Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow powershell scripts to be used with Hybrid Joined devices

    Currently its only possible to run Powershell scripts against Azure Domain Joined Machines. Could allow powershell scripts to be run against Hybrid Domain Joined machines?

    369 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      16 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
    • Support Endpoint Protection on Windows 10 Pro

      Simple really. Windows 10 Pro supports bitlocker. Therefore if we're paying for Intune, it seems reasonable to be able to manage bitlocker on those devices.

      158 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        17 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
      • Windows Hallo for Business setting per group assignment

        Please add the possibility to create a group assigned Windows Hallo for Business and not just a default that applies to alle users/groups in the tenant.
        So that you can for a group of people disable Windows Hallo for Business and for another group of users you can configure Windows Hallo for Business settings in the Intune portal.

        140 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          8 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
        • Static computernames in Windows autopilot before Intune autoenrollment.

          Maybe posting this to the wrong component-team but a suggestion would be to give the ability to set a static computername to the imported device when registering the csv file containing hardware information in "Autopilot deployment". The current functionality randomizes the computername after each factory reset or reinstallation. Seems pointless to perform a namechange after Intune autoenrollment. This would solve alot of of administrative issues within larger organizations.

          117 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            4 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
          • Automatic enrollment for Hybrid Azure AD Joined Devices

            Missing the ability to automatically enroll Windows 10 devices that are hybrid Azure AD Joined, for agentless management. This would favour the use of agentless management for domain joined devices.

            91 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              noted  ·  3 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
            • Fresh Start using Intune - remain enrolled

              When performing a Fresh Start using Intune the Device stays Azure AD joined, however it is unenrolled from Intune.
              It would be great to have this as an option to remain enrolled, if not we lose management capabilities.
              https://docs.microsoft.com/en-us/intune/device-fresh-start

              67 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                4 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
              • Clean start layout policy

                Today there are two options to apply a start layout to users, fully locked or partial locked.
                Fully locked start layout will clean the start layout from "consumer things" and nicely only show what have been deployed centrally. But lack support of user customizations such as pinning and resize.
                Partial locked start layout will allow the users to customize the start layout and show what have been centrally deployed, but it will also show the default start layout/"consumer things" on the desktop that are not wanted in an enterprise.
                I would like to see an option to either clean start…

                60 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                • Ability to prevent workplace join, allow AAD join only

                  All other platforms (iOS, Android) support enrollment restrictions to block poersonal devices. Windows 10 needs the same. Please provide the ability to prevent workplace join.

                  59 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                  • Windows 10 MDM inventory should include serial numbers

                    Windows 10 MDM manage devices does not have serial number in Intune as part of the inventory like IOS have.
                    Will like to get more inventory data on Windows 10 devices with the MDM stack.

                    48 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                    • Change Group Policy Settings Via Intune

                      Be able to change registry files or group policy settings remotely, more than just the limited restriction policies available in the portal

                      48 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        5 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                      • Active Notification/Prompt to Restart to Update

                        Have a configurable prompt indicating that a restart is required. Users shouldn't have to click on this passive icon and then have the option to restart now or restart later.

                        The option "Allow logged on user to control Windows restart after installation of scheduled updates and applications" When set to yes: "Prompts the logged on user to restart Windows when required"

                        Yet, I receive no prompts. Just a passive icon - not even a balloon. Additionally once I hover over it there's an indication that a restart is needed. I think it would be helpful having it prompt and request…

                        41 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                        • Map network folder & sharepoint

                          When a user joins InTune/MDM on windows, it would be good if we could set network shares & sharepoint sites to be mounted as drives for a user group.

                          e.g.
                          Finance Department
                          G: = \\network-machine\general
                          F: = \\nework-machine\finance
                          S: = https://site.sharepoint.com

                          Management Team
                          G: = \\network-machine\general
                          M: = \\nework-machine\management
                          S: = https://site.sharepoint.com

                          39 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                          • Manage Intune Windows 10 clients with PowerShell DSC

                            To enforce certain Windows settings like disabling SMB v1.0, it would be great if Microsoft could integrate PowerShell DSC with Intune. This gives the administrator more control and new reporting/compliance options.

                            32 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                            • apply policies immediately on-enrollment

                              We have identified a gap with Intune and policy application. For our use case, we have a device restriction policy that restricts access to the public store. We also have WSfB apps synced with our tenant and assigned as uninstall to remove all the bloatware. While the apps get uninstalled, the policy to restrict public store does not apply right away. As a result, the user can go into the public store and re-download the apps that were uninstalled.

                              We should have the capability to select which policies we’d like to apply at on-enrollment to close this gap. I’m sure…

                              30 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                              • Ability to seamlessly deploy BitLocker in the background without prompting the user.

                                BitLocker can be deployed currently but the user is prompted for interaction... which is both annoying and unnecessary - it should just happen per the settings defined.
                                The current workaround requires this solution: https://blogs.technet.microsoft.com/home_is_where_i_lay_my_head/2017/06/07/hardware-independent-automatic-bitlocker-encryption-using-aadmdm/

                                Ideally this functionality should be embedded within Intune and work regardless of whether the User is a Local Admin or not.

                                30 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                • Want every File to be encrypted when any one creates in EMS enrolled system

                                  Not an Idea..! but Instead a Business Requirement: Want every File to be encrypted when any one creates in EMS enrolled system.

                                  It is happening with Office Version 16.0.6965.2117 Deferred Channel (MSO (16.0.6925.1049).

                                  Later it has been removed. Please vote for this requirement as whole of our business is based on this feature.

                                  29 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Please allow setting of desktop backgrounds and lock screen on Windows 10 Pro devices via Intune MDM

                                    Device configuration setting s for Windows 10 allow setting custom desktop background and a lock screen image via a URL. this does not seem to work against Windows 10 pro, only Enterprize or Education.

                                    Can this feature please be enabled on Windows 10 Pro devices?
                                    Thanks

                                    29 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Improve Intune MDM deployment configuration parameters for Windows

                                      In our case customers have mainly Windows 10 platform.
                                      Based on our investigations there is no configuration parameters currently available in Azure Intune Portal to
                                      set retry interval or manage forced reinstallation. We found out that Intune sets some registry values regarding these though. For example "EnforcementRetryCount" and "EnforcementRetryInterval".

                                      Any plans/road map that Intune users are able to configure these?

                                      27 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Add LAPS support into Intune

                                        Add Microsoft Local Administrator Password Solution into Intune

                                        27 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          5 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Set Timezone for Windows 10 from Intune MDMFollowing the "Autopilot" idea I'd like to install MSI application from Intune MDM however

                                          Following the "Autopilot" idea I'd like to install MSI application from Intune MDM via Azure AD joined laptop/surface however by default the Windows Auto timezone service is turned off so new users wont have applications installed from Intune MDM because the date/time on a new device does not match the MDM "as soon as possible" date/time requirements for deployment of Applications i.e. The OOTB Autopilot experience cant work for application deployment unless a new user sets the timezone correctly first!

                                          Thanks
                                          Peter

                                          How can I fix this

                                          26 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 6
                                          • Don't see your idea?

                                          Feedback and Knowledge Base