Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Non Microsoft updates in Intune

    For non Microsoft updates in Intune, instead of having all clients show up as needing the update, please display just clients that are part of the group the update is approved for.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Cannot identify VPP token in iOS Enrollment Profile drop down

    iOS Enrollment Profile settings has a drop down menu where you select the VPP token to be used when the Company Portal is automatically installed. The drop down lists each token by Apple ID, not the user-defined Token Name attribute. You cannot tell which token you are selecting If you have multiple tokens with the same Apple ID.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. remote wipe should not initiate under 20% battery

    If you try to reset a device on it's GUI, it doesn't let you do it if you have little battery left. Nor with firmware updates.

    The idea is to have a check box with the wipe feature, or a pop-pup asking even if the device has less than 20% battery do you want to continue, or just if it has more than 20%

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Block access and Wipe data for rooted device

    Would it be possible to request a function/option for “Wipe AND Block” to MS Intune in next update. Since, Block DO NOT remove already synced data on device it will be security concern.

    Block access – For (e.x), if the setting of Block is enabled for Outlook, then if the device is jailbroken, the user won’t be able to access Outlook for corporate mails, but still he would be able to access Outlook for personal tasks

                          and also ause Outlook from a different device to access Corp data
    

    Wipe data – For (e.x), if the setting of Wipe is enabled…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Unable to remove a user from O365 MDM

    After testing O365 MDM, we removed all policies, devices and users from the MDM group that was created for testing. However, 6 months later, the test user is still being prompted to enroll in MDM when logging into OneDrive for Business app on any mobile device. I opened a support ticket and they put the user back into the MDM group and put the group into the global MDM policies exception list. That stopped the alerts to the user to enroll but said that you cannot remove a user from O365 MDM once they have been enrolled previously. So now…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, Glen, I talked to our engineering team and they said that doesn’t sound right – if you take the user out of the group, the policy should not be applied and the user should not get prompted to enroll. (And much as we’d love you to buy Intune, we don’t want you to do it just to resolve this issue!)

    Would you be able to give me the support case number so I can look into this?

  6. Disppay enrolled users name on home screen

    Could we have an option to automatically display the users name on the device home screen? We have hundreds of devices of the same model and if one is lost and turns up at IT, we can't figure out who it belongs to without the pin. It would really help to see the username on screen.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Corporate Devices Applications Inventory

    Hello,

    I deploy intune for many organizations and a question that I have everytime is to disable the applications inventoring even when device are enroled as corporate.

    I think would be pretty relevant to allow the possibility to NOT inventoring the application, even enroled by IMEI or serial.

    What do you think about it ?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Prohibit Intune to discover applications on personal device and/or notify user if admin switches Personal device to be identified as "Corpor

    Suggestion: Prohibit Intune to discover applications on personal device and/or notify user if admin switches Personal device to be identified as "Corporate owned"

    In the hybrid model, which many SMEs use, where Intune is connected to System Center Configuration Manager, the administrator can identify specific devices as corporate owned. The administrator could change the ownership of the Personal device to Corporate in order to gain insight into what apps are installed, while the user will is oblivious to this change. This is a vulnerability that could be exploited, in theory.

    Considering that users who enrol their personal devices in Intune…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow laptop devices to enroll without the need for local administrative rights.

    None of our Windows users are local admins on their devices, therefore to enroll their device we need to log in as an administrator, update the user as a local admin, and we can then complete the enrollment process. Bypassing this would mean that we can send out instructions rather than needing to manually update the rights of the machine.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Upgrading to New Device Allows Unmanaged Access

    I'm new to Intune and have confirmed with my 3rd party vendor the "feature" I'm about to describe is currently functioning properly. In my opinion this needs to change.

    I don't know the behavior with Android yet, this was only just discovered with an iPhone device.

    User gets new phone, backs up old phone, activates new phone, performs restore.

    The management policy did not get loaded to the new device, but Outlook app was installed. User was only asked for credentials and was then allowed unmanaged access to corporate email.

    I'm sure there are issues with how iPhones do restores…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support Apple User Enrollment on Mac OS

    User Enrollment for iOS is great for BYOD. As the platform MacOS supports this feature too we'd love to see this feature to be supported in Intune as well.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  12. Delete Win10 Mail Data when you retire the Win10 Client from Intune.

    As for now the Mail data is still being stored on the Win10 client and is available even though the client has been retired from the Intune Portal. Meaning the Intune Mangement is deleted from the client but the mail profile stays . This is a huge security issue!

    When is there going to be a fix? The issue is known and i havent heard back since a while.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to block the 'iCloud Drive' setup screen that was introduced in iOS 10

    We have the ability to block all other screens during the initial setup, except for the latest addition, 'iCloud Drive' - is this on the roadmap?

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Managed homescreen rotate

    Managed homescreen needs to be able to rotate. (when using tablets)

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Counter for OMA-URIs always show 1 In the Azure portal, Microsoft Intune

    Counter for OMA-URIs always show 1 In the Azure portal, Microsoft Intune.

    In the Azure portal, Microsoft Intune -> Device Configuration -> Policies -> <custom policy> -> Properties -> Settings says '1 configured', even though it may contain many more.
    Attached screenshot have about 25 OMA-URIs.

    This is misleading, a better approach would be to count custom OMA-URI settings inside a custom policy. It has been like this as long as I remember. It's browser and tenant independent; happens to all.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  16. add ability to reset the Fully Managed enrollment token

    At present there is no way to reset the Fully Managed enrollment token. I believe there should be the facility to either do this or indeed set a expiry for a time period, similar to that of Dedicated devices

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable/Disable Automatic update iOS

    Add the ability to sett the option for automatic iOS updates that was introduced in iOS 12.
    This will give us a "set and forget" option to keep our devices updated where we do not need granular kontroll.
    Needed for supervised and not supervised (BYOD).

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  18. Manage iOS Message History settings

    Need ability to manage the iOS Message History settings, which are-- 30 Days, 1 Year, Forever.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. create privacy policy to permit or deny actions with privacy implications and apply to both corp and personal devices

    Today in Intune, the device ownership is used by the system to set specific policy behaviors
    E.g - App inventory is not collected for Personal Owned Devices
    "Intune currently collects the phone number, app inventory, and UDID of this corporate-owned device"

    The problem here is that Intune is making an assumption on our business and security requirements about this data collection and are mixing concepts on the device ownership and the policy that should be applied to the device.

    Today we end up having to flag all devices as corporate owned because we want to collect some of this data.…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide status of WIP deployment for enrolled device

    Currently when deploying an app protection policy there is no feedback in the portal on whether the policy was applied or if there was an error. Like other configuration policies we should be able to see the status - success or failed with the failure code etc.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base