Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Selective Wipe for Azure AD Joined devices

    Please add the option to do a selective wipe on Azure AD Joined/Workplace joined devices.

    Azure AD Join and MDM auto enrollment are enabled with Intune and Azure AD Premium. When a Windows 10 Mobile is started for the first time (OOBE) it is possible to “Sign in with a work account” to join Azure AD and auto enroll in Intune. (https://technet.microsoft.com/nl-nl/itpro/windows/manage/join-windows-10-mobile-to-azure-active-directory#how-to-join-windows-10-mobile-to-azure-ad). When a Windows Mobile device is configured this way Single Sign On works for Mail, Calendar, Edge and the Business Store, which is great. But when the Selective Wipe option is initiated from Intune it does…

    86 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    • Improve the Application deployment capabilities for Windows

      Now with all the new features of Windows 10 and Intune as the no. 1 cloud management for this platform - there are so many things missing in order for application deployment feature to be a full solution.
      1. Add the ability to edit existing source files of applications
      2. add detection methods by registry VALUES or file VERSIONS like SCCM
      3. more deploy options rather than just MSI\EXE (bat, cmd, vbs, ps1 etc...)
      4. add application dependencies...

      I think that in short, I can say - make the application deployment features of SCCM (that are perfect) to be available…

      84 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        4 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
      • Migrate Intune PC management into new Azure Intune portal

        Very cool that the Mobile portion has been migrate into the new Azure Intune portal.

        But what the current PC management?
        Why does it still require the old Silverlight portal?
        Bad experience to browse between 2 portal.

        Can you guys migrate everything into the new Azure Intune Portal?

        Please Intune Team, migrate the PC management portion into the new Azure Intune Portal for the benefit of your clients,

        83 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          5 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
        • e add Allow Pattern Unlock to the list of password options

          When Intune Compliance or MDM policy is applied to Android Devices, pattern unlock is disabled. Please add Allow Pattern Unlock to the list of password options.

          https://docs.microsoft.com/en-us/intune-classic/deploy-use/android-policy-settings-in-microsoft-intune

          83 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            3 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
          • Manage Windows 10 1709 port specific firewall rules with Intune

            Windows 10 1709 devices support Firewall CSP (https://docs.microsoft.com/en-us/windows/client-management/mdm/firewall-csp) that allows creating port specific firewall rules via MDM channel. Please add support to Intune to manage those firewall rules.

            82 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              3 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
            • Map network folder & sharepoint

              When a user joins InTune/MDM on windows, it would be good if we could set network shares & sharepoint sites to be mounted as drives for a user group.

              e.g.
              Finance Department
              G: = \\network-machine\general
              F: = \\nework-machine\finance
              S: = https://site.sharepoint.com

              Management Team
              G: = \\network-machine\general
              M: = \\nework-machine\management
              S: = https://site.sharepoint.com

              81 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
              • Push encrypted content to device

                Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

                In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

                81 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                • Device GeoLocation and Map Overlay View of All Devices.

                  The majority of other MDM/PC management solutions allow for GeoLocation of all managed devices without the need to set a lost mode or alert the end user. This is a fairly basic feature and required for services such as fleet tracking and managing field workers/dispatch.

                  I'd like to see an all devices view that overlays device GeoLocation on Map and for all types of devices that support some form of GeoLocation (AGPS, GPS, WiFi/Skyhook) as well as an option to manually request device location to be updated or device to check-in without alerting the end-users.

                  The current Lost Mode for…

                  81 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    4 comments  ·  Fencing - geo, time speed, etc  ·  Flag idea as inappropriate…  ·  Admin →
                  • Mail Notification for Enrolled Devices

                    I would like the ability to configure a mail notification when a new device is enrolled on the Intune portal. This will allow the admins to quickly categorise new devices as soon as they are enrolled.

                    79 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Hide sensitive content in notification on the lockscreen

                      In iOS 11, your iPhone gives you much more control over notifications. You can designate certain apps as “sensitive”, so that it hides the content of notifications while your phone is locked, only letting you see the full preview when you use Touch ID or Face ID to unlock your iPhone. This works in every single app on your phone, unlike in iOS 10 and before.

                      An option to push these settings to the devices through intune would come in handy to prevent leaking company data, but the end users will see a notification on the lockscreen when they get…

                      79 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                      • Configure Anyconnect application on Android devices without enabling external control

                        Allow the ability to configure the Anyconnect application on Android devices without having to enable external controls. When I opened a premier support case with Microsoft they said it was a limitation with the Cisco Anyconnect application and open a ticket with Cisco. That would be fine, but I am an Airwatch customer evaluating Intune and this feature works perfectly fine using Airwatch. I can configure the Anyconnect application using a profile without having to enable external controls. So, I know this can be done. Please work with Cisco so you can configure the Android Anyconnect app when you are…

                        79 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                        • Option under "Volume-Purchased Apps" to deploy to "Device Group"

                          Please can you add an option under "Volume-Purchased Apps" to deploy to "Device Groups". Currently the only option available is to deploy to "User Groups".

                          We are trying to use Apple VPP & Intune to deploy apps to iPad devices that are shared across multiple users therefor we must be able to deploy to a device rather than a user. Apple have advised this is now supported on IOS9 and above which is what we are using.

                          79 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            7 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Create a conditional access policy for Users not enrolled or on a compliant Device

                            Many of our users work from home and do not want their personal Windows computer to be either enrolled into our MDM suite or onto Azure AD. With our strict compliance regulations users are struggling to make their own Windows computer devices compliant.

                            Would it be possible to have a policy that is in the middle, where users can access emails, OneDrive for Business and SharePoint sites without the need to be on a domain joined computer or enrolled into our MDM suite. I would like to see this policy give the user access to all content but only from…

                            77 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              2 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
                            • Email alerts notifications for Intune in Azure portal

                              The classic Intune portal allows administrators to set up email notifications. For example, if a computer has a malware detection, a definition is outdated, or a scan hasn't been done in a while. The Intune Azure portal has no functionality for notifications, so enrolled devices could have issues - malware, compliance etc, but an administrator would have to review the inventory of devices to be made aware

                              77 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                4 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
                              • Skype for Business - Managed App Configuration (iOS)

                                Starting with iOS 7. The ability to push remote configuration to apps for iOS was added. This is achieved by an MDM Server (Intune) pushing key value pairs to a MAC compatable app.

                                Whilst the functionality has now been added to Intune/SCCM to support this. Skype for Business as far as I am aware doesn't allow this functionality yet. Recently SFB allowed MAM support. It would be great to be able to pre-populate users Skype for business credentials driving down calls to Servicedesks by using MAC.

                                76 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  3 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Clean start layout policy

                                  Today there are two options to apply a start layout to users, fully locked or partial locked.
                                  Fully locked start layout will clean the start layout from "consumer things" and nicely only show what have been deployed centrally. But lack support of user customizations such as pinning and resize.
                                  Partial locked start layout will allow the users to customize the start layout and show what have been centrally deployed, but it will also show the default start layout/"consumer things" on the desktop that are not wanted in an enterprise.
                                  I would like to see an option to either clean start…

                                  76 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                  • 76 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      4 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Android Enterprise Widgets

                                      Widgets are not available on our BYOD managed Intune devices. There does not seem to be settings in the restriction profile to manage widgets. Our users have been very vocal about the loss of mail and calendar widgets unde Android Enterprise Management.

                                      Thank you

                                      75 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        6 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
                                      • support Linux MDM like OS X

                                        Could we have a Linux MDM like OS X?

                                        75 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Ability to prevent workplace join, allow AAD join only

                                          All other platforms (iOS, Android) support enrollment restrictions to block poersonal devices. Windows 10 needs the same. Please provide the ability to prevent workplace join.

                                          74 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base