Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Microsoft Intune

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. doc that some features work only if you have Windows Enterprise edition

    In documentation for Intune for device restriction policy, app store restriction, there is no information that some of the features apply only if you have Windows Enterprise edition. So you create a policy and it wont give you any information, just don't work as you expect to according to documentation.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  2. Phone owner should be in control

    For BYOD scenario, Intune should be designed so the owner of the phone is in total control of what capability they want to authorize. Only if there’s agreement between them and the IT department would any data be exchanged (both way). Similarly if either party decide to make a change, if the agreement is broken, then all data échange is stopped (and possibly existing data could be removed, as long as it complied with original agreement).

    Device owner should also have the ability to audit what was done with their device.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable Conditional Access Rules for other MDM tools and management agents.

    We are a LANDesk shop. We have agents already deployed and use LANDesk AV / Kaspersky for our antivirus. We would like to only allow computers managed by our LANDesk to access specific O365 resources, such as mail & OWA, even SharePoint, etc.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  4. ADAL Device auth: why do i need to paste the device code manually?

    my program calls context.acquireDeviceCode(CLIENT_ID, clusterUrl, null) then i print the message (with the device code) and it is really annoying that i need to manually copy and paste it.
    This should be easily done if the url retrieved will contain the device code and will pass it to the authentication process.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Automatically reinstall apps on new machines

    When a user receives a new device and logs in with an existing profile automatically push all of their previously installed applications from store for business or configman. Should be a global level setting and adjustable as an end user. Similar to the apps function in iOS when migrating phones. If possible bring over registry and config data.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  6. There is no Choose path to create a file in iOS office apps

    iOS MS Office Apps don't have choose location to create a new file.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Intorduce new intune Policy to stop users from saving new documents on local storage

    Introduce a new feature to stop users from saving new documents inadvertently to Local storage. As the user creates a new file with sensitive data there is a high chance that they will save it to "IPad" instead of SharePoint or other corporate location. If the device is lost or stolen the file can be lost or access by a malicious party.
    Currently the only solution is a user have to save the document first on a corporate location e.g. one drive for business or share point in order to prevent it from saving on a local storage.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune for Education  ·  Flag idea as inappropriate…  ·  Admin →
  8. Prompts to download 3rd-party mobile apps that are under MDM-management

    I'd like to see prompts to download 3rd-party mobile apps that are being managed by MDM policies when links directing to the app's website are clicked in Outlook. (reference: Uber and Lyft rideshare apps)

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add Tutorials and guidance information

    Add the ability for video tutorials/guidance for self service into the company portal app.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Company Portal (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Block Facial Recognition

    I would like to be able to block facial recognition in android for work BUT allow fingerprint access

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Users on managed devices need browser-only access with no ability to download, print, or sync files for SharePoint and OneDrive Online

    I cant manage to have browser-only access with no ability to download, print, or sync files on managed device for SharePoint Online and OneDrive for Business Online for Windows 10 devices . I have a CA which block unmanaged windows 10 devices. I have another CA which grant access to windows 10 complaint devices (enrolled in Intune and marked as compliant). i have a customer who wants to block unmanaged windows 10 devices and allow browser-only access with no ability to download, print, or sync files on managed device for SharePoint Online and OneDrive for Business Online for Windows 10…

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure Admin Portal is not user friendly at all.

    The Azure Intune Portal is not user friendly at all and very confusing. We preferred the old Classic Portal where it had a nice UI and was easy to use.

    We easily get frustrated with the Azure Portal.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. It would be great if Intune could gather information regarding which devices are enrolled in other EMMs.

    It would be great if Intune could gather information regarding which devices are enrolled in other EMMs. This would enable companies switching to Intune from another EMM (e.g. Citrix XenMobile) can use conditional access to control the behavior on all devices based on enrollment (e.g. only allow devices enrolled either in Intune or XenMobile) all from the Intune console.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Ability to manually push new apps and profiles to Mobile Devices

    Other MDM solutions such as AirWatch can manually push new apps and profiles setting so that devices are configured in minutes. When setting up new devices remotely this is important to ensure end user buying and reduce IT service calls.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to setup conditional access policy to only allow access to specific applications from certain WAN IP addresses

    Ability to setup conditional access policy to only allow access to (proportions of applications in) Office365 from trusted IPs. Currently this is not possible without ADFS claim rules.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow inTune AFW secure Android contacts to be accessed via voice commands

    Allow inTune AFW secure Android contacts to be accessed via voice commands. Currently only the non-AFW contacts app can be accessed with voice commands and it's gatekeeping our more mobile work force to have no voice access to their contacts delivered through inTune and O365.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
  17. Ensure each Assignment control explicitly indicates if it’s intended to be assigned to User or Device.

    Ensure each Assignment control explicitly indicates if it’s intended to be assigned to User or Device.

    Arrange settings applicable to Users into a User Configuration profile blade.

    Arrange settings applicable to Devices into the Device Configuration blade.

    Currently, they are jumbled together and require admin to evaluate “context.” Separating them will reduce incidence of inappropriate assignments.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  18. The user ability to move the apps location/order on the Managed device

    We would like the ability for the user to move the location of the deployed app to the iOS device. Currently the user doesn't have the capability to reorder the apps locations or the screens.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  iOS-specific  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow port information to be included in VPN profile "IP address or FQDN"

    Currently, the VPN profile "IP address or FQDN" will not recognize the inclusion of a port number. When I attempt this, saving the profile fails. Yet, at least for Cisco AnyConnect, the "port" and "dtls port" key/value pairs are not honored in the connection attempt - I have attempted and verified this. In the AnyConnect app, I can directly include a port number with an IP/FQDN, so it appears that is where the AnyConnect app expects this information to be. I would like Intune to allow including this port information in the "IP address or FQDN" field as well.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Certs, Email , VPN, Wi-Fi  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add a suspend feature to intune

    Allow an admin to suspend Intune management or protection for a period of time without the need to uninstall the product. This would allow us to do OS upgrades / updates.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →

    Can you give me more information on this scenario? Say I wanted to “Suspend Intune” – would I be turning off the admin console, or just turning off the client? You talk about “without the need to uninstall” and of course with the service, nothing is installed. Would you just go flip a button and then the clients would stop getting policy? Or stop acting on policy? I’m also not clear why you’d need to do this to do OS upgrades or updates – why can’t you do it with Intune running?

    Some more detail would be helpful.

  • Don't see your idea?

Feedback and Knowledge Base