Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. MAM Without Enrolment: Android - Remove Requirement for Company Portal

    In MAM without Enrolment, on Android devices the Company Portal is required to be installed, but for iOS it is not.
    Can the dependency be removed as it is not required as the Android device does not need to be enrolled.

    268 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      11 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
    • Support for InstallApplication

      InstallApplication is a native MDM command that allows for installing packages on the client upon enrollment.
      Support for InstallApplication is already in Airwatch and SimpleMDM and possible in more MDM solutions.

      See also:

      https://simplemdm.com/2017/03/07/deploy-munki-apple-dep-mdm/
      http://blog.eriknicolasgomez.com/2017/07/27/Custom-DEP-Part-7-Getting-started-with-AirWatch-9.1.3/

      261 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        10 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
      • Support for deploying App-V packages

        Right now people have to use the MSI packages generated by the App-V sequencer, rather than having native handling for the .AppV package format as SCCM does. This means that people have to resort to powershell scripting, or squeezing scripts into MST transforms in order to use App-V features such as custom configuration files or connection groups.

        Also the MSI packages are very unreliable since they were mainly created for test scenarios rather than live deployments - for example they fail to uninstall when an application is in use, and you have to remove the previous version manually before installing…

        250 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          noted  ·  6 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
        • Sync Outlook for iOS Calendars to iOS native Calendar app

          This is now available for Contact sync in the Account settings (Within the Outlook app on iOS device, Settings>Tap the account>Toggle on "Save Contacts"> tap "Save to My iPhone" at prompt "Would you like to save your [#] Outlook contacts to your iPhone?" > Tap "OK" to allow Outlook to sync Contacts to the iOS Contacts app.) It would really help user buy in to Intune if there was a similar option to sync calendars to the native iOS calendar app.

          241 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            12 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
          • Support Endpoint Protection on Windows 10 Pro

            Simple really. Windows 10 Pro supports bitlocker. Therefore if we're paying for Intune, it seems reasonable to be able to manage bitlocker on those devices.

            228 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              27 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
            • please add block screen shot policies in managed app for the iOS managed app

              We want when user opens emails on the managed outlook app, the screenshot features get block and user will not able to take screenshot

              225 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                20 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
              • Enable FileVault and key vaulting for OSX

                OSX High Sierra supports FileVault key escrow using the com.apple.security.FDERecoveryKeyEscrow mobileconfig payload.

                InTune should support enabling FileVault and receiving the encryption key. This mirrors the behaviour of Bitlocker for Windows.

                224 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  12 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                • Support exporting and importing conditional access policies using PowerShell

                  Support exporting and importing conditional access policies using PowerShell. This would be handy for backup purposes, but also for re-use of the same policy rules between test and production tenants.

                  The Microsoft Graph API currently do not have any REST APIs for accessing and creating conditional access policies: https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/resources/intune_graph_overview

                  Also vote under Azure AD: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19198480-support-exporting-and-importing-conditional-access

                  213 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    1 comment  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
                  • Integrate the Windows 10 Quick Assist app with Intune for remote support.

                    Add Azure AD signin to the Quick Assist app shipped with Windows 10 and integrate that into Intune for remote support functionality

                    199 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      8 comments  ·  Remote Assistance/Control  ·  Flag idea as inappropriate…  ·  Admin →
                    • Provide options to disable or prevent factory reset option for Personal devices.

                      Provide the ability to prevent a factory reset from being able to be performed for devices enrolled as personal devices. Only allow an enterprise or selective wipe for said devices. It's way too easy for a mistake to be made which can open up a can of legal issues. Our current MDM (Airwatch) allows for this and the device wipe option only appears on the admin console for corporate owned devices.

                      198 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        7 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                      • Modern authentication for native mail

                        We need to be able to configure email profiles with modern authentication. It is supported now by iOS but not by Intune. This problem is making an MFA rollout to existing email profiles very difficult and leaving gaps in our ability to retire native emails when employees have to configure their own exchange profiles.

                        Outlook is great and all but conditional access doesn’t prevent the native client from being used.

                        198 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          21 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

                          As @Robert suggested, I will merge “IOS email profile does not support MFA” into this one.

                          Also, when I asked the PM, he said “Conditional Access does have the ability to require Outlook only. They call it app access.” So check that out. :-)

                        • Windows Hallo for Business setting per group assignment

                          Please add the possibility to create a group assigned Windows Hallo for Business and not just a default that applies to alle users/groups in the tenant.
                          So that you can for a group of people disable Windows Hallo for Business and for another group of users you can configure Windows Hallo for Business settings in the Intune portal.

                          196 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            9 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                          • Remove duplicates

                            Every time when you rebuild (reinstall Windows and Intune client) a corporate PC witch was already managed by Intune a duplicate computer record is added to Intune database. Now we manually removing duplicates every month. Can you automate it?

                            189 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              noted  ·  5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Allow blocking of iOS update

                              I want the ability to block updating to the newest iOS version. I have users who don't listen when I send out an email blast to not update their devices but I still get users who either don't read or just ignore the email. I want the ability to set the highest version that I want available and to disable updating to the newest version until I release it. Same type of deal as when I have to approve Windows updates.

                              189 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                16 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →

                                I know it’s not a total, perpetual block, but as of the week of August 27 you can configure the days and times when you don’t want devices to install any updates. In a future update, you’ll be able to delay when a software update is visibly shown on the device, from one to 90 days.

                                When we deliver the 90-day delay, is that good enough to call this complete? As @Daniil points out, that’s what’s Apple is offering now. And it’s not great to get yourself too out of date with updates.

                              • Ability to open zipped attachment in Managed Outlook App

                                When we disable sharing of data between unmanaged APP and managed APP, we are not able to open zipped attachment as Intune does not have an APP that is able to open Zipped files. We need an Intune managed app for unzipping ZIP, RAR and 7-ZIP files.

                                183 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  5 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                                • 182 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    11 comments  ·  Flag idea as inappropriate…  ·  Admin →

                                    This is something we hear a lot, but there are degrees of server support – just like the desktop client, or just a subset of those features. We would love to get more specific in a survey we just put up here https://microsoft.qualtrics.com/SE/?SID=SV_0P65dThvhzD5ZUV. We’ll leave it up until mid January, since the holidays will have some people out of town for a few weeks. Thanks! We look forward to hearing from you!
                                    Cathy

                                  • Sharing contact from work profile

                                    Please add the functionality to share contacts with the bluetooth connector from the car telephone system with an "Android for work" phone. Our phones have a local phone contact list in the personal profile and a business contact list in the work profile. When a phone connects via bluetooth to a car telephone sytsem, it is not possible to get access to the contacts in work profile. Also, when a call from a contact from the work profile comes in, the name of the caller is not displayed and only the number appeared in the car display.
                                    Other MDM Provider…

                                    181 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      9 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Allow the use of Device Serial Number when assigning devices to a Intune Azure AD Device Group

                                      Allow the use of Device Serial Number when assigning devices to a Intune Azure AD Device Group. We have thousands of iPads that are DEP enrolled and assiged the User-Agnostic Attribute. We also have multiple DEP profiles. These devices do not have users names or email addresses assigned to them. They all have the same device name also, i.e. iPad. Thus, there is no way to open an Azure AD Device Group and add a specific device to it because the only attribute(s) that make one iPad different from the other is: Serial Number, IMEI, or the Unique Identifier. None…

                                      180 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Allow clients to check in more often than 8 hours to speed up software distribution

                                        It'd be nice to push out software more quickly than what is currently available. The current setting only allows 8 hours as the minimum time.

                                        176 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          noted  ·  4 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Device Location for android and windows devices

                                          You have device location for iOS, please bring that to the other platforms!

                                          It's an incredibly important feature, and we can't fully migrate until its included. Every other MDM solution ever has this feature.

                                          175 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            4 comments  ·  Fencing - geo, time speed, etc  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base