Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. the ability to configure edge to Only use a single identity

    Identity lockdown – the ability to configure edge to Only use a single identity. In some cases multi identity Edge can be an asset but there are more than a few use cases where (finance, retail, etc…) where it would be benefical to be able to configure Edge to only use a single, managed identity. This will a) ensure that only the proper work identity us used b) ease confusion with multi identity management, simplifying support.

    This was split out of an item that had two requests
    https://microsoftintune.uservoice.com/forums/291681/suggestions/36555706

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
  2. Column width dragging is non-intuitive and broken - or just for me?

    Actually I think this is the case throughout Azure consoles. Great to be able to add all the column options, but instead of having the scren scroll to show them, they just aren't there unless you collapse the ones that are already shown; and when you drag a column to shrink it by 2 pixels the whole column shrinks to nothing and is overtaken by the column to the right of it. I end up losing all my normal columns just because I'm trying to shrink them down a little bit.

    I don't get it. Is it just me this…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  3. Managed homescreen rotate

    Managed homescreen needs to be able to rotate. (when using tablets)

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Annual Update Channel for Windows Update for Business

    I'd like to be able to put my Windows 10 machines enrolled in Intune on an annual update channel that updates machines to the xx09 update that comes out in the fall. Since that update has a much longer support cycle, I'd like to be able to set my machines to automatically take advantage of that cycle and update only once a year within Windows Update for Business.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Windows Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. add ability to reset the Fully Managed enrollment token

    At present there is no way to reset the Fully Managed enrollment token. I believe there should be the facility to either do this or indeed set a expiry for a time period, similar to that of Dedicated devices

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow DFCI to CSP partners

    If you are CSP provider, you cannot onboard Autopilot devices to UEFI configuration by DFCI and must use WhiteGlove. But not all OEM offer this on all markets which limit usage, because CSP cannot be onboarded by other CSP.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide status of WIP deployment for enrolled device

    Currently when deploying an app protection policy there is no feedback in the portal on whether the policy was applied or if there was an error. Like other configuration policies we should be able to see the status - success or failed with the failure code etc.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  8. RBAC - limit access by OS platform

    As we move towards modern management we now have both "mobile" and "desktop" management teams accessing the Intune portal. In the short term we need to segregate access to prevent a "mobile" admin from editing policies, apps etc. for "desktops" (and vice-versa). Would it be possible to include the OS platform in the role definition - thus limiting the role to objects for specific OS platform types?

    Our only alternative is to use scope tags but our preference is to use those to segregate access by location to delegate access to local teams. We cannot use multiple scope tags (e.g…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Role-based Access Control (RBAC)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support Apple User Enrollment on Mac OS

    User Enrollment for iOS is great for BYOD. As the platform MacOS supports this feature too we'd love to see this feature to be supported in Intune as well.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  10. Device Configuration tab should only show the applicable policies

    Looking at the device configuration tab of an Android device it shows all policies that apply to the specific user or user group like the All User group. This is confusing because it will show the policies for all the Android Types. (Work Profile and Device Owner).
    It would be great if the non-applicable policies would not be shown. Currently they will show a "pending".

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ipxe cloud server with w10 vim provide by microsoft

    Hello is Microsoft can provide an win10 image via ipxe in order to install w10 without infrastructure, it will allow to deploy standart w10 image like a mac (from bios boot), customisation option could be a must.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Separate Microsoft Defender ATP license

    At the moment, you need to buy the very expensive Microsoft 365 E5 for this license. This doesn't make any sense, especially if you require Defender ATP for MacOS/Linux.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. If 2 groups are assigning licences, their should not be a group that take precedence.

    At the moment if the original group that assigned a licence to a user is removed, the user loses access to all apps and policies on Android Enterprise devices, even if s second group is assigning licences.
    Can this be set that if one group is removed nothing happens?

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  14. Trigger Webhook or Microsoft PowerAutomate/Flow when Device is non-compliant

    Currently only a mail can be sent to the admin or end-user which only contains generic information, not even what is not compliant. Several customers have the request to generate a ticket in their management tool. It would be great if a Flow can be triggered with a payload of at least User, device name, non compliant settings.
    With that the customers can create ticket, improve mails to the customer or even create some automatic remediation tasks.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Managed Apps reporting in device properties

    It would be great if you would see only the Managed Apps that are applicable for a specific OS in the device properties. Now we see for instance Android apps targeted to user groups also in the user's Windows device properties.

    This is confusing for IT staff and would be nice if we would only see the Managed Apps that are applicable to the specific OS or at least have the status reported as Not-applicable.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Inventory (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Force application install and/or re-install from portal

    As we notice an app installation failure from the portal and the managed apps for the device we'd like a simple function to force the application to install from the portal. Rather than having the user wait for next cycle of "required apps" checking.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Log Analytics-intune

    log analytics- add intune app data and device configuration policy data so that we can create dashboards to show for groups of users what apps they have installed and for those same groups of users the compliance policy status.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Samsung KME API for Intune

    We are in the process of moving to Android Enterprise in Intune and have stumbled across a number of issues. One of them is not being able to effectively separate AE DO devices to AE Kiosk mode device, due to using dynamic device groups.
    This is mostly to do with the device types being the same for both the standard and the kiosk build. There is no identifier that can be used to distinguish between the two if using dynamic device groups.
    The only possible way to do this is to manage the kiosk devices manually via an assigned group.…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to decrypt SD card from Intune Portal

    We enforce SD card encryption on our company mobile devices. This becomes a problem when a device is swapped out, and Samsung Knox Enrolment is used. Typically pre KME, we would advise the users in this scenario to remove company portal from old device which would then remove all policies and allow decryption which can then be moved to new device.
    However with KME the enrolment enforcement kicks in and a user is unable to go into the menus on an un-enrolled device. We would benefit from a button press from console if this were possible.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to set preinstall/postinstall scripts to pkg installations

    It would be helpful if there was the ability to specify pre/post installation scripts for LOB applications.

    This would need to work in conjunction with the "Microsoft Intune App Wrapping Tool for macOS" so the scripts are included in the "intunemac" package.

    Scripts could be used to setup an environment that a PKG may need to install certain applications or make most installation setting changes that allow for a smoother silent installation and a better user experience.

    ex:
    - Cylance Protect looks for an installation token in a file. Otherwise it prompts the user after installation.
    - Changing default preferences…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base