Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Set Timezone for Windows 10 from Intune MDMFollowing the "Autopilot" idea I'd like to install MSI application from Intune MDM however

    Following the "Autopilot" idea I'd like to install MSI application from Intune MDM via Azure AD joined laptop/surface however by default the Windows Auto timezone service is turned off so new users wont have applications installed from Intune MDM because the date/time on a new device does not match the MDM "as soon as possible" date/time requirements for deployment of Applications i.e. The OOTB Autopilot experience cant work for application deployment unless a new user sets the timezone correctly first!

    Thanks
    Peter

    How can I fix this

    242 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to add apps to the list "require approved client app"

    The "require approved client apps" feature in conditional access is a very good security feature, but sometimes a 3:rd party app must be supported, .e.g., a room booking system for mobile devices. If the feature "require approved client apps" is enabled, there is no way to support a 3:rd party app. Please make it possible to add apps (tenant wide) to the "require approved client apps" list.

    238 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to update specific VPP app on one device or more

    Right now, only option is to enable/disable VPP automatic app updates. This will update all VPP apps on ALL iOS devices. If there's a problematic app, then most devices will be affected, if not all.

    It would be great if Intune will have the ability to update a specific VPP app on specific iOS device(or group).

    This feature is already available on other MDMs.

    236 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  4. Hide sensitive content in notification on the lockscreen

    In iOS 11, your iPhone gives you much more control over notifications. You can designate certain apps as “sensitive”, so that it hides the content of notifications while your phone is locked, only letting you see the full preview when you use Touch ID or Face ID to unlock your iPhone. This works in every single app on your phone, unlike in iOS 10 and before.

    An option to push these settings to the devices through intune would come in handy to prevent leaking company data, but the end users will see a notification on the lockscreen when they get…

    233 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  5. Email alerts notifications for Intune in Azure portal

    The classic Intune portal allows administrators to set up email notifications. For example, if a computer has a malware detection, a definition is outdated, or a scan hasn't been done in a while. The Intune Azure portal has no functionality for notifications, so enrolled devices could have issues - malware, compliance etc, but an administrator would have to review the inventory of devices to be made aware

    230 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  6. Remove Android for Work apps from Intune when they've been removed from Google Play for Work

    This doesn't currently happen and is apparently "working as designed"

    230 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    27 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  7. Copy files to mobile devices

    Hey

    Create feature to deploy files to devices.

    I really need this feature on Android devices

    225 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Mac OS X Software Updates

    Ability to manage updating of OS X would be a phenomenal improvement. Should include enforcement, policies, and reporting. It would be a huge bonus if this could also handle upgrades so we could block old versions of OS X.

    228 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  9. Push encrypted content to device

    Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

    In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

    228 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    20 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide a way to translate between GPO and OMA-URI / ADMX-backed policies

    This is split from the original "Provide a translation or mapping between GPO and OMA-URI / ADMX-backed policies" - we've delivered the mapping part, but leaving this new request for the translation part.

    original: https://microsoftintune.uservoice.com/forums/291681/suggestions/31741903

    Using Intune on Azure to manage Windows 10 PCs thru the MDM channel works great. However, many policies that are available via traditional GPO are either not available, or are available via OMA-URI and ADMX-backed policies but using different names and using a different configuration interface.

    Please continue rolling out MDM policies to catch up with GPO; and at the same time — perhaps more…

    224 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
  11. Improve Hardware inventory in Intune

    Hardware inventory needs to be improved. Currently Intune cannot read serial numbers from HP Envy x360 devices. Additional information such as CPU and Memory would also be helpful for Admins to keep track of inventory.

    224 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Inventory (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  12. My organization requires more apps to support Microsoft Intune Mobile App Management (MAM)

    The Microsoft Intune team would like to understand which Android and iOS apps your business must have data protection (MAM) support for. Add a new Comment below with the with the App Name and Platform in the field. Alternatilvely, start a new idea with ‘MAM App Support’ in the title

    222 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    211 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Include system apps for Android Enterprise (AfW) Work Profile

    We need the ability to add system apps like the system camera or phone app to the work profile. Other EMM vendors already support this feature.

    214 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add support for Samsung E-FOTA

    We have a large Samsung deployment where enhanced control of the OS update flows are required.
    Samsung EFOTA allows us to do this.
    Please add support for this feature.
    https://www.samsungknox.com/en/solutions/it-solutions/samsung_e-fota

    212 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make it possible to Azure AD join/synchronize device (computer) objects to multiple Azure AD tenants from a single forest AD.

    Some companies hosts multiple sub-customers in a single forest Active Directory.
    Each sub-customers users and machine objects are organized in their own OUs.
    Present configuration would be one AAD Connect server per customer OU – which synchronize the user objects to their respective individual Azure Tenants and they license all their sub-customers AAD Users with M365 licenses.

    Some would like to enable Automatic AAD Join (Hybrid Azure AD Join) for their sub-customers Windows 10 Enterprise devices via GPO.
    They want to manage the sub-customers domain-joined devices with Intune, and use device-based conditional access.

    AAD Device Registration (DRS) requires a Service…

    207 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Office Lens to Intune MAM

    Due to the sensitive nature of the photos being taken on the mobile devices at our company, Office Lens needs to be added to the Intune MAM list of mobile apps so that the photos taken with Office Lens are only capable of being stored in the company's OneDrive for Business.

    202 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include a prompt to the end-user during enrollment if it is a corporate/personal device

    Include a prompt to the end-user during enrollment if it is a corporate/personal device. So we later can deploy different certificates/wi-fi profiles, apps e.t.c to only corporate owned devices.
    Also make it possible to set this in the Company Portal

    201 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Deploy .pkg and .dmg to Mac OS X

    We need a way to deploy .pkg and .dmg the LOB seems to hint at only being able to do it for .apps. I can't find any videos or guide on how to do this successfully.

    200 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support for MFA during DEP single app mode

    Enable support for MFA during DEP single app mode enrolment. Currently single app mode blocks access to text and phone apps during Company Portal enrolment so MFA can't complete successfully. We've tried excluding "Microsoft Intune Enrolment" app from conditional access but this doesn't work.

    198 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  20. Conditional Access to Corporate Devices whilst allowing MAM-WE to Personal

    Most users in companies have multiple devices, a mix of corporate and personal.
    Most users don't mind enrolling Corporate devices but do not want to enrol personal devices but want access to email on those devices as well.
    It should be possible to ensure the corporate devices must enroll, but the personal devices are only affected by MAM-WE policies so the personal devices for the same user do not need to enrol but only need to register.

    Maybe add an option to say if device in Corporate Identifiers it must enrol or make the conditional access policy able to read…

    194 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base