to the connect to server function on mac and auto connect.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. Deploy and manage macOS Office 365 updates

    Please add the capability to deploy and manage updates to Office 365 (Word, Powerpoint, Excel, etc) on macOS devices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Manage Microsoft macOS Office app settings via Intune

    Want to be able to use Office 365 tenant or in Intune to set macOS Microsoft Office app/user controls rather than using our MDM to adjust the client via script or profile .
    Like it works for iOS aps

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Microsoft Edge DefaultSearchProviderSearchURL on MacOS

    The suggested DefaultSearchProviderSearchURL for the search engine Google is not working.
    I get validation error in MEM.
    After generating a Plist using the examples here: https://docs.microsoft.com/en-us/deployedge/configure-microsoft-edge-on-mac#create-a-configuration-profile-using-terminal

    Then I could get it working.
    The error is that there are characters missing in the URI on the DOCS page:
    Docs URI:
    {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}ie={inputEncoding}

    Working URI:
    {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}ie={inputEncoding}

    https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#default-search-provider-search-url

    https://github.com/johanCloud/MEM-Configurations/tree/master/macOS/Microsoft%20Edge

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base