Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to remove cached user PKCS certificate stored in Intune

    We're using an Intune configuration profile to obtain a PKCS certificate for the user from an internal PKI as per the documentation at https://docs.microsoft.com/en-us/intune/certficates-pfx-configure.

    We have a problem where if the UPN on the user object is changed, Intune continues to push down the previously issued certificate with the old UPN. If the old certificate is deleted from the store via the Certificates MMC, Intune simply pushes down the old certificate again at the next sync.

    As far we can see, there is no way to force Intune to forget the previously issued certificate. The only way to do…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow to get information about enrolled certificates via Intune/Graph API

    There is an option to see enrolled to devices certificates via Intune portal and report this data to CSV. However it is not possible to get the same information using GraphAPI or PowerShell. There is a need to get this information using REST call or PowerShell.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow ADCS NDES service to be installed within a new web site in IIS rather than Default Web Site

    I encountered issues with RDS deployment being visible in Server Manager when ADCS NDES (Network Device Enrolment Service) is installed in the Default WebSite in IIS, the Service Principal Name associated with the NDES service account creates issues connecting to the RDCB in Server Manager. If there is a way to install NDES in a seperate web site in IIS, it should resolve this conflict/issue with RDS web services.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  4. Check Point Capsule per-app VPN profile for Android devices

    Intune per-app VPN custom profile supports only Only the Pulse Secure and Citrix connection types as per the document https://docs.microsoft.com/en-us/Intune/android-pulse-secure-per-app-vpn

    Also Intune supports Check Point Capsule VPN profile, and it works perfectly.

    Please add Check Point Capsule per-app VPN profile for Android devices

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  5. Event log name conflict with Intune Certificate Connector

    The Intune Certificate Connector service creates an event log on startup titled "Microsoft Intune Connector". Unfortunately, due to limitations in the .NET API used to create the event log only the first 8 characters are significant. This results in an installation failure if another log already exists at the top of the "Applications and Services Logs" hierarchy which begins with "Microsof". An example of such an application is Windows Admin Center.

    As the service is started during installation the entire MSI installation will fail and needs to be cancelled. Even if the service was not started during installation, it would…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  6. Send an email or SMS message to non-compliant users

    In AirWatch we had the ability to send an email or SMS to device user's who devices were not in compliance. For example someone's device has been out of compliance for a week after 10 days they receive an email and SMS message daily telling them further action is required or they risk losing access.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  7. Revoke/Delete SCEP Certificates from Intune Admin Web UI

    I would like the ability to revoke/delete a SCEP certificate via the Intune web UI, without needing to retire the mobile device. Scenario: I republished my VPN profile multiple times, and each time new certificates were issued to the mobiles, without revoking/deleting the previously used certs. So now my Certificate Compliance Report includes extra, valid certificates, for each user (which aren't on the mobiles). This makes for a cluttered report.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable uploading the root certificate with the password in MDM.

    I would like to inform you that another company's MDM service have the availability of uploading a root certificate with the password. However, there is concern that operations cannot be continued when transferring from another company to Intune service since this feature has not implemented yet.

    Therefore, I hope the upload function of root certificate with the password to be implemented as quickly as possible.

    Thank you for your consideration.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  9. "Web logon" is disabled when deploy F5 Edge VPN profile with Intune

    The "web logon" is disabled when customer deployed F5 Edge VPN Profile to iPhone with Intune. My customer used to use web logon to connect VPN. When will it be supported by Intune?

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enable support for Auto-Proxy with iOS wifi profiles

    Enable support for Auto-Proxy with iOS wifi profiles.
    Currently Intune iOS WiFi Profiles do not support dynamic automatic proxy configuration. Instead you have to manually specify a proxy address.
    This is not suitable for enterprises that support a different local proxy at regional offices.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add possibility to create an automatical Signature Email using fields present in Active Directory

    This request was arrived from an our customer, request was to have possibility on InTune to create automatically signature Email, using fields already present on Active Directory … We'd like create for iOS devices …

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  12. Detect AD CS during Intune Certificate Connector installation

    The Intune Certificate Connector is not supported for installation on the same server as is running an AD CS enterprise CA. This being the case, it'd be nice if the installation would detect this scenario and block installation or warn the user.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  14. System test email

    A nice troubleshooting feature in BES was the ability to send an email to the device, receive a reply without user interaction. This would be good to build into the management profile / outlook app.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  15. Default to computer name for Intune Certificate Connector name

    When adding a new Certificate Connector for Intune the new connection is given a very opaque and uninformative name. It would be more useful to default to something like the underlying computer name to make it clear where the connector is installed. This information does not appear to be surfaced through the Intune blade in Azure.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  16. Turn Off wifi if the device is non-compliant

    When a device is non-compliant per Intune policy, their should be an option to disable wifi and it should turn back on only if it is made compliant

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  17. Per App VPN appliance

    Looking for Microsoft to develop a native VPN client for MDM managed devices. Ideally we'd like this in the form of Windows server or Linux appliance. This capability would allow us the ability to spin up infrastructure to support per app VPN capabilities

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow port information to be included in VPN profile "IP address or FQDN"

    Currently, the VPN profile "IP address or FQDN" will not recognize the inclusion of a port number. When I attempt this, saving the profile fails. Yet, at least for Cisco AnyConnect, the "port" and "dtls port" key/value pairs are not honored in the connection attempt - I have attempted and verified this. In the AnyConnect app, I can directly include a port number with an IP/FQDN, so it appears that is where the AnyConnect app expects this information to be. I would like Intune to allow including this port information in the "IP address or FQDN" field as well.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support Payloads for configuring Email, VPN, WIFI with Radius etc.

    Configuring email, etc with payloads would make it easier for users to fill in the remaining information.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. Android Enterprise Fully Managed Wi-Fi Profile Support for WPA2

    Is there a plan to support the deployment of Android Enterprise (Fully Managed) WPA2 Wi-Fi profiles? It seems the policy can only support WPA.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base