Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Map network folder & sharepoint

    When a user joins InTune/MDM on windows, it would be good if we could set network shares & sharepoint sites to be mounted as drives for a user group.

    e.g.
    Finance Department
    G: = \\network-machine\general
    F: = \\nework-machine\finance
    S: = https://site.sharepoint.com

    Management Team
    G: = \\network-machine\general
    M: = \\nework-machine\management
    S: = https://site.sharepoint.com

    115 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  2. MacOS VPP app support

    We need the ability to deploy MacOS vpp applications to Mac devices.
    Currently only the 365 Suite and apps generated by the LOB is supported.
    This would help streamline our process of deploying applications to our Mac users.

    113 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  3. Conditional Access: Session Controls for Exchange Online (Outlook on the Web)

    Expand the cloud app Session Controls area to be able to apply OWA policies on-the-fly.

    Allow admins to do things like block download access unless the user is within a trusted location or on a compliant or domain joined device.

    Effectively this, but without the need for ADFS: https://technet.microsoft.com/en-us/library/dn530630(v=exchg.150).aspx

    Combining that with the SharePoint session controls will result in a more complete browser-only experience for unmanaged/untrusted devices.

    112 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. Email alerts notifications for Intune in Azure portal

    The classic Intune portal allows administrators to set up email notifications. For example, if a computer has a malware detection, a definition is outdated, or a scan hasn't been done in a while. The Intune Azure portal has no functionality for notifications, so enrolled devices could have issues - malware, compliance etc, but an administrator would have to review the inventory of devices to be made aware

    111 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  5. Intune Reporting on W10 OS Update

    Currently Intune cannot sufficiently report on what particular Windows 10 OS Update a device may be on. Are there plans to enhance the Intune Reporting engine to execute the reports which contain information about the W10 device OS Update revision?

    111 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Intune Data Warehouse  ·  Flag idea as inappropriate…  ·  Admin →
  6. Customize iOS App installation prompt from "i.manage.microsoft.com"

    When users are installing an iOS application from the company portal linked to the App store on an iOS device they get prompted to accept the action. For Excel the following message appears: "i.manage.microsoft.com" is about to install and manage the app "Excel" from the App Store. ...
    How can the "i.manage.microsoft.com" be changed to something that reflects the organization that manages the device and is recognisable by the end user?
    Other MDM vendors are capable of modifying this message and actually displaying the company name managing the device instead of the URL. Among these tools is IBM Mobile first…

    110 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  7. Secure authentication within PowerShell scripts for Intune MDM

    We would like to authenticate to services, like Azure Storage or Azure SQL from an Intune MDM PowerShell script.

    However, with PowerShell scripts in Intune MDM the source, including passwords are visible in plain text, for instance when you review the log files in C:\ProgramData\Microsoft\IntuneManagementExtension\Logs.

    We would like a secure way to safely authenticate with different services from PowerShell scripts in Intune MDM. For instance by being able to preconfigure one or more Credential- or Variable Assets passed (as parameter?) with the PowerShell script configured.

    A credential source provider could be Azure Key Vault or Azure Automation Credential- and Variable…

    110 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Scripting-Graph/PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  8. e add Allow Pattern Unlock to the list of password options

    When Intune Compliance or MDM policy is applied to Android Devices, pattern unlock is disabled. Please add Allow Pattern Unlock to the list of password options.

    https://docs.microsoft.com/en-us/intune-classic/deploy-use/android-policy-settings-in-microsoft-intune

    110 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  9. BYOD - Changing Intune Device Enrollment Limit to 1 for only a few users in Intune while allowing other users to enroll upto 5 devices.

    We know by default in the intune tenant we can define “Mobile Device Enrollment Rules” that can allow up to a Maximum of 5 devices per user to be enrolled into intune. So in BYOD scenario the users are able to enroll up to 5 devices into Intune.

    So in this BYOD scenario, sometimes we want to allow only certain users or User group to be able to enroll their devices but just 1 device into intune not 5 devices. While other users should be able to enroll up to 5 devices as configured under “Mobile Device Enrollment Rules” in…

    109 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Fortigate VPN Support

    I have a customer of 1800 staff who currently use a competing EMM product but would like to move to Intune. Problem is they require per-app VPN functionality. Their existing Fortigate VPN solution is not in the supported VPN product list (and they don't want to change the VPN solution). Be good to see support for Fortigate.

    108 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  11. 108 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. Improve the Application deployment capabilities for Windows

    Now with all the new features of Windows 10 and Intune as the no. 1 cloud management for this platform - there are so many things missing in order for application deployment feature to be a full solution.
    1. Add the ability to edit existing source files of applications
    2. add detection methods by registry VALUES or file VERSIONS like SCCM
    3. more deploy options rather than just MSI\EXE (bat, cmd, vbs, ps1 etc...)
    4. add application dependencies...

    I think that in short, I can say - make the application deployment features of SCCM (that are perfect) to be available…

    107 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mail Notification for Enrolled Devices

    I would like the ability to configure a mail notification when a new device is enrolled on the Intune portal. This will allow the admins to quickly categorise new devices as soon as they are enrolled.

    101 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Disable Windows Hello on Windows Devices after Intune Enrollment

    There is no way of disabling Windows Hello after Intune enrollment, and when using mapped SMB shares and PIN logon, you always get prompted for a username/password to browse the folders.

    We need the ability to disable Windows Hello (PIN/bio-login), and force Password login on Windows devices already enrolled in Intune.

    101 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
  15. Selective Wipe for Azure AD Joined devices

    Please add the option to do a selective wipe on Azure AD Joined/Workplace joined devices.

    Azure AD Join and MDM auto enrollment are enabled with Intune and Azure AD Premium. When a Windows 10 Mobile is started for the first time (OOBE) it is possible to “Sign in with a work account” to join Azure AD and auto enroll in Intune. (https://technet.microsoft.com/nl-nl/itpro/windows/manage/join-windows-10-mobile-to-azure-active-directory#how-to-join-windows-10-mobile-to-azure-ad). When a Windows Mobile device is configured this way Single Sign On works for Mail, Calendar, Edge and the Business Store, which is great. But when the Selective Wipe option is initiated from Intune it does…

    98 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to seamlessly deploy BitLocker in the background without prompting the user.

    BitLocker can be deployed currently but the user is prompted for interaction... which is both annoying and unnecessary - it should just happen per the settings defined.
    The current workaround requires this solution: https://blogs.technet.microsoft.com/home_is_where_i_lay_my_head/2017/06/07/hardware-independent-automatic-bitlocker-encryption-using-aadmdm/

    Ideally this functionality should be embedded within Intune and work regardless of whether the User is a Local Admin or not.

    97 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Managed Browser policies to force only specified domains in to the managed browser.

    Allow Managed Browser policies to force only traffic for specified domains to the managed browser. Potentially allow other links to open in the native browser.

    97 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
  18. Disable unknown sources on Android devices.

    Disable installation from unknown sources using Intune policies on Android devices. Android OS has an option where user can disable unknown sources so they can install THIRD PARTY apps.

    setting--> General--> Privacy--> security-->under Phone Administrators -->Unknown sources

    Unknown sources should be disabled for security purposes.

    These apps are not tested and can control viruses hence should not be allow and is NOT on the official PLAYSTORE.

    We need an option from the console for Admin to disable this option so user cannot change and allow unknown sources to be install onto the company's devices.

    94 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  19. Intune: Filter for managed Apps

    Hi Team,

    please add a filter option for managed apps in Intune.

    The actual view is confusing, especially if you have more than a few apps.

    It would be very helpful to have filters for iOS / Android / Windows.

    Thanks a lot.

    Cheers,

    Thorsten

    94 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to update specific VPP app on one device or more

    Right now, only option is to enable/disable VPP automatic app updates. This will update all VPP apps on ALL iOS devices. If there's a problematic app, then most devices will be affected, if not all.

    It would be great if Intune will have the ability to update a specific VPP app on specific iOS device(or group).

    This feature is already available on other MDMs.

    94 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base