Microsoft Intune Reviews

I use Microsoft Intune to check if laptops are compliant or not, and to check if applications are added to user profiles. Sometimes there are applications users cannot find in the Company Portal or on their laptops, so we try to add them to their profiles. We can check if there are issues with Windows updates and verify if they have the latest version. We can check by hostname or serial number of the laptop if a user's computer is compliant or has access to the enterprise company platform resources.

The best features of Microsoft Intune include helping to know if computers are configured correctly and if users have access to apps or the platform. It provides an excellent overview of all machines for the company and helps determine if those machines are facing issues. It is particularly helpful when laptops face issues with upgrading or migrating to Windows 10 or Windows 11.

Automation has room for improvement in Microsoft Intune for fixing some errors. The knowledge and database in support can also be improved. If errors aren't in the database, we need to check forums or Google to understand and troubleshoot them. The most important improvement needed for Microsoft Intune is to have a comprehensive database about what each error means exactly and what steps to take for troubleshooting.

I have been using Microsoft Intune for about four years.

The stability of Microsoft Intune rates at nine out of ten.

Microsoft Intune has saved approximately 30% of time.

Users are mostly satisfied with Microsoft Intune because it helps them understand what's happening on their laptops. For some issues, I can assist depending on Microsoft Intune access. When comparing Microsoft Intune with other tools, the pricing is acceptable and it's easy to use. I recommend Microsoft Intune; it should be used in companies using Windows. I rate Microsoft Intune eight out of ten.

On-premises

I use Microsoft Intune on corporate devices as well as bring your own devices. It is always within an enterprise environment. I deal with industries such as manufacturing and health.

Microsoft Intune provides a more secure way by offering MFA policy, conditional access policies, and R-back policies. I can set up all my GPO policies, and Microsoft is moving these features to Microsoft Intune.

I could not discuss all the areas that need improvement due to time constraints. However, there are definitely challenges that could be addressed.

I have been using Microsoft Intune for around five to six years.

I rate Microsoft support between six to eight. The support often involves third parties hired by Microsoft who are knowledgeable, but sometimes the help I receive is not adequate.

Neutral

I previously used Blackberry until it was discontinued, which led me to switch to Microsoft Intune.

The setup is not difficult. The deployment time depends on the project specifics.

I rate the return on investment for Microsoft Intune as seven out of ten.

The pricing and licensing depend on my company's budget. If the company can afford it, it is manageable.

Overall, I would rate Microsoft Intune as eight out of ten.

Other

I have been working with Microsoft Intune for the last seven years. Before that, I worked on competitive platforms like MobileIron and Citrix Endpoint Management. These are MDM platforms, and when compared to them, Intune is one of the best solutions from Microsoft. I currently play a role as a Microsoft Intune architect, designing and implementing solutions for customers, managing iOS devices, and Android devices, and now it's growing in managing Windows devices. Previously, SCCM was used as an on-premise solution for clients, but now they are moving to Microsoft Intune as a cloud solution with better security and functions.

Windows Autopilot is one of the best features. It offers security and helps us know which device a user is using before it is enrolled. 

Autopilot has various features, making it easy to manage Windows devices. In the migration of existing SCCM devices to Microsoft Intune, we use Group Policy Analytics, which simplifies copying existing policies to Intune and reduces migration time significantly. 

Comparing iOS devices, DEP is an exceptional solution integrated with Microsoft Intune. It allows for better visibility and actions on devices. 

The Volume Purchase Program (VPP) from Apple is also beneficial as it reserves licenses for specific applications, which we can integrate with Intune.

In terms of improvements, regarding Windows devices, Microsoft needs to enhance options for copying existing policies to Intune. 

Some configurations are not available with Intune and exist in group policy, so they should be added to Intune immediately. Most customers are migrating from on-premise to cloud, and this should be a priority. 

The synchronization of devices takes a significant amount of time, between 15 minutes and two hours. Microsoft should work on reducing this sync time to improve efficiency.

I have been working with Microsoft Intune for the last seven years.

When a particular device issue is not resolved, I report it to Microsoft, who will take it over and add it in the next quality or feature updates. It will take time, but it will definitely be resolved.

Positive

I previously used MobileIron, a notable solution in the market. At that time, Microsoft Intune was not an option. MobileIron was one of the best solutions despite its high cost for users. Microsoft Intune is cost-effective, and integrating it with other Microsoft services, like Windows 10 and 11, is beneficial. I have also worked on Citrix Endpoint Management.

The redeployment of Intune is quite simple. Level four support is managed by Microsoft. Previously, with on-premise solutions, disaster recovery was essential. Microsoft Intune cloud environments should develop their own disaster recovery solutions.

Overall, Microsoft Intune covers more than seventy percent of the market. I have worked on numerous projects within a consulting company, most of which involved Microsoft Intune. It is one of the leading products for MDM solutions.

PKI is typically managed by a separate team, though on-premise PKI is fine. Microsoft provides solutions like SCEP for certificate distribution, which another team can manage. Certificate distribution and authentication, such as MFA, can be defined on the Internet with SCEP to distribute certificates to end users. For example, WiFi authentication can use certificate-based methods. My overall product rating is nine out of out.

Hybrid Cloud

Microsoft Azure

We use Microsoft Intune to manage mobile devices and distribute software. It helps us securely manage multiple vendors and operating systems.

Intune makes our organization more secure and flexible. We can onboard new employees faster and more securely. We are a governmental organization with strict regulations, and Intune helps us comply with those requirements.

The most valuable feature for us is mobile device management because it allows us to use multiple vendors and operating systems securely. I don't use Intune directly. My teams have used it, and I don't get any complaints about the user experience. 

Intune Suite's enterprise application management has made my life a little more difficult because now I know the kind of applications circulating in my organization. On the other hand, we started a program to fix the problem, and Intune helps us by providing us with insights.

Copilot helps because you can use the prompt to ask questions about the Intune-managed environment. That shortens the time we spend on reporting and that kind of stuff. Our analysis will be more efficient.

We would like to see the ability to use multiple personas on a device, similar to Samsung Knox, included in future updates.

I have used Intune for the two years I have worked for my company, but the company has been using it for longer. 

Intune's scalability is excellent. We are not a large company—only around 2,000 employees— and Intune handles our needs well.

Customer service used to be better, but as we are nearing the end of the contract, the focus on investing in us as a customer has diminished. It is what one would expect in such a situation.

Positive

Deploying Intune was difficult for me, but we have a deployment manager who handles it. 

We used multiple consultants, including Capgemini and KPN. Our experience with Capgemini has been positive due to a long-term relationship.

It is hard to quantify the ROI in hard metrics, but using Intune allows faster onboarding, increased flexibility, and more insight into device and software usage.

We are a governmental organization, so we can get discounts. Considering our environment, we get good value. 

I rate Microsoft Intune eight out of 10. Microsoft Intune fits well into our architecture, and they are developing new features like Copilot. It has contributed to the seamless integration with our existing setup.

Hybrid Cloud

We have hundreds of thousands of users, so we have to manage their devices, and Microsoft Intune plays an important role in managing those devices through deploying applications, operating systems, and security configurations. 

Microsoft Intune has transformed my organization. We are managing to scale the Intune deployment across all our regions efficiently. 

It works perfectly for our needs. Our organization's architecture is well-suited for Microsoft Intune. Given that we are a diverse organization, managing connectivity with our endpoints can be quite challenging. However, Microsoft Intune offers an ideal interface solution that meets our requirements.

It is a device management tool that includes all the features which were available in SCCM, such as OS deployment, user device enrollment, and Autopilot. These features are primarily important for us to do automated OS deployment.

As a user, I assess the user experience of Microsoft Intune to be seamless. Users have to log in with their email ID on the device itself, and the process is seamless. Their 365 is integrated, and Outlook is configured automatically.

Microsoft Intune is evolving. They are introducing new features every month. For instance, they integrated Copilot, among many other features added in terms of Apple and Chrome. These enhancements are being implemented gradually, and I believe they are actually improving the user experience.

Local administrators use this tool to connect with users, and they require a password to be reset or retrieved. It can be a bit inconvenient for them to log into Intune just to raise privileges and reset the password.

Their technical support can be improved. 

We have been using Microsoft Intune for Windows devices since 2021.

Microsoft Intune is stable and reliable. I did not find any anomalies with the solution that Microsoft has introduced. None of the market has reported downtime for longer periods, though they might have experienced something with very short notice, but they have not reported it.

It fits perfectly with the growing needs of my organization. 

When we raise a question or issue, it takes a longer time to resolve. I would rate the technical support a five out of ten.

Positive

We were using SCCM before Microsoft Intune. It was cost-effective to switch from SCCM to Microsoft Intune because it has no local infrastructure to manage. Earlier, we were paying to manage our SCCM across hundreds of primary and secondary servers globally.

I was the one who designed the solution for my organization. We only faced a challenge when trying to implement a hybrid solution because it wasn't feasible with our multiple forests. As a result, we had to discard the option for hybrid deployment. Instead, we decided to use pure Autopilot devices for the Entra join process. For the existing domain-joined devices, we opted for co-management. Ultimately, the primary authentication for these devices will remain with the domain, but they will operate in a hybrid state.

In terms of infrastructure costs, we were previously managing our SCCM across the entire group, which involved hundreds of primary and secondary servers for managing endpoints and distribution centers. When we calculate the total expenses, Microsoft Intune turns out to be quite cost-effective. In fact, entire regions have approached us to adopt Microsoft Intune, so I can see that the ROI is fully recoverable. 

We didn't have to pay anything for Microsoft Intune with our subscription.

We have not evaluated other options before choosing Microsoft Intune because it comes free with all our licenses distributed across our users.

I would rate Microsoft Intune a seven out of ten. There are many things they have to add.

I use Microsoft Intune to Autopilot our devices and manage various configuration policies mainly on Windows PCs. It helps in efficiently deploying company configurations remotely.

Intune has streamlined our onboarding process. Most of our workforce is remote, and there typically isn't an office where they can pick up the devices. It's easy to ship them to any address and configure them remotely. 

The Autopilot feature is the most valuable because it saves significant time on managing devices. We can ship devices globally, and users can set them up on their own. It's convenient.

The user experience is pretty solid. We've gotten great feedback on the onboarding process and replacing devices. Every employee on the Windows PC has gone through Intune's Autopilot process.

Microsoft Intune could improve in reporting data for endpoints and fleets. Enhanced capabilities to run queries and gather specific device data to identify trends or issues would be beneficial. The feature parity for MacOS and handling devices from an MDM perspective is not comprehensive. Consolidation of these functionalities within Intune would simplify processes and finances.

I have used Microsoft Intune for about four years.

Microsoft Intune is very stable. I cannot recall any significant service outages in the last few years.

Microsoft Intune is scalable and handles our workload efficiently. Although our organization is not very large, we foresee continuing with Intune as it supports scalability effectively.

We do not utilize Microsoft customer service and technical support since it is generally a waste of time.

We used SCCM before, and now we are in a hybrid state, co-managing with SCCM and Microsoft Intune. The primary reason for the switch was the convenience of joining devices to our environment over the Internet.

 Microsoft Intune's initial setup was straightforward. It took some effort to configure it to a finalized version. Like every other piece of technology, it's constantly undergoing configuration changes. From an out-of-the-box perspective, it's super-easy to set up, but, you know, you have to continue iterating on it over time.

The implementation was primarily conducted by my team, especially my endpoint administrator on the Windows side.

Factoring in the setup time, we've saved about 1,000 hours in the last couple of years.

We spend a lot of money on Intune licensing, and some of our users have to be double licensed just because of how our dev and corporate environments are segmented.

I rate Microsoft Intune eight out of 10. Offering the same features for MacOS would make it a 10.

Public Cloud

Microsoft Azure

We use Microsoft Intune to enroll devices in our environment, install software, and monitor security patches.

In the past, our cumbersome OSD installation model using images made it difficult for IT to track installations and required users to visit the help desk for reinstallation. However, with Intune, employees can now conveniently manage installations themselves.

I have no complaints about the Intune user experience.

I appreciate Intune's Autopilot feature, which allows us to enroll devices and install applications to meet corporate requirements seamlessly.

I would like to see Intune improve its handling of hybrid domain joins. We continue to experience issues with machines losing their hybrid domain join status.

I have been using Microsoft Intune for several years now.

Intune's stability has been generally good, although recent issues caused devices to stop checking in and become unmanageable. We hope this is resolved before we begin redeployment.

Intune's scalability appears satisfactory, as we have not experienced any scaling issues.

Support has become more challenging to navigate over the past couple of years. It takes some effort to engage the right level of support, but once the right person is contacted, support works well.

Neutral

Before Intune, we used the OSD image approach. We switched to Intune for end-user ease of use and to lessen the burden on support teams.

The initial setup was fairly straightforward.

We did the implementation in-house ourselves.

We did not evaluate other solutions because Intune was included with our Microsoft 365 solution.

Overall, I like Intune as a solution and would rate it nine out of ten. The rating isn't a ten because we haven't enrolled our entire environment in it yet, but so far, it looks promising. It might reach a ten at some point.

We have over 50,000 employees and 75,000 machines.

On-premises

We use Microsoft Intune to manage mobile devices across almost all platforms, including Android, Windows, and Linux, which was recently added just a few months ago.

Previously, we relied on on-premises infrastructure using SCCM to manage mobile devices alongside other tools. Intune is a cloud-based solution that empowers administrators to manage cloud devices, implement policies, and deploy applications. While other MDM platforms exist, Intune is a top choice due to its feature set.

Microsoft Intune consolidates our endpoint and security management tools into a single platform. While still under development with new security features on the horizon, the current capabilities offer administrators ample tools to fortify the environment.

Intune simplifies mobile device management by consolidating endpoint and security tools into a single platform. This centralized approach enables IT administrators to efficiently manage various aspects, including Windows updates, Wi-Fi and VPN policies, application restrictions, and user account creation, all within the Intune interface, significantly streamlining the overall management process.

The user experience is quite smooth for most users because administrators handle all necessary configurations. Options like Windows Autopilot and zero-touch deployment enrollment significantly simplify the process, minimizing user intervention and effort required to set up and use devices.

I currently support Microsoft admins and have handled numerous cases related to Enterprise Application Management. Many companies utilize this tool to manage their in-house applications. While not all companies employ this method, most larger organizations do. These companies often deploy their enterprise applications using Intune, which offers a feature that allows admins to protect application data through mobile application management policies. To enable MAM, applications must be wrapped with the Intune Software Development Kit to communicate with Intune services. This process is valuable as it empowers admins to safeguard sensitive data. Intune provides SDK options for both iOS and Windows applications.

There are two methods for automatically updating the application: independent updates within the application itself or updates to the application package managed through Intune. The chosen method depends on the enterprise application's configuration. Recently introduced Azure application registration simplifies the process by requiring registration before deployment, enhancing security through authentication.

We utilize advanced endpoint analytics within the Intune suite, and the recent release of Windows Autopilot's version has expanded the range of analytics tools available to administrators. While Intune provides data on devices and users under its management, more in-depth reports can be accessed through Log Analytics or Azure Monitor. However, Intune's analytics are sufficient for gathering reports on managed devices.

The advanced endpoint analytics feature within the Intune suite allows us to access detailed information about our devices. This includes data on device counts, specific settings for bulk administration or devices, and the ability to filter devices based on our needs.

I have experience with several MDM solutions. While Microsoft Intune is excellent for managing thousands of user devices, it may not be ideal for specific use cases like bulk printer or Jabra device management, which could present challenges. However, Intune shines in organizations with large numbers of users, especially when integrated with existing on-premises infrastructure or SCCM. This integration can streamline operations and reduce staffing needs. For example, a ten-person IT team might only require two to five people dedicated to Intune management with on-premises support. While I cannot provide a full sales pitch, I confidently recommend Intune to anyone seeking a robust MDM solution.

Copilot in Intune is valuable when integrated with back-end data, such as our existing tools and libraries. This integration empowers administrators to assess information effectively. However, the tool's effectiveness hinges on the quality of data input and query formulation. As users are still familiarizing themselves with Copilot, its adoption varies across environments, with some users enabling it and others disabling it.

Copilot in Intune simplifies IT operations by quickly responding to inquiries about integrated systems. Users won't need to search for specific details as Copilot offers a variety of solutions.

Intune offers more than device management; it also aids in user management. Regardless of the platform, Intune provides various options for device enrollment. Intune prevents mixing personal and corporate data, whether using a corporate or personal device. It also offers robust security features, enabling granular control over user access to applications, resources, and other tools.

In a hybrid environment, security management depends on whether devices are co-managed and how policies are configured in Intune. Intune offers various features, including remote actions, to address these scenarios. However, I discovered an issue with BYOD devices on iOS: wiping an enrolled device deletes all data, not just corporate data. This is a problem that needs to be addressed internally.

With the endpoint privilege management feature, the admin can create an EPM policy. If a user tries to access a resource, the admin will be prompted to grant or deny access based on the policy.

Suppose I need to access data, logs, or files on a Windows device that a global administrator restricts or requires approval for. In that case, I can configure an EPM policy to remind users that additional authorization is necessary. For instance, I encountered cases where users frequently mistakenly assigned test applications to production environments. To prevent this without restricting access or privileges, we configured an EPM policy to prompt users specifically when assigning that application to a production environment. This approach demonstrates how EPM policies can be tailored to address various requirements.

EPM provides an additional layer of authentication for accessing a resource, application, or permission. For ASR, we can define rules by which users can access the resources.

Intune has significantly improved productivity by simplifying tasks like certificate authority restoration. For example, using a deployed CA server certificate, I've set up a Wi-Fi profile with auto-authentication. Previously, expiring certificates required manual reissuance, but Intune automates this process by revoking certificates when they approach their expiration threshold. This threshold, configurable within the certificate profile, can be set as a percentage of the certificate's lifespan. A revocation request is triggered when the threshold is reached, ensuring a new certificate is issued for the device or user profile before the old one expires.

Intune's integration with Microsoft 365 and Microsoft Security for both cloud and co-managed devices is beneficial because it offers a centralized platform. We can directly assign licenses within Intune instead of using the separate M365 admin portal to create users, simplifying the process. Intune synchronizes features and functions from M365, streamlining management. However, purchasing new licenses still requires accessing the admin center. Despite this, Intune effectively synchronizes information to endpoints.

While conditional access isn't solely limited to Intune, we can also effectively implement and manage conditional access policies through Azure. However, Intune significantly simplifies application deployment, mobile application management, and policy enforcement, such as restricting user access to specific applications, thereby enhancing overall environment security. Furthermore, Intune automates numerous tasks previously requiring manual configuration by administrators, streamlining the process by creating simple policies for desired outcomes.

There are specific devices we can focus on. For example, due to GMS restrictions in China, we face limitations. However, BlackBerry UEM can enroll Android devices as Android Enterprise, though the exact method is unclear. We could explore whether Intune can replicate this functionality. Since GMS is unavailable in China, we currently rely on device administrator enrollment for managing Android devices there. This suggests potential opportunities to develop solutions or collaborate with Chinese partners to create new features within Intune for managing Android devices in the Chinese market.

I have been using Microsoft Intune for three years.

While some specific tenants experience occasional outages and bugs, our monitoring team is actively tracking an upcoming issue affecting certain tenants in specific regions. Both the support and broader teams are diligently working to resolve this. Aside from this, Microsoft Intune is demonstrating overall stability.

If an organization has the budget, they can easily scale Microsoft Intune.

Microsoft's technical support for Microsoft Intune and the broader Microsoft environment consists of several tiers. Customers can choose between broad commercial support, Pro support, or Premier support, the latter including dedicated Customer Success Account Managers and Incident Managers to facilitate access to specialized engineers. Support engineers are categorized into levels one, two, and three. We collaborate weekly with global subject matter experts to address ongoing issues and cases. For complex or backend problems, we engage the product group using a specific request form. While Microsoft previously employed support staff primarily in the US and Canada, they now utilize vendors in India and the Philippines, offering varying levels of expertise. To enhance support quality, Microsoft should invest in training these engineers and consider opportunities for full-time employment, rather than incurring the costs of recruiting and training new staff.

Positive

An organization migrating to the cloud typically requires an Azure subscription as a starting point. While our FastTrack Team offers full migration solutions, IT administrators can also independently move operations to the cloud by purchasing an Azure subscription, tenant, and licenses and configuring policies, privileges, and workloads. Existing on-premises infrastructure can be synced to the cloud using Azure AD Connect, enabling management within a hybrid or pure Azure AD environment. The ease of migration depends on the administrator's experience, and Microsoft support is available for those requiring assistance.

One to two solution architects are enough for the deployment.

Several factors influence the time required for deployment. For instance, with a user base of 100, deployment can be achieved within a week. However, environments with thousands of users and devices, especially on-premises setups, present greater challenges. Customers or administrators migrating to the cloud and adopting Intune often follow a phased approach. They typically start by deploying and testing a subset of policies to assess manageability and feasibility before proceeding with application deployment. As a result, the overall deployment timeline varies significantly across organizations and can extend to several weeks.

Microsoft services are slightly more expensive than competitors but offer advantages and disadvantages. Even if they charge a premium, they aim to provide equal value.

I have experience with SOTI MobiControl, Jamf Pro, and AirWatch. SOTI MobiControl excels at managing specific devices, offering a list of compatible models upon request. Intune, however, struggles with printer management and Zebra device compatibility. Its network security features are limited due to ongoing development, and it lacks in-built policies for third-party applications, hindering compatibility and communication with external devices and manufacturers. While custom policies can be implemented, comprehensive built-in options would be beneficial.

I would rate Microsoft Intune eight out of ten.

Intune requires no maintenance after initial deployment, but ongoing subscriptions are necessary for each user as individual licenses are needed monthly. Microsoft continually updates the service to support the latest operating systems and applications, so ensuring our environment is up-to-date is crucial for optimal performance.

Microsoft Intune is a good tool, and to simplify operations, I recommend a full cloud environment over a hybrid environment.

Public Cloud