Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Improve the Application deployment capabilities for Windows

    Now with all the new features of Windows 10 and Intune as the no. 1 cloud management for this platform - there are so many things missing in order for application deployment feature to be a full solution.
    1. Add the ability to edit existing source files of applications
    2. add detection methods by registry VALUES or file VERSIONS like SCCM
    3. more deploy options rather than just MSI\EXE (bat, cmd, vbs, ps1 etc...)
    4. add application dependencies...

    I think that in short, I can say - make the application deployment features of SCCM (that are perfect) to be available…

    95 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      4 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
    • Device GeoLocation and Map Overlay View of All Devices.

      The majority of other MDM/PC management solutions allow for GeoLocation of all managed devices without the need to set a lost mode or alert the end user. This is a fairly basic feature and required for services such as fleet tracking and managing field workers/dispatch.

      I'd like to see an all devices view that overlays device GeoLocation on Map and for all types of devices that support some form of GeoLocation (AGPS, GPS, WiFi/Skyhook) as well as an option to manually request device location to be updated or device to check-in without alerting the end-users.

      The current Lost Mode for…

      95 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        4 comments  ·  Fencing - geo, time speed, etc  ·  Flag idea as inappropriate…  ·  Admin →
      • Push encrypted content to device

        Hi. Like as AirWatch has Secure Content Locker, please add this same ability for an organization to push out content (new, updated) to a user's device(s) and computers. There should be additional parameters, like length of time the content will be on the device until it is automatically deleted. Additionally, the content should be encrypted, and decrypted in memory when accessed (unlike AirWatch on none iOS devices). File types include PDFs, Word documents, MP3 files, and so on.

        In looking at OneDrive, I don't see this functionality, or this functionality integrated with InTune. So I am submitting this feature request.

        92 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          8 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
        • Selective Wipe for Azure AD Joined devices

          Please add the option to do a selective wipe on Azure AD Joined/Workplace joined devices.

          Azure AD Join and MDM auto enrollment are enabled with Intune and Azure AD Premium. When a Windows 10 Mobile is started for the first time (OOBE) it is possible to “Sign in with a work account” to join Azure AD and auto enroll in Intune. (https://technet.microsoft.com/nl-nl/itpro/windows/manage/join-windows-10-mobile-to-azure-active-directory#how-to-join-windows-10-mobile-to-azure-ad). When a Windows Mobile device is configured this way Single Sign On works for Mail, Calendar, Edge and the Business Store, which is great. But when the Selective Wipe option is initiated from Intune it does…

          92 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            2 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
          • Support playing .wav files in Outlook.

            I am deploying MDM less MAM to our Office 365 account. This works well but on Android specifically we are unable to open voicemails that our phone system emails to our users in .wav format.

            The user gets a message stating "This action is blocked by your IT group"

            92 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              16 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
            • e add Allow Pattern Unlock to the list of password options

              When Intune Compliance or MDM policy is applied to Android Devices, pattern unlock is disabled. Please add Allow Pattern Unlock to the list of password options.

              https://docs.microsoft.com/en-us/intune-classic/deploy-use/android-policy-settings-in-microsoft-intune

              92 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                3 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
              • Email alerts notifications for Intune in Azure portal

                The classic Intune portal allows administrators to set up email notifications. For example, if a computer has a malware detection, a definition is outdated, or a scan hasn't been done in a while. The Intune Azure portal has no functionality for notifications, so enrolled devices could have issues - malware, compliance etc, but an administrator would have to review the inventory of devices to be made aware

                90 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  4 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
                • Disable unknown sources on Android devices.

                  Disable installation from unknown sources using Intune policies on Android devices. Android OS has an option where user can disable unknown sources so they can install THIRD PARTY apps.

                  setting--> General--> Privacy--> security-->under Phone Administrators -->Unknown sources

                  Unknown sources should be disabled for security purposes.

                  These apps are not tested and can control viruses hence should not be allow and is NOT on the official PLAYSTORE.

                  We need an option from the console for Admin to disable this option so user cannot change and allow unknown sources to be install onto the company's devices.

                  90 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    10 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
                  • 89 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      4 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow Managed Browser policies to force only specified domains in to the managed browser.

                      Allow Managed Browser policies to force only traffic for specified domains to the managed browser. Potentially allow other links to open in the native browser.

                      88 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Managed Browser  ·  Flag idea as inappropriate…  ·  Admin →
                      • Azure AD Hybrid joined Windows 10 Devices should recognize a device owner through Intune.

                        Azure AD Hybrid Joined Windows 10 Devices does not list a device owner for Windows 10. This could perhaps be made available through intune. If a device is Azure AD Joined and Intune joined, then the owner in Intune could be set as device owner in Azure AD? Great if this option was available or at least if admins got to turn it on by choice.

                        87 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Enrollment (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                        • Support software deployments via package installers

                          Windows 10 supports package installers like apt-get in Linux. Find more aoubt thins in thins TechNet article http://blogs.technet.com/b/heyscriptingguy/archive/2014/08/23/weekend-scripter-powershell-and-chocolatey.aspx
                          Please support software deployments via those packages in Intune.

                          Or at least support executing powershell scripts in Intune.

                          With this function it would be realy easy to deploy Software like Java, Adobe Reader, Notebat++ and so on without packageing own packages for each update and also without finding out how to perform silent installs for all of them.

                          87 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Mail Notification for Enrolled Devices

                            I would like the ability to configure a mail notification when a new device is enrolled on the Intune portal. This will allow the admins to quickly categorise new devices as soon as they are enrolled.

                            86 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              5 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Mac OS X Software Updates

                              Ability to manage updating of OS X would be a phenomenal improvement. Should include enforcement, policies, and reporting. It would be a huge bonus if this could also handle upgrades so we could block old versions of OS X.

                              86 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                5 comments  ·  MacOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                              • Hide sensitive content in notification on the lockscreen

                                In iOS 11, your iPhone gives you much more control over notifications. You can designate certain apps as “sensitive”, so that it hides the content of notifications while your phone is locked, only letting you see the full preview when you use Touch ID or Face ID to unlock your iPhone. This works in every single app on your phone, unlike in iOS 10 and before.

                                An option to push these settings to the devices through intune would come in handy to prevent leaking company data, but the end users will see a notification on the lockscreen when they get…

                                85 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                • Provide a way to translate between GPO and OMA-URI / ADMX-backed policies

                                  This is split from the original "Provide a translation or mapping between GPO and OMA-URI / ADMX-backed policies" - we've delivered the mapping part, but leaving this new request for the translation part.
                                  original: https://microsoftintune.uservoice.com/forums/291681/suggestions/31741903
                                  -------------------------
                                  Using Intune on Azure to manage Windows 10 PCs thru the MDM channel works great. However, many policies that are available via traditional GPO are either not available, or are available via OMA-URI and ADMX-backed policies but using different names and using a different configuration interface.

                                  Please continue rolling out MDM policies to catch up with GPO; and at the same time — perhaps…

                                  84 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    1 comment  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Configure Anyconnect application on Android devices without enabling external control

                                    Allow the ability to configure the Anyconnect application on Android devices without having to enable external controls. When I opened a premier support case with Microsoft they said it was a limitation with the Cisco Anyconnect application and open a ticket with Cisco. That would be fine, but I am an Airwatch customer evaluating Intune and this feature works perfectly fine using Airwatch. I can configure the Anyconnect application using a profile without having to enable external controls. So, I know this can be done. Please work with Cisco so you can configure the Android Anyconnect app when you are…

                                    82 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      5 comments  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Clean start layout policy

                                      Today there are two options to apply a start layout to users, fully locked or partial locked.
                                      Fully locked start layout will clean the start layout from "consumer things" and nicely only show what have been deployed centrally. But lack support of user customizations such as pinning and resize.
                                      Partial locked start layout will allow the users to customize the start layout and show what have been centrally deployed, but it will also show the default start layout/"consumer things" on the desktop that are not wanted in an enterprise.
                                      I would like to see an option to either clean start…

                                      82 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        2 comments  ·  Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Fortigate VPN Support

                                        I have a customer of 1800 staff who currently use a competing EMM product but would like to move to Intune. Problem is they require per-app VPN functionality. Their existing Fortigate VPN solution is not in the supported VPN product list (and they don't want to change the VPN solution). Be good to see support for Fortigate.

                                        82 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          2 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Enable Delivery Optimization or BranchCache on Office 365 ProPlus

                                          With the nice new feature Deploy Office 365 ProPlus with Microsoft Intune, it would really help if the bits and bytes from the Office 365 ProPlus were also optimized delivered (Windows 10 DO or BranchCache?) so when deploying Windows 10 with only Intune as BYO solution the clients on the same LAN do not all have to download all Office 365 Proplus bytes (~1,2 GB)

                                          81 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            2 comments  ·  Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base