Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 182 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      11 comments  ·  Flag idea as inappropriate…  ·  Admin →

      This is something we hear a lot, but there are degrees of server support – just like the desktop client, or just a subset of those features. We would love to get more specific in a survey we just put up here https://microsoft.qualtrics.com/SE/?SID=SV_0P65dThvhzD5ZUV. We’ll leave it up until mid January, since the holidays will have some people out of town for a few weeks. Thanks! We look forward to hearing from you!
      Cathy

    • Allow clients to check in more often than 8 hours to speed up software distribution

      It'd be nice to push out software more quickly than what is currently available. The current setting only allows 8 hours as the minimum time.

      182 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        noted  ·  4 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
      • Sharing contact from work profile

        Please add the functionality to share contacts with the bluetooth connector from the car telephone system with an "Android for work" phone. Our phones have a local phone contact list in the personal profile and a business contact list in the work profile. When a phone connects via bluetooth to a car telephone sytsem, it is not possible to get access to the contacts in work profile. Also, when a call from a contact from the work profile comes in, the name of the caller is not displayed and only the number appeared in the car display.
        Other MDM Provider…

        180 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          9 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
        • Priority based Application deployment

          Hi, It will be good if Intune provide feature of application deployment according to priority because some applications needs some prerequisite application to be deployed first.

          176 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            10 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
          • Sequence of Policy/Applications

            Other MDM solutions allow policies and mandatory applications to be ordered. Or a priority set to them. So what I'm looking for a is a priority for a deployment. This way I can enforce that WIFI policy or line of business apps are installed before the Office apps (at 500MB a piece).

            172 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
            • Intune Graph API should be accessible non-interactively

              In order to automate tasks with Graph it is essential that scripts can be run non-interactively. Currently the Graph API requires a user login for delegated access to be able to access the /ManagedDevices/ endpoint of the API.

              Received confirmation from Peter Richards that this is currently not supported.

              Steps to reproduce
              Create an Application in Azure
              Populate and run this script
              $OauthTokenEndpoint = 'https://login.microsoftonline.com/tenantid/oauth2/token';

              $OauthRequest = @{
              grant_type="client_credentials"
              client_id = "clientidguid"
              client_secret = "clientidsecret"
              resource = "https://graph.microsoft.com"
              scope="DeviceManagementManagedDevices.Read.All"
              }

              $AuthResponse = Invoke-RestMethod -Uri $OauthTokenEndpoint -Method Post -ContentType application/x-www-form-urlencoded -Body $OauthRequest
              $Token = $authresponse.access_token

              #this query…

              167 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                10 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
              • My organization requires more apps to support Microsoft Intune Mobile App Management (MAM)

                The Microsoft Intune team would like to understand which Android and iOS apps your business must have data protection (MAM) support for. Add a new Comment below with the with the App Name and Platform in the field. Alternatilvely, start a new idea with ‘MAM App Support’ in the title

                167 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  172 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                • Include a prompt to the end-user during enrollment if it is a corporate/personal device

                  Include a prompt to the end-user during enrollment if it is a corporate/personal device. So we later can deploy different certificates/wi-fi profiles, apps e.t.c to only corporate owned devices.
                  Also make it possible to set this in the Company Portal

                  154 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    6 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                  • Enforce auto update for Apps in iOS devices via intune.

                    I'm managing my corporate devices via Intune, and according to our internal policy I have disabled the App Store and allow app instillation via company portal only to control the allowed apps.

                    I have problem with apps' updates, because App Store is disabled, Apps are not being updated, although I update the apps to the latest version in the company portal.

                    It will be necessary to be able to manage/control apps update via intune.

                    151 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      20 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                    • MAM support for Delve on both IOS and Android

                      Delve is a appreciated app that needs the same Protection as the rest of the Office Apps. We need MAM-support for Delve on both Ios and Android.

                      Delve can access sensitive business data. If you open Delve you can read that data. Please let us create MAM-profiles the same way as for the other Office apps.

                      Best Regards Magnus Ericsson

                      147 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                      • Static computernames in Windows autopilot before Intune autoenrollment.

                        Maybe posting this to the wrong component-team but a suggestion would be to give the ability to set a static computername to the imported device when registering the csv file containing hardware information in "Autopilot deployment". The current functionality randomizes the computername after each factory reset or reinstallation. Seems pointless to perform a namechange after Intune autoenrollment. This would solve alot of of administrative issues within larger organizations.

                        147 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          15 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →

                          As of the week of August 27, you can use a template to control how the machine will be automatically named. So not exactly static, but gets you away from total random. From the discussion, sounds like not total random was good enough for some, but not all, so I will switch this back to “noted”.

                          more detail about what we released in August:
                          When you create an autopilot deployment profile, you can designate a name, which must be 15 characters or less, and can contain letters, numbers, and hyphens. Names can’t be all numbers. Use the SERIAL macro to add a hardware-specific serial number. Alternatively, use the RAND:x macro to add a random string of numbers, where x equals the number of digits to add.
                          https://docs.microsoft.com/en-us/intune/enrollment-autopilot#create-an-autopilot-deployment-profile

                          It’s only available with the Windows Insider build for now.

                        • MAM for MAC OS X?

                          We have MAM for Android and iOS, WIP for Windows 10. But unfortunately Microsoft does not support MAC OS X devices. We have many customers planning for BYOD based on MAM/WIP, but unfortunately have to ban MAC devices from the list.

                          140 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            2 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Allow apps to be uninstalled / blocked remotely

                            Given the list of software in the inventory, I would like to be able to remove software that has been installed by the user, and block it from being installed in the future.

                            136 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              7 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Extend the SCEP enrollment profile with additional Active Directory attributes

                              At the moment only two user attributes (CN and UPN) are available to use in SCEP profiles. With our current MDM solution it is possible to use every AD attribute to request a certificate with this unique attribute. Both Intune and the other MDM solution are using the same SCEP server so it is possible. This seems like extending a table in Intune or using a text box with variables. We have the need to use ExtensionAttributes as the unique identifier for a certificate.

                              135 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                6 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →

                                AS of the week of April 23, 2018, you can use the OnPremisesSamAccountName the common name in a custom subject on an SCEP certificate profile. For example, you can use CN={OnPremisesSamAccountName}).

                                As of Dec 11, when you create a SCEP certificate profile in Intune, you can now use the AAD_DEVICE_ID variable when you build the custom subject name. When the certificate is requested using this SCEP profile, the variable is replaced with the AAD device ID of the device making the certificate request.
                                https://docs.microsoft.com/en-us/intune/whats-new

                                I don’t think it gives you everything you want, but how close are we?

                              • Add Office Lens to Intune MAM

                                Due to the sensitive nature of the photos being taken on the mobile devices at our company, Office Lens needs to be added to the Intune MAM list of mobile apps so that the photos taken with Office Lens are only capable of being stored in the company's OneDrive for Business.

                                127 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  6 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Sync Exchange contacts with local device contacts

                                  To allow the use of SMS and caller ID,contacts contained within the Exchange ActiveSync contacts configuration needs to be accessible to the local device, the ability to configure a profile to just allow the synchronizing of contact or the export of contacts from the outlook managed app to the device is necessary. Email access cannot be allowed outside of the managed apps.

                                  125 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    noted  ·  6 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Conditional Access to Corporate Devices whilst allowing MAM-WE to Personal

                                    Most users in companies have multiple devices, a mix of corporate and personal.
                                    Most users don't mind enrolling Corporate devices but do not want to enrol personal devices but want access to email on those devices as well.
                                    It should be possible to ensure the corporate devices must enroll, but the personal devices are only affected by MAM-WE policies so the personal devices for the same user do not need to enrol but only need to register.

                                    Maybe add an option to say if device in Corporate Identifiers it must enrol or make the conditional access policy able to read…

                                    124 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      8 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Microsoft edge on android and IOS as managed browser

                                      Please change Microsoft Managed Browser with Microsoft Edge for Android and IOS as managed browser - so that we can Manage Internet access using managed browser policies with Microsoft Intune with a browser that are known for the users as it is default in Windows 10

                                      123 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        15 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →

                                        As of the week of June 4, 2018, the Microsoft Edge browser for mobile devices (iOS and Android) supports Microsoft Intune app protection policies. Users of iOS and Android devices who sign-in with their corporate Azure AD accounts in the Edge application will be protected by Intune. On iOS devices, the Require managed browser for web content policy will allow users to open links in Edge when it is managed.

                                        I think what you’re asking for is making Edge replace the managed browser, so I won’t call this complete, but wanted you to know that we added this Edge-related feature.

                                      • MAM using outlook app with Exchange on-prem

                                        currently MAM is working with exchange online only. when it will support exchange on-prem

                                        122 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          4 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Android Enterprise Widgets

                                          Widgets are not available on our BYOD managed Intune devices. There does not seem to be settings in the restriction profile to manage widgets. Our users have been very vocal about the loss of mail and calendar widgets unde Android Enterprise Management.

                                          Thank you

                                          119 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            11 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base