Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Android for Work Device Owner mode

    Is it possible to get Intune to allow Android for Work to be setup in Device Owner Mode? Possibly with the App and NFC "bump" to setup the config.

    This possibly one of the requirement from within the NCSC guidance (https://www.ncsc.gov.uk/guidance/eud-security-guidance-android-6)

    303 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →

    Hi, if you caught our announcements at Ignite, we announced that we will support device owner mode for Android fully managed corporate devices. It will preview by end of year. Check out our EMS blog for more info
    https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-New-with-Microsoft-Intune-and-System-Center-Configuration/ba-p/262542
    So we’ll call this “started”. :-)

    Also, we’ve been supporting Android kiosk mode since July.

  2. 301 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  Flag idea as inappropriate…  ·  Admin →

    This is something we hear a lot, but there are degrees of server support – just like the desktop client, or just a subset of those features. We would love to get more specific in a survey we just put up here https://microsoft.qualtrics.com/SE/?SID=SV_0P65dThvhzD5ZUV. We’ll leave it up until mid January, since the holidays will have some people out of town for a few weeks. Thanks! We look forward to hearing from you!
    Cathy

  3. Allow use of asset tag for computer name during AutoPilot process

    At present Intune has a preview option to assign custom computer names during the autopilot process. It is restricted to letter, numbers and hyphens plus %SERIAL% to use serial numbers and %RAND:x% to insert a random number.

    Are we looking at %AssetTag% in future. A lot of organisation asset tag devices externally of the device and also enter that asset number in the BIOS as well. This enables them to get the computer name from the user by asking them to look at the asset tag on the device.

    302 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow Bulk actions on devices

    I would like to see bulk actions for devices in Intune. For example select more than one device and have action like on a single device (as in the menu under the "more" button). This could be Sync, Restart, Quick Scan, Full Scan or Update signatures. I would leave Factory reset or Fresh start as a single device action only. Please consider!

    299 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  5. allow admins to customize non-compliance notification with variables

    Ability to use variables in the template that would enable more specific content to be sent to the client (i.e. reason for device non-compliance, device name, OS etc). with the Automate actions for noncompliance.
    in this way, end user can make their device comliance without contact IT and it will more conviniently.

    295 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  6. Deploy .pkg and .dmg to Mac OS X

    We need a way to deploy .pkg and .dmg the LOB seems to hint at only being able to do it for .apps. I can't find any videos or guide on how to do this successfully.

    296 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Email alerts notifications for Intune in Azure portal

    The classic Intune portal allows administrators to set up email notifications. For example, if a computer has a malware detection, a definition is outdated, or a scan hasn't been done in a while. The Intune Azure portal has no functionality for notifications, so enrolled devices could have issues - malware, compliance etc, but an administrator would have to review the inventory of devices to be made aware

    294 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  8. Display phone number for Android Enterprise

    Phone number should be inventoried on Android Enterprise Dedicated and Fully Managed devices.

    290 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow Cut, Copy & Paste Between Managed Apps, Without Requiring to Save first

    Copying from managed app into another managed app is not possible unless the document being pasted into is first saved into OneDrive or Sharepoint.

    Example:
    -Office file type e-mail attachment is viewed from within in the managed Outlook App
    -Content is copied from the managed Outlook App and pasted into a Managed Office App, in a new blank document (Excel, Word, etc)
    -Warning is displayed that “Your organization’s data cannot be pasted here”
    -Only when saving the new blank document into OneDrive or Sharepoint, will the Paste-In functionality work

    Since both apps are already "managed" there shouldn't need to be…

    291 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow organizations to remove the full wipe option from non-company owned devices

    Allow an organization to define user-owned devices and remove the ability to perform full wipes on those devices.

    288 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Install all updates from WU before Resealing with Autopilot white glove

    When using Autopilot white glove the device should install all updates from Windows Update before the technician does "Reseal" and the device is distributed to the end user.

    Currently if technicians keep the device online too long before resealing the devices, the device might get pending hardware updates that will be installed during the first boot. This is not a good user experience. Also, this causes inconsistent behavior, because if the technician is fast enough, the updates are not installed.

    The workaround is to order technicians to reboot the devices after resealing them to make sure that there are not…

    282 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Static computernames in Windows autopilot before Intune autoenrollment.

    Maybe posting this to the wrong component-team but a suggestion would be to give the ability to set a static computername to the imported device when registering the csv file containing hardware information in "Autopilot deployment". The current functionality randomizes the computername after each factory reset or reinstallation. Seems pointless to perform a namechange after Intune autoenrollment. This would solve alot of of administrative issues within larger organizations.

    282 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    25 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the week of August 27, you can use a template to control how the machine will be automatically named. So not exactly static, but gets you away from total random. From the discussion, sounds like not total random was good enough for some, but not all, so I will switch this back to “noted”.

    more detail about what we released in August:
    When you create an autopilot deployment profile, you can designate a name, which must be 15 characters or less, and can contain letters, numbers, and hyphens. Names can’t be all numbers. Use the SERIAL macro to add a hardware-specific serial number. Alternatively, use the RAND:x macro to add a random string of numbers, where x equals the number of digits to add.
    https://docs.microsoft.com/en-us/intune/enrollment-autopilot#create-an-autopilot-deployment-profile

    It’s only available with the Windows Insider build for now.

  13. Hide sensitive content in notification on the lockscreen

    In iOS 11, your iPhone gives you much more control over notifications. You can designate certain apps as “sensitive”, so that it hides the content of notifications while your phone is locked, only letting you see the full preview when you use Touch ID or Face ID to unlock your iPhone. This works in every single app on your phone, unlike in iOS 10 and before.

    An option to push these settings to the devices through intune would come in handy to prevent leaking company data, but the end users will see a notification on the lockscreen when they get…

    277 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  14. Software Supersedence for Windows (Win32) Applications

    Are there any plans to integrate a "Supersedence" function for win32 applications?
    This would be much easier to upgrade our apps in fast cycles.

    275 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. MAM support for Delve on both IOS and Android

    Delve is a appreciated app that needs the same Protection as the rest of the Office Apps. We need MAM-support for Delve on both Ios and Android.

    Delve can access sensitive business data. If you open Delve you can read that data. Please let us create MAM-profiles the same way as for the other Office apps.

    Best Regards Magnus Ericsson

    272 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Push encrypted content to device

    Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

    In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

    271 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    25 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Intune MAM support for Android face unlock

    New Android devices (Pixel 4) don't provide fingerprint unlock.
    Users must then use PIN unlock.
    Suggestion is to add MAM support for Face unlock on Android, to bring it to the same parity level as iOS - https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/32395231-intune-mam-support-for-ios-face-id

    270 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide a way to translate between GPO and OMA-URI / ADMX-backed policies

    This is split from the original "Provide a translation or mapping between GPO and OMA-URI / ADMX-backed policies" - we've delivered the mapping part, but leaving this new request for the translation part.

    original: https://microsoftintune.uservoice.com/forums/291681/suggestions/31741903

    Using Intune on Azure to manage Windows 10 PCs thru the MDM channel works great. However, many policies that are available via traditional GPO are either not available, or are available via OMA-URI and ADMX-backed policies but using different names and using a different configuration interface.

    Please continue rolling out MDM policies to catch up with GPO; and at the same time — perhaps more…

    260 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support Endpoint Protection on Windows 10 Pro

    Simple really. Windows 10 Pro supports bitlocker. Therefore if we're paying for Intune, it seems reasonable to be able to manage bitlocker on those devices.

    261 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    30 comments  ·  Bitlocker Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Force application install and/or re-install from portal

    As we notice an app installation failure from the portal and the managed apps for the device we'd like a simple function to force the application to install from the portal. Rather than having the user wait for next cycle of "required apps" checking.

    260 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    17 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base