Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Microsoft 365 Lighthouse Ideas

Microsoft 365 Lighthouse is currently in the private preview stage of development, and includes multi-tenant management capabilities for device compliance, threat management and user access management. To learn more visit https://techcommunity.microsoft.com/t5/small-and-medium-business-blog/announcing-microsoft-365-lighthouse-for-managed-service/ba-p/1698181

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft 365 Lighthouse engineering team. Though we can’t promise to reply to all posts, we want to hear your ideas. Help influence the features and functionality we build. 

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that this feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Endpoint Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.
  1. Auditing and tracking of actions performed and results

    A thought that we have since started working with Lighthouse is that it would be great that all the actions that are taken by agents are logged with which action taken and for which tenant, say for example we initiate a scan, at the end of the month we would like our client to see that we have performed this action for them, As we cannot automatically generate a case then it would be great if all actionse were logged so we could use that data. API would of course be preferred long tearm.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. list applications deployed via policy across tenants

    Would be great if there was a central listing of all apps deployed across all tenants showing in Lighthouse. Critical fields would be name, publisher, application version, date modified. This would then allow me to instantly see which tenants do not have the latest version of App-X deployed to the tenant. Particularly useful for MSP RMM agents that need to be updated across all tenants when a new version comes out.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Device Compliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide global list of users not using MFA rather than having to go into each tenant

    The ability to easily see who has not setup MFA for their account, especially administrators in one view would be huge to ensure everyone is secure.
    Although Conditional Access enforces the MFA requirement, it does not show an admin account that is sitting idle and not being used without 2FA being turned on. The whole point of 2FA is to protect an account being compromised because the username and password is known, but if the username and password is known and 2FA is required, the threat actor would be able to setup 2FA themselves (unless conditional access only allows registration…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. AD Connect Status in Customer View

    In the SMB world is AD-Connect (AADSync) a known partner to connect the on-premise world with Azure and Office 365. There are regular updates and the version in Azure is tucked away in #blade/MicrosoftAzureADHybridHealth/AadHealthMenuBlade/SyncServicesList per DC with AD-Connect. I would love to see in the M365 Lighthouse customers pane/blade a dropdownlist with the AD Connect servers aggregated and version. This allows a technician to quickly make an assessment to upgrade the AD-Connect instance. With Azure Lighthouse you are not able to connect to the AAD portion, so you need to do that throug the Partner Center which is…

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Customer Insights  ·  Flag idea as inappropriate…  ·  Admin →
  5. Increase user filters to 2500 versus 500

    Increase systems filters to 2500 devices verus 500 devices

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Customer Insights  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to force compliance policies

    Option to force policy updates to devices showing "Not Compliant" on device compliance dashboard

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Device Compliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. Insights, comparing tenant settings vs templates and other ideas

    Here are some requests that we as a CSP would be happy to see in the future. Some are just good to have, but most of them are to get ROI on invested time. Also, this is from a view where many customers are outsourcing their IT to our company and we want to take full responsibility for support and drive our customers towards a secure and effective IT.


    1. The ability to see alert policies tenant wide – Today we can forward these alerts and react, but we would want to have a central area for this and skip the…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. With the new OneDrive sync error capabilities this would be great to see errors in Lighthouse

    The possibility to see Sync errors centrally in Sharepoint admin center is great. It would be great to be able as a CSP to see errors in sync status for all our clients and manage that for them.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Windows Versions, Features, Quality and Software Updates

    Would like to see an aggregate view across tenants that shows current version of Windows, feature and quality update version breakdowns, policies details for feature and quality updates as well as if they are paused or running.

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. A log of configuration changes across all customer tenants

    We have noticed a need for a log, that lists changes made to M365 services/tenant configuration across all customers. This feature would support MS Partner's internal operations, when the amount of technicians making configuration changes is high, number of customer tenants is high and IT/account management is trying to keep track of activities regarding project management.

    This unified change log would include an event, tenant name and time about a change that was made. Eg. to Endpoint Manager device configuration policies, Conditional access rules, Sharepoint sharing settings, Office 365 Alert policies. The scope is wide and in the beginning the…

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Customer Insights  ·  Flag idea as inappropriate…  ·  Admin →
  11. Email Standard Checks

    Further along the lines of email protections, include a way to check and report the configuration of SPF/DKIM/DMARC. All three are recommended according to Microsoft Best Practices to reduce malicious mail and improve email reliability. You (Microsoft) would also be able to easily query what the DKIM records should be within the customer tenants. SPF and DMARC are standard based and should be the same across all organizations that implement them.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Defender (ATP) and Exchange Online configurations

    Defender for Office 365 (Advanced Threat Protection) is a standard that we recommend to all our clients due to the significant threat that malicious email represents these days. It would be fantastic to have a dashboard, or something similar, where we can easily confirm Safe Links/Safe Attachments/Anti-Phishing Policies are configured and in place.

    If would also be great to include Anti-Spam settings.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Granular permissions for technicians to clients

    I would like the ability to provide more granular permissions assignment/segmentation so that we could restrict or limit the permissions of technicians to specific clients.

    As of now it appears that you need to have the Admin role, which then gives you access to all customers

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Ability to select all columns available in endpoint management in Lighthouse

    As it is now only some colums are available we would like to have enrolled date as we want to use this as a lifecycle aid for our customers, when devices has reached a certain age.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. List admin roles in Azure AD, correlation with Risky Users, Risky Sign-ins, MFA enrollment etc..

    Listing how many users are added to any given role in Azure AD, plus more insight into Risk state, MFA enrollment, sign in frequency (like in PIM) to be able to further help customers understand the importance of Identity Lifecycle Management of admin roles aswell.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. RBAC (and bonus, JIT/PIM) capabilities for Microsoft 365-focused AAD roles for partners/MSPs

    With Azure Lighthouse, we can setup RBAC permissions based on the specific needs and roles our internal MSP employees need to perform their job functions.

    As regulatory compliance and security frameworks (including Zero Trust) continue to evolve and MSPs are required to adhere to those same standards, having a capability to define AAD administrative roles to internal AAD SGs that allow very specific levels of access consistently into multiple customer environments.

    Microsoft Partner Center (MPC) only allows for Global Administrator (which is way too much) and then Helpdesk Administrator (which is too low) through Delegated Administration without any flexibility to…

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Securing access to the rights roles is important, so we appreciate you taking the time to submit this. Currently we are investigating how to enable delegated administration for other AAD roles (outside of the Global Admin and Helpdesk Admin currently possible) in a future release of the service. Post that, we’ll make sure to investigate feedback on scenarios that may need custom role permissions.

  17. Tenant header of who you're managing once you connect via Lighthouse

    It would be beneficial to have information on what tenant you are logged into from Lighthouse to ensure you are making changes on the correct environment. Could be their primary domain name or .onmicorosoft.com domain, or even the branding set on that tenant on the header for visibility.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Customer Insights  ·  Flag idea as inappropriate…  ·  Admin →
  18. Threat - report faults positives

    Lighthouse reports PUA:Win32/CandyOpen this is an included app in Windows for Candy Crush.
    We need a way to report apps that are not threats and hide them until MS Support fixes their settings.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Anit-Virus  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enrolled by user UPN column

    It would be great to have a column for 'Enrolled by user UPN' this would allow for reporting on devices that were connected to MEM via OOBE or DEM or manual.
    We are finding many of our OOBE enrolled devices no longer have a licensed user UPN attached to the device and so are no longer getting policies or apps pushed by MEM.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Device Compliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. Display board similar to brightguage

    Need to have the ability to build in a rotating display board of different sets of client data, similar to the rotating dashboard that brightguage.co has (or similar tools) that will refresh the data.

    So from an admin perspective you need to do the following
    - have a mode of View only
    - be able to select differnt lighthouse screens or sub screens
    - push the screens into a rotating dashboard
    - let this loop

    The problem you are trying to address is trend analysis. The issue is that as much AI you put into this, humans can visually see…

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Customer Insights  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Microsoft 365 Lighthouse Ideas

Categories

Feedback and Knowledge Base