Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support enrolling a device under MDM for two different organizations

    Contractors/Service Provider employees generally have multiple companies they work for. One the company that pays their salary, another the company that they do the work for (clients). Intune currently do not allow enrolling a device with both the companies MDM. The user need to sign out of one MDM to enroll in another and this is a painful process. Should have a easier way to enroll the device under multiple MDM

    373 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      22 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
    • Include a prompt to the end-user during enrollment if it is a corporate/personal device

      Include a prompt to the end-user during enrollment if it is a corporate/personal device. So we later can deploy different certificates/wi-fi profiles, apps e.t.c to only corporate owned devices.
      Also make it possible to set this in the Company Portal

      148 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        6 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
      • Make it possible to Azure AD join/synchronize device (computer) objects to multiple Azure AD tenants from a single forest AD.

        Some companies hosts multiple sub-customers in a single forest Active Directory.
        Each sub-customers users and machine objects are organized in their own OUs.
        Present configuration would be one AAD Connect server per customer OU – which synchronize the user objects to their respective individual Azure Tenants and they license all their sub-customers AAD Users with M365 licenses.

        Some would like to enable Automatic AAD Join (Hybrid Azure AD Join) for their sub-customers Windows 10 Enterprise devices via GPO.
        They want to manage the sub-customers domain-joined devices with Intune, and use device-based conditional access.

        AAD Device Registration (DRS) requires a Service…

        93 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
        • Azure AD Hybrid joined Windows 10 Devices should recognize a device owner through Intune.

          Azure AD Hybrid Joined Windows 10 Devices does not list a device owner for Windows 10. This could perhaps be made available through intune. If a device is Azure AD Joined and Intune joined, then the owner in Intune could be set as device owner in Azure AD? Great if this option was available or at least if admins got to turn it on by choice.

          70 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
          • Provide the possibility during installation to give the Device a predefineded hostname

            In an Enterprise Devices do follow a Special naming convention. Currently it is not possible to rename the devices or give the devices a predefined Company hostname during installtion. It would be good if at least an Input field would be available to give the device a hostname. Or if the Admins could predefine a hostname during the enrollment process of the Hardware ID.

            Thank you in advance

            55 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              4 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
            • Enrolling WIndows 10 without Admin privs (No SCCM, Existing devices)

              I need an Enterprise solution. I understand that we need Local Admin account to enroll Windows 10 devices to Intune. But i have 800+ devices, Domain joined (AD and Hybrid Azure AD). We do not use SCCM.
              These are existing devices so i cant even use Autopilot. I need a solution or way or a feature in Intune which allows me to enroll Windows 10 devices without giving them the Administrator privileges. Please respond to this request ASAP

              48 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                5 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
              • Windows Autopilot Hardware ID "on the box"

                Windows Autopilot Hardware ID "on the box"

                This might not be a 100% Microsoft issue, but gathering the Hardware ID of a device to enroll it into Intune for Autopilot assingments is still a pain.

                The Problem is, that if you do not use just your one Standard Supplier, or the MIcrosoft online store gathering the Hardware ID is quite a pain.

                Example,
                there is a user somewhere in Kuala Lumpur... and Needs a new device, somehow they happen to have a Surface Laptop in a shop there. Now it would be easy to set this up as a Autopilot…

                46 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                • Provide Intune MDM integration with Cisco AMP cloud service

                  Provide Intune MDM integration with Cisco AMP cloud service. Currently Cisco supports Meraki, AirWatch and MobileIron. Our company sank good support money into two solutions and lack of simple API integration between two cloud products is very troubling.

                  34 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    2 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                  • Secure corporate enrollment with user enrollment later

                    Add the ability to enroll a device with no user affinity and then at a later time allow the user to enroll the device for user affinity without the need to wipe or remove MDM. This would allow the ability to send a device to a user with the Intune agent on it and then allow the user to enroll with their username and password.

                    23 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      2 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Automatically Assign AutoPilot Profile to New Devices

                      It would be great if we could assign a default AutoPilot profile that is automatically assigned to all newly imported / registered devices.

                      So that a device does not have to be manully managed in Intune ( profile assignment ) before the user starts it up.

                      20 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                      • Assign Intune device category through Autopilot

                        It would be great if we could assign Intune device category through Autopilot, without having to do it manually once the device is enrolled.

                        20 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          1 comment  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                        • Windows Enrollment restriction and Corporate Device Identifiers

                          A lot of customers have O365 and their users like to use O365Pro Plus or configure their mail account at home on their personal devices. With that they are asked to add the Account as "Work or School Account", which registers their personal devices automatically in Azure AD. That is ok, but if the customer then buyes EMS licenses and assign them to user, all the devices are enrolled to Intune. Even more worse is, that with that you will no longer be able to target anything to users. Because if you for example would like to deploy Windows 10…

                          19 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Alert Email notification user unenroll his device

                            Provide ability to create email alert when a user unenroll his device from Intune. This will allow admins to be notified and then contact the user to verify why happened.

                            17 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Add already joined devices to autopilot for reimaging

                              It would be nice to be able to add already joined devices into Autopilot program (like a writeback or sync) for re imaging purposes. This would make re-purposing hardware simple and easy for users and admins alike.

                              I cannot gather the hardware ids through AzureAD (cloud only) with no WMI capabilities and limited AAD attributes being available.

                              17 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                2 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →

                                As of the release the week of Oct 1, 2018, you can apply Autopilot profiles to enrolled Win 10 devices that have not already been registered for Autopilot. In the Autopilot profile, choose the Convert all targeted devices to Autopilot option to automatically register non-Autopilot devices with the Autopilot deployment service. Allow 48 hours for the registration to be processed. When the device is unenrolled and reset, Autopilot will provision it.

                                Does that get you what you want? If not, what’s missing?

                              • Add customer tags to Autopilot device information

                                I am thinking of a generic feature that would let us implement some missing features in Intune.

                                A customer should be able to add a list of tags to the Autopilot device information in Intune (see screenshot)

                                As soon as an AAD object is created durin enrollment these tags should be copied as an attribute that can be used in dynamic device queries. I am thinking of something like
                                tag = 'Software_XY_Ring0'
                                That way we would be able to add a device automatically to a group without having to code some automation script which causes maintenance costs and of course…

                                15 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Allow Auto Pilot to set computer names

                                  Any machine enrolled though Auto Pilot has a random computer name assigned. If a machine is Factory reset and reenrolled via Auto Pilot, the machine name is lost.

                                  Auto Pilot should firstly persist computer names, but also we should be able to define a rule to allow custom naming, as well as manually define computer names for when machines are enrolled. For example:
                                  If Type=Surface Pro, then Name=SP_<serial_no>

                                  15 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Adding users to Mobile Device Management Issue - Enrollment Problems

                                    Hi

                                    We are in the process of setting up Office 365 Mobile Device Management. We've created a MDM policy, created a security group and associated this group with the newly created MDM policy. We have added about 10 users to run as a pilot test.

                                    There has been a number of scenarios which have occurred whilst setting end user devices up.

                                    1. Add the user to the security group associated against MDM policy. The user receives the enrollment email, and email stos syncing with Office 365 mailbox on device until they successfully complete the enrollment process

                                    This is what you…

                                    15 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      4 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Allow DEP MFA users to enroll using app password

                                      Currently enrolling a device using DEP with a MFA enabled user is not possible. App passwords are traditionally used for legacy apps that don't support MFA sign-in scenarios (Outlook w/o modern authentication, Built-in iOS mail, etc...) Intune should accept the credentials of a MFA enabled user using an app password as well.

                                      12 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                      • zero-touch enrollment using apple configurator

                                        Currently, we use an Apple Enrollment Enrollment Token via DEP enrolled devices and it works great. We need similar automation using the Apple Configurator to not have to manually touch each device (connected to MAC via a cable) to deploy a custom profile as it's far too much time & effort.

                                        10 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Support Web Enrollment into Intune

                                          Essentially, providers such as MobileIron support web enrolment which means they are able to hit an endpoint and enrol without having to create an AppleID for just downloading the company portal. Because of this when business’s want to move to Intune they have to create thousands of AppleID’s (which they haven’t needed to do before) just to download one app. This is both time consuming as the business may have over 20k users in their current MDM and pointless as it’s possible to onboard using a web URL.

                                          10 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            1 comment  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4
                                          • Don't see your idea?

                                          Feedback and Knowledge Base