Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Rob de Roos

My feedback

  1. 109 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Ideas » Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Why disabeling the whole sync client. Just let the Sync Client work online only. As it is now users aren't able to open or save files from 3rd party applications from their onedrive or synced sharepoint sites.

    Microsoft apps are ready for this but most 3rd party apps aren't. This is a big problem for modern managed shared devices! Simply said we CANNOT use shared device policies if we have 3rd party apps that are using explorer to browse for or save files to onedrive!

  2. 79 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Ideas » Silverlight Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  3. 373 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Ideas » Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Win32 application dependencies are in place but please extend it also to line of business apps. Or at the bare minimum MSI deployments.

    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Or make it possible to select application dependencies please.

  4. 692 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    53 comments  ·  Ideas » Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Same issue at a customer of ours. A VPN profile that has the same error. The device shows up everywhere as compliant but still the error keeps popping up....

  5. 75 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Ideas » Compliance Policies  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Same issue here. We have device used by multiple users. We had to turn of compliancy policies for those devices in order to get them compliant for Conditional Access based VPN.....

    How can it be that device based conditions (like bitlocker encryption) are checked and reported per user? And even worse how can a device condition triggered by 1 users have this much impact on another user after it has been remediated under that other users account? That doesn't make sense at all in my humble opinion....

  6. 21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Ideas » Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    For Win32 apps dependencies are now available. So I believe this is completed. On the other hand, I would love to be able to also use a line of business MSI application as a dependency.

    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Dependencies and prereqs are much needed features!

    I would love also to be able to ad 'cost' to the deployment of apps so the applications that are most important will install first.

  7. 176 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Ideas » Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    This is absolutely a big issue...... offcourse this should be something to think about when designing the enviroment. But.... if that hasn't been done before, we should have the option to change this afterwards....

    Assinging profiles is a major headache without dynamic groups,

    On the one hand we want less administration to enroll devices. But this way administrative efforts are more than doubled. We need to be able to eleminate human error in this process as much as possible.

  8. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Ideas » Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos shared this idea  · 
  9. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos shared this idea  · 
  10. 973 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    87 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    @Cathy, that would indeen be briliant! I can imagine however that in some cases (testing for example) you have to be able to exclude devices.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    Isn't this available allready? I believe it is. Disable manual unenrollment it is called if I am not mistaken.

  11. 125 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Ideas » Apps config and deployment  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    @Jelle, the problem here is that the previous install isn't a msi install but a click to run install. That won't be installed by the click to run installer. It should alter the install from business to pro plus, but that won't work either.... it keeps telling you there isn't a license available.

    So yes that option is there but it doesn't work if a click to run variant is installed.

    Believe me I tried.

    Another thing is that you cannot alter the installation. In this case the customer didn't want Access to be available on the device.

    The only way is to uninstall it with a cleanup script and reinstall it using the build in functionality of intune.

    Rob de Roos shared this idea  · 
  12. 1,300 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    38 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    You can deploy AirPrint settings for Mac and iOS – https://docs.microsoft.com/en-us/intune/air-print-settings-ios-macos

    You can configure some printer settings under device restrictions for Windows 10 – https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10

    But I’m hearing from a few people that this still doesn’t really help users get to local printers, and that seems the original intent. (@Henrik, if you’re getting this, please weigh in!)

    We won’t call this one complete. I’m switching this to “noted”, meaning we know you want it. Thanks again for the feedback!

    An error occurred while saving the comment
    Rob de Roos commented  · 

    I would love to see the possibility to map a existing printer that resides on a print server (much the case in FollowMe printing solutions). Also installation of specific drivers should be possible in my opinion.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    @Anonymous: Hybrid cloud printing nice but has far to much restrictions. Especialy if a customer has specific tray layouts (in the case of company branded paper and so on). It is a start but in my opninion not ready for Enterprise implementation.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    Found this solution: https://www.printix.net

    I would love to see Microsoft implementing something like this. In modern management and movement to the cloud, potentialy the biggest hurdle to take are printing solutions/print servers. Maybe the team get's ideas from this solution?

    An error occurred while saving the comment
    Rob de Roos commented  · 

    Printer deployment is (was) after Win32 application deployment the biggest issue for not managing devices from the cloud. The problem with printers is that they are the last local devices in an organisation. Hybrid Cloud Printing could be a nice solution but wouldn't it be even nicer if you, besides the printer, didn't need any onprem infra to allow users to print?

    In the meantime it would be nice if we could deploy drivers to clients for the printers needed. Mapping printers can allready be done, but if there is no driver pressent Windows will not be able to print to the printer.

  13. 2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Ideas » Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
  14. 65 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Ideas » Android-specfiic  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    In our case our customer has bought 100’s of Android devices. They need to be enrolled before they are handed to the users. Now what we have to do is, create a google account per device, log on to the play store, download the company portal, enroll the device. That is far to much work to get a device enrolled!!

    IfnI take a look at the android for work partners at google, microsoft isn’t one of the partners.

    iOS has DEP to bulk enroll. We need something like that for Android

  15. 504 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
  16. 251 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    24 comments  ·  Ideas » Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →

    As of the week of August 27, you can use a template to control how the machine will be automatically named. So not exactly static, but gets you away from total random. From the discussion, sounds like not total random was good enough for some, but not all, so I will switch this back to “noted”.

    more detail about what we released in August:
    When you create an autopilot deployment profile, you can designate a name, which must be 15 characters or less, and can contain letters, numbers, and hyphens. Names can’t be all numbers. Use the SERIAL macro to add a hardware-specific serial number. Alternatively, use the RAND:x macro to add a random string of numbers, where x equals the number of digits to add.
    https://docs.microsoft.com/en-us/intune/enrollment-autopilot#create-an-autopilot-deployment-profile

    It’s only available with the Windows Insider build for now.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    @dieter, not if you use (part off) the serial + a few letters for the computer name. As I said, the manufaturer allready created a unique nr. for us, so why bother designing your own? In most cases the CMDB allready has the serial nr noted. Only thing is the user perspective, thats why I build a small app. The user clicks that and all of the info for the helpdesk is there.
    I can't realy think of a situation where tuis wouldn't work. I won't put a user id in a computername because of regulations in europe. Most of my customers have indeed got stickers on the devices. When I ask them why, I Always get the awnser… because it is easy.... My reaction then is.... Why? You design something yourself….. You spend time on all devices to register the sticker in the CMDB..... You put the sticker on the devices.... That all is precious time in my opinion. I believe with autopilot, IT shouldn't touch the device anymore at all.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    @Dieter, the autopilot profile is assigned to a device. So every time that device gets reset it wil get the same name.

    I recon then that this could be a working solution for you.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    For me the solution is great! I always use a few letters and then the serialnr. of te device. Why would I think of a solution to create an unique ID for a device if the device allready has one. Every customer of ours where we design and implement the modern workplace is asked this exact question. Why invest time in something a hardware vendor allready has a solution for? Okay the serial isn't the most user friendly name but hey when do users realy need them. Most of the times you can find devices based on the username also.

    I had only 2 customers that had a realy good reason for doing it themselves. But they are also looking into the possibility to use the serial or part of the serial number.

  17. 58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    And since the week of August 27 it is possible to define device names through autopilot profiles, also by use of %serial% or random digits. Usage is described with the feature.

  18. 539 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Ideas » Device Configuration Profiles  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    By the way it would be even nicer if this functionality would be available through the regular device configuration profiles.

    An error occurred while saving the comment
    Rob de Roos commented  · 

    Thanks @Nathan! That is for sure what we are looking for. In my opinion this thread can now be set to started. I would love to test this as soon as something is available!

    Rob de Roos shared this idea  · 
  19. 80 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Ideas » Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
    Rob de Roos supported this idea  · 
    An error occurred while saving the comment
    Rob de Roos commented  · 

    I would like this also. But do you have powershell scripts assigned to devices? Because in the article https://docs.microsoft.com/en-us/intune/intune-management-extension it is stated that:

    Note
    PowerShell scripts can't be applied to computer groups.
    PowerShell scripts are executed on devices only when an Azure Active Directory (AD) user is signed in to the device.

    Otherwise another thing would be to make that possible at first.

  20. 7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Rob de Roos commented  · 

    Also for iOS this is not working as expected. The 10th time the device gets locked. The 11th time is not even possible so a device Wipe is not taking place at all.

← Previous 1

Feedback and Knowledge Base