Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Proxy Support for AutoPilot

    Windows AutoPilot should prompt for proxy configuration if after establishing a connection there is still no internet access. This would allow enrolling AutoPilot devices on the corporate network and use hybrid join.

    I think this feature should be implemented really quick as there are a lot of enterprises waiting for that.

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure hybrid domain join with remote user login

    I would like to be able to deploy new computers to remote users with Azure hybrid domain join. Currently this isn't possible because after the hybrid domain join process runs, the user can't login to the computer because the (local) domain is unavailable. If you could cache the 1st time login, it would circumvent this issue.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Autopilot Selfdeploying with Hybrid Azure AD Join (local domain join)

    I would like to use the Autopilot Selfdeploying function with Hybrid Azure AD Join to also join the local domain. This would really help us since we are using flexible work spaces (desktops that get's used by different users on a daily basis).

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Injuect Windows Updates and Feature Updates during whiteglove deployment

    We want to be able to get all the latest updates and feature updates during whiteglove setup. So a user receiving a freshly delivered computer does not have to wait until 1909 arrives (as even Surfaces by Microsoft sometimes are still delivered with 1903 or worse)...

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support for Federated Domains with Windows Autopilot

    At present when using Windows Autopilot, a user on a federated domain is unable to sign in to complete the set up. However domains that aren't federated are supported. With this in mind, please can support be added for Federated domains within Windows Autopilot?

    This feature would be incredibly useful in enterprise environements, where Hybrid Azure AD isn't an option.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Notification when a new device is Azure AD Joined / registered

    When allowing users to enrol / join their own devices, generate an email notification to be sent out, either to a specific person / group or to the user populated in the Manager attribute.

    If additional business processes are required after a user registers a device, currently there is no convenient way for anyone to be notified.

    Rough flow would be;
    Manager A issues new device to User A.

    User A configures the device at home with AutoPilot.

    Upon Azure AD registration an email is sent to Manager A letting them know that User A has configured Device A.
    Manager…

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allowing DEM support for Autopilot

    Currently you are unable to use the DEM account with Autopilot devices. Annoyingly as a IT admin you don't want your own account as the user who enrolled the device into Intune. Currently the only way to enroll the device as a end user is to know their login credentials.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Windows Enrollment restriction and Corporate Device Identifiers

    A lot of customers have O365 and their users like to use O365Pro Plus or configure their mail account at home on their personal devices. With that they are asked to add the Account as "Work or School Account", which registers their personal devices automatically in Azure AD. That is ok, but if the customer then buyes EMS licenses and assign them to user, all the devices are enrolled to Intune. Even more worse is, that with that you will no longer be able to target anything to users. Because if you for example would like to deploy Windows 10…

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Multiple Group Tags

    I love Group Tags in the Autopilot device enrollment process and see many uses for them. One thing I'd like to see if the ability to use multiple Group Tags. I'm more suggesting along the lines of adding to Group Tags (i.e. not doing it as part of a CSV import), perhaps adding a common delimiter 2nd, 3rd, 4th etc Group Tag to a device. An example for this - we are using Group Tags for a customer to define the location of the device (e.g. Brisbane) so they can be dynamically added to the "Brisbane Devices" Azure AD group.…

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Create AutoPilot for Education - Bulk enrollment with SharedPC

    Need ability to purchase OEM computers that have already been Azure AD Joined as SharedPC computers using AutoPilot. Also, the ability to do this for previously purchased computers. This eliminates having to individually register and enroll each computer. Computers can then use Intune Policy to configure and manage computers and embrace Cloud-First MDM.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatically Assign AutoPilot Profile to New Devices

    It would be great if we could assign a default AutoPilot profile that is automatically assigned to all newly imported / registered devices.

    So that a device does not have to be manully managed in Intune ( profile assignment ) before the user starts it up.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow Auto Pilot to set computer names

    Any machine enrolled though Auto Pilot has a random computer name assigned. If a machine is Factory reset and reenrolled via Auto Pilot, the machine name is lost.

    Auto Pilot should firstly persist computer names, but also we should be able to define a rule to allow custom naming, as well as manually define computer names for when machines are enrolled. For example:
    If Type=Surface Pro, then Name=SP<serialno>

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add Multifactor Unlock configuration to WHfB Windows enrollment options, Security Baseline and CSP.

    Our Info Sec team won't allow PINs for WHfB unless we use Multifactor Unlock. Currently this cannot be configured in Intune except perhaps by an ADMX backed custom CSP. This needs to be added to the WHfB configuration pages for Windows Enrollment, the Security Baseline and Identity Protection Profile type in Device configuration profiles.

    Here is the documentation on the GPO that needs to be translated. https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock#create-the-multifactor-unlock-group-policy-object

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Delete bulk Autopilot devices by using a CSV for example.

    When a bunch of hardware gets replaced by new hardware, the old hardware has to be removed from Autopilot.

    We can add devices in bulk to autopilot, but we cannot remove devices from autopilot in bulk.

    Currently I have 40 devices I need to remove one at a time. Please add bulk removal of devices based on a csv.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make Edge selectable as required app on the ESP

    When you want to select Edge as a required app in the ESP this isn't possible now.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Customise AutoPilot screen (Company Branding)

    When Azure's Company Branding is configured, there should be an option to customise the "Enter your %organisation's% email." message.

    Our organisation enrols with a UPN as opposed to email address, so this could confuse our users. Please refer to screenshot for the exact section.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add already joined devices to autopilot for reimaging

    It would be nice to be able to add already joined devices into Autopilot program (like a writeback or sync) for re imaging purposes. This would make re-purposing hardware simple and easy for users and admins alike.

    I cannot gather the hardware ids through AzureAD (cloud only) with no WMI capabilities and limited AAD attributes being available.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the release the week of Oct 1, 2018, you can apply Autopilot profiles to enrolled Win 10 devices that have not already been registered for Autopilot. In the Autopilot profile, choose the Convert all targeted devices to Autopilot option to automatically register non-Autopilot devices with the Autopilot deployment service. Allow 48 hours for the registration to be processed. When the device is unenrolled and reset, Autopilot will provision it.

    Does that get you what you want? If not, what’s missing?

  18. Initial Azure AD Join with user rights, without asking a local Admin elevation privileges

    hello,

    During the initial Azure AD Join, if the user has no local admin rights he is asked for an elevation of privilèges.
    Is it possible to change this in order for users to join the Azure AD domain without admin rights ?

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add customer tags to Autopilot device information

    I am thinking of a generic feature that would let us implement some missing features in Intune.

    A customer should be able to add a list of tags to the Autopilot device information in Intune (see screenshot)

    As soon as an AAD object is created durin enrollment these tags should be copied as an attribute that can be used in dynamic device queries. I am thinking of something like
    tag = 'SoftwareXYRing0'
    That way we would be able to add a device automatically to a group without having to code some automation script which causes maintenance costs and…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Remove AutoPilot Reset Button from Login Screen

    Lets give administrators the option to hide the AutoPilot Reset button from the login screen. Keeping the keyboard shortcut Ctrl+Windows Key+R and EndPoint Management Portal as reset methods. This will eliminate confusion from our end users.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base