Microsoft Intune Reviews

We use Microsoft Intune as an MDM solution for all of our Windows laptops and some of our company mobile phones. This serves as an endpoint solution we use so we can control the users' laptops or phones and have access to things on their devices.

Without Microsoft Intune, there would be a lot of cybersecurity attacks happening. We need to use Microsoft Intune so we know which devices can access all of our company resources. If they don't have Microsoft Intune, we automatically deny them from accessing company-sensitive information, so it serves as a layer to protect all of our assets.

I appreciate how easy it is to deploy certificates to end users to get control over their device with Microsoft Intune; that's what Microsoft Intune is known for, and that's what we use them for.

The user experience of Microsoft Intune is pretty easy. Initially, the user has to download a certificate, so when we first give them a certificate to download, they download it on their side, and once they verify themselves, we have access to their phone or laptop, which works pretty effectively.

We are using Microsoft Copilot with Microsoft Intune. Microsoft Copilot helps us with the deployment of Microsoft Intune. Previously, things were more difficult to manage, especially when certificates expire, as they need to be pushed out every year. Sometimes we forgot that, and then people's laptops stop working, so Microsoft Copilot helps us stay on track.

Microsoft Copilot is equally as important as Intune. The go hand in hand as it works in conjunction with Microsoft Intune to affect the deployment process.

Microsoft Intune can be improved by making it even more seamless for users to download their certificates. Currently, we have to push it out to their laptop and they have to do some work on their end, but if we could integrate it so it's seamlessly done and the end user doesn't even know that Microsoft Intune is on their laptop and it's just naturally there, that would be even better. This is especially true for Apple devices, such as Apple phones, where you have to push it out and the user has to accept or deny whether Microsoft Intune can have access to these applications. If it were easier for us to do it automatically without getting permission, that would be beneficial, but in today's environment, we have to get permission to access data.

To make it a perfect ten, it would be helpful if there was a better way to troubleshoot user issues, as I've had a few users with corrupt files before and had to redeploy it without knowing the root cause.

We have been using Microsoft Intune for eight years.

I would rate Microsoft Intune a nine out of ten for stability and reliability. We've never really had any issues with it in the past, and if we have, it's maybe one or two random people where their certificate is corrupt or something's wrong, so we just need to go back and redeploy it, which is not really a significant issue.

Microsoft Intune scales very effectively with our growing needs. The only requirement is more licenses, so once we get more licenses, we're able to deploy them more quickly.

I haven't needed to contact customer service or technical support, which is a good sign. Since I haven't had to use them, I have no experience with their quality of service.

Positive

We did not use a different solution. We started with Intune.

My experience with the deployment of Microsoft Intune was good. Initially, I didn't know much about it, so I had to review all the documentation, complete training, and watch videos to get familiar. Once I got a grasp of things, I tested it on my phone and laptop, and when it worked, I felt comfortable deploying it to more people. I eventually deployed it to about 7,000 machines as it scaled up.

The biggest return on investment for using Microsoft Intune comes down to protecting security. We are protecting all of our assets and using it as an endpoint MDM solution, which fulfills our needs.

Microsoft Intune costs about $7 per user per month, which is somewhat on the pricier end. That said, it's a reliable product, so it's fair. If it were less expensive, we would be able to roll it out to more people, so it's definitely something we're considering.

We use Microsoft Intune for Windows products and Jamf for Apple Mac products. I'm not sure if Microsoft Intune works for Macs. If they do, that's something we'd be interested in exploring.

I prefer Microsoft Intune because Jamf is not the most reliable solution based on my personal experience.

We do not use Microsoft Intune Suite's cloud PKI.

We also do not use the Enterprise Application Management features of Microsoft Intune Suite.

I haven't examined the Advanced Endpoint Analytics in the Microsoft Intune Suite yet. That said, we do have it; I just haven't had the opportunity to review it.

I rate Microsoft Intune a nine out of ten.

I work exclusively with Microsoft products, and we use the E3 license for Office, for the Microsoft portal, which includes some security solutions, SharePoint, and Office applications. Microsoft Intune is mandatory in our business. I work with Microsoft Intune as an integrator, user, and administrator.

The major purpose for using Microsoft Intune is enforcing policies, controlling onboarding processes of computers, and enforcing privacy and data link prevention. I am using Microsoft Copilot in Microsoft Intune. I am using the Enterprise Application Management feature in Microsoft Intune Suite.

The biggest benefit for me in Microsoft Intune is control. I can control my users and what they can do, and enforce the policies that I want to enforce. It is a great tool to control and put structure, to take the organization to the place I want to take it.

Microsoft Intune changes my ability when it comes to app discovery, deployment, and automatic updating. If I were to give it a score, I would give it eighty percent.

I do see that Microsoft Intune is saving me a significant amount of time. I think it allows me to do one hundred percent more within my time.

I would assess the user experience of Microsoft Intune as not user-friendly in general. It may cause some problems or require more time for training because it seems that Microsoft is doing their best to confuse me with menus that move to a different location every other day. However, there is a lot of knowledge online, so it is doable.

The information Microsoft Copilot provides is of concerning quality. It could be so much better if it would take me to the correct menu that I am looking for instead of giving me instructions to places that do not exist anymore. It is not something that I would recommend somebody to use.

Microsoft Copilot in Microsoft Intune is absolutely useless for protecting my environment.

I do not have any other areas for improvements that I have not mentioned or anything more that could be enhanced.

I have been dealing with Microsoft Intune for six to seven years.

I have not experienced any downtime, crashes, or performance issues with Microsoft Intune. Overall, I could say that Microsoft Intune is very stable.

As for scalability, I find Microsoft Intune scales very well with the growing needs of my company. I do not see any limitations, and it is not expensive to scale, so it is very flexible.

I have interacted with technical support from Microsoft. My experience is neutral because it is easier to contact ChatGPT to find answers. Based on my interactions with support in the past, I would give them six points from zero to ten, where ten points is the best. I give them six because it is hard to find them, and then it is hard to understand what they say usually because of accent issues with people coming from India or Africa or elsewhere, which I respect, but it is hard to understand for me.

Positive

Before Microsoft Intune, I was using another product for the same purpose that I forgot its name, but it was awful.

My experience with the deployment of Microsoft Intune is that it was straightforward. The deployment part is not complex.

I bought Microsoft Intune directly from Microsoft.

The pricing is reasonable.

I replaced the product with something else, but I forgot what it was. The reason for replacement was that I think Microsoft Intune is better and it is integrated inside our environment. It is much easier to connect it to the environment than to bring a third party and connect it.

I try to use Microsoft Copilot, but it is uncomfortable. It seems that ChatGPT usually knows better what to do, and the last time that I used it, I used it to find how to get rid of it. I give this review a rating of eight.

I work with Microsoft Intune full-time as an integrator. I work on M365 portfolio applications, which are major use cases for Microsoft Intune. Microsoft Intune is for end device management where I handle Windows device management, AutoPilot enrollment, and policies and compliance management for the end devices.

Cloud-based device management is the best feature for me as it impacts my company the most; it is much easier than the previous Configuration Manager or SCCM. Administration and management can now be easily accomplished anywhere, anytime through the Microsoft Intune portal.

Two methods are available: I can accomplish all administration management through the portal, and the same thing can be accomplished using Microsoft Intune Management Shell, which is the command prompt and API.

Microsoft Intune brings all of my endpoint and security management tools into one place.

From a security standpoint, I can manage both BYOD devices and corporate devices; one will be Azure registered devices and another one is Entra ID joined devices. Joined devices will be the corporate devices where end-to-end complete security, compliance, and management is fully owned by the corporate. In the BYOD case, any device can be plugged in and registered to Microsoft Intune platform, which is compliant and compatible with corporate standards. Once that device is registered to Microsoft Intune, security, configuration, and compliance will be applied as per corporate requirements.

I am using Microsoft Intune Endpoint Privilege Management feature. This feature affects user productivity in the company because when a new user joins the company, the same device can be reused at a later time; I can wipe it or reset it, and the entire user profile and applications will be removed from the device so the same device can then be reused for new users.

I am using the advanced endpoint analytics in Microsoft Intune suite; it is another feature. Previously, logs and analytics were available from the local device perspective, but now everything from the end device is sent to the Microsoft Intune portal. Log Analytics and Endpoint Analytics workspaces can be configured to determine what datasets can be fetched by the portal. It is much easier depending on the requirement and need, and analytics requirements can be configured so everything is available in a central repository that can be easily monitored, viewed, and can also be integrated with Power BI for advanced reporting and data manipulation.

I work with Cloud PKI in Microsoft Intune. Many options are available, from the BIOS level to the operating system platform level; everything can be managed from the single, central portal which is Microsoft Intune. Many monitoring options and integration options are available to all the other M365 portfolio SaaS applications. Cloud PKI helps to manage the complexity of certificate infrastructure.

I have worked on UEFI and trust hierarchy based on end devices like laptops or desktops; I have a platform key certificate, PK certificate, and DB certificate. This is at the very core of any end devices and defines what applications can be installed or allowed to install on the end device, trusted by the PKI architecture, which is ideally a UEFI secure boot concept where only trusted applications can be installed onto the end device. Anything listed in the revoked DBX database, known malicious vulnerabilities, cannot be installed or will be blocked from getting installed on the devices.

I am using CoPilot in Microsoft Intune; it can be enabled or is available for the Microsoft Intune portal and all of the M365 application space. I can input my questions and CoPilot provides the best possible answers or methods on how the target can be achieved. I extensively use it for PowerPoint presentations; I provide some very basic inputs and CoPilot gives me a well-structured presentation in different formats. CoPilot is available in Microsoft Intune side, Word, Access, Excel, and everywhere CoPilot is enabled; it is next-generation AI that Microsoft is bringing. CoPilot helps to protect my environment by simplifying my IT and security operations. CoPilot helps with this simplification by identifying the content of the document, such as whether it is internal or confidential, whether it can be shared or if it is a restricted document.

Automations in Microsoft Intune can be more elaborated; KQL (Kusto Query Language) is available, but if multiple automation options were readily available, which would include PowerShell, KQL, JSON, and different interpreters like VS Code or Python readily available from Microsoft Intune, it would help administration and management much better.

I have been dealing with Microsoft Intune for almost four or five years.

Microsoft Intune is stable because since it is part of the Microsoft product suite, it provides 99.9999 SLA downtime.

I rate customer support from Microsoft as outstanding because anytime I can raise my concerns directly through the portal and I get a quick response from Microsoft.

Positive

Before Microsoft Intune, I was using something called Configuration Manager, which is an on-premise solution. Configuration Manager is again Microsoft, the Microsoft Configuration Manager, which is an on-premise solution, not from the cloud. Now everything has been migrated, and everything is from the Azure cloud; Microsoft Intune is part of the Azure cloud solution.

I find Microsoft Intune quite affordable. I rate this solution nine out of ten.

We use it for Android device management. We also work with Autopilot configuration and application deployment. We use Microsoft Intune for WiFi profile deployment and zero-touch migration from Windows 10 to Windows 11.

I used Microsoft Copilot with an Excel file containing more than 2,000 workstations with many models. For just the Lenovo manufacturer, we have 20 models. I uploaded this file to Copilot so it could indicate if a model and workstation were compatible with Windows 11 or Windows 10. We deploy many applications with the enterprise. In Tunisia, we have laws that prevent uploading documents or sensitive data to Microsoft Copilot, which creates restrictions on its use. 

The most valuable feature is that we can manage workstations or Android devices remotely without needing the device to be connected to our local network. This means even if users are on vacation or working from home, we can control it and deploy applications, deploy all features with Microsoft Intune.

The enterprise application deployment is another key feature. We have deployed many applications. Our last project was with our minister of education where there were more than 20,000 new devices that we needed to manage for education. We have many applications that students work with on a daily basis, so we use the enterprise application for deployment of all those packages and software. It helps save manual work.

Microsoft Intune is not as fast and extensive as traditional solutions such as SCCM and others. In SCCM, which is another Microsoft product, there are many logs that we can detect and monitor the deployment of the image, software, and inventory. In Microsoft Intune, there is significant slowness, and there needs to be more logs when we deploy software, parameters, or scripts to troubleshoot problems and errors in the interface, workstations, and Android devices.

Another feature that needs improvement in Microsoft Intune is device preparation. Microsoft Intune is for management. We cannot prepare devices from scratch or bare metal.

They should optimize their licensing. They should include some features for free and the others for a price. Currently, everything comes at a cost.

Microsoft Intune also needs to improve its scenario documentation. While Microsoft articles cover basic scenarios for deployment, they don't address advanced scenarios such as massive deployment, retiring applications, or updating applications.

I have been working with this solution for more than one year.

The solution is stable without any problems with stability or availability. The portal is always ready for configuration when accessed. The only issue is the slowness previously mentioned. When deploying a strategy from Microsoft Intune, sometimes it takes one to two hours to show that the strategy is deployed on the device.

It's scalable. We just need to add more licenses.

There is inadequate support for Microsoft Intune, especially if the problem is on the device. When tickets are opened regarding device problems rather than portal or configuration issues, the support becomes slower and takes considerable time for troubleshooting. They seem to give less importance to device-related problems compared to portal or configuration issues.

Negative

It's a lot easier than the traditional solution where we had to prepare a virtual machine, SQL server, install an agent, etc. It's a SaaS. We can use it as a service. We only need to access the Intune portal, configure the base configuration with the name of the company, and configure the baseline. It's very simple. The only problem is that there is slowness and no place to find logs to identify where the problem is. It is hard to identify if it's in the workstation or the configuration that I made in Microsoft Intune. 

For the basic configuration, it takes approximately one to two days.

It's a part of Microsoft 365 and E5 licenses.

Microsoft's strategy of making every feature in Microsoft Intune paid needs optimization. Remote control is one of the basic features, not a luxury feature, yet we must pay for it. It should be free as users cannot use a solution to deploy configuration and applications without being able to assist users. Even for Android devices, remote control requires purchasing the remote help add-on.

I would rate Microsoft Intune a six out of ten. As a modern workplace consultant, I see everything moving forward to the cloud. However, many features in legacy solutions cannot be migrated suddenly to Microsoft Intune. It needs to be more reliable with better support for full cloud migration.

Microsoft Intune has been used in organizations ranging from US entities to Indian companies, with onboarding of systems in numbers ranging from 300 to over 7,000. We migrated from on-premise Active Directory to Microsoft Intune during COVID for remote work support.

As a user, I believe that Microsoft Intune is a superior tool that addresses many issues compared to previous methods, such as using a local Active Directory. As an administrator, I have a broader view of the system, allowing me to monitor whether users are online or offline, track their last activity, and manage various aspects effectively. This is a significant improvement over older methods, where we often had to inform users that certain activities were not approved due to insufficient access levels.

Microsoft Intune streamlines remote system access and management without a physical environment. I started my career in Active Directory configuration and Group Policy. In those roles, we provided systems to end users. When users went home and encountered issues such as password changes or other policy problems, troubleshooting those issues became quite challenging without physical access to the systems. However, using Azure and Intune has helped us resolve most of these issues. With these tools, we no longer need a physical infrastructure to manage systems, as we can push policies remotely and maintain control over the devices. This capability is a significant advantage of the cloud environment, as it allows us to streamline processes and provide remote access without reliance on physical setups.

Additionally, Microsoft Intune gives us a broader perspective, enabling us to manage policies for both users and systems through cloud portals. This approach allows us to deliver solutions much more quickly than the methods we previously used.

Reporting remains an issue, with challenges in providing comprehensive reports. For instance, while we can generate detailed reports for individual users—such as examining sign-up, sign-in, or audit logs—we struggle to produce aggregate reports for the organization. For example, if a user encounters issues logging into the system, we can monitor that specific case and provide detailed information. However, if the organization wants to know about multiple users experiencing problems with multi-factor authentication (MFA), we cannot compile a comprehensive report that highlights how many users faced this issue or identify the overall cause, such as a policy change. This limitation in Microsoft Intune is a significant drawback; we cannot produce overall reports on an organizational level. 

Another issue is that when configuring and deploying Microsoft Intune, some processes experience delays due to the cloud environment or other structural elements like the local area network and internet dependencies. I believe that if Microsoft Intune could operate through both agent-based and non-agent-based approaches, it would improve communication between cloud services and local systems. For example, the policies could first be downloaded to local systems, and once everything is ready, the deployment could occur. Currently, with Windows updates, we have control over when to deploy them, and we can see the status of the deployment, whether successful or failed. A more effective approach would be to allow for manual deployment initiation rather than automatic triggers. By implementing this, we could validate that the updates are properly downloaded and available on the local systems before proceeding with deployment. This streamlined process would enhance our ability to manage updates effectively.

Pricing can be challenging for startups or smaller companies. While larger companies have budgets for cybersecurity, smaller ones may struggle with recurring costs of cloud-based solutions like Microsoft Intune.

I have been using Microsoft Intune for five to six years.

We haven't encountered any specific session outages or similar issues, but one drawback of this cloud environment is that we cannot accurately inform the end-user or management about when the exact policy will be applied and when the results will be visible. The nature of cloud deployment means that the rethinking process can take about 30 to 45 minutes, and in some cases, it can take a few days, as we've experienced.

Regarding scalability, there are no issues. We successfully scaled from 4,000 to over 10,000 employees without major changes. I don't foresee any significant issues in this regard.

While we encountered some initial problems during the early days of deployment, the frequency of these issues has decreased. Most troubleshooting can now be handled on our end. I would rate them an eight out of ten.

Positive

We previously managed 4,000 to 6,000 systems globally using Active Directory before migrating to Microsoft Intune during COVID.

The initial deployment and installation are quite comparable to other tools, but it offers more flexibility, especially since most systems operate on Windows. While the deployment or configuration might take a few days, once we finalize the planning phase, the onboarding process becomes much smoother. We can effectively onboard the system with or without user assistance. A significant advantage is that we can complete migrations remotely, minimizing user dependency. For context, we previously used Active Directory to manage 4,000 to 6,000 systems globally. We migrated to Microsoft Intune and other security solutions during the COVID-19 pandemic, when many organizations transitioned to remote work. During that time, we began the migration process, which included transferring user profiles. Typically, it took about 38 to 45 minutes to migrate a system from on-premises Active Directory to cloud-based Intune, assuming the user had minimal data in their profile. If the profile contained more data, the migration time could vary, but the average was still around 45 minutes for one system.

Regarding maintenance, while new deployments may not require a specialized person on-site, ongoing security improvements or updates to organizational policies need to be handled carefully. These adjustments are not something that a Level 1 engineer can manage alone. Proper planning and execution by specialized engineers are essential to implement these changes effectively.

On the pricing side, the cost for tools like Microsoft Intune can be challenging for early-stage companies that cannot afford such expenses. For smaller companies, the comparison often leads them to choose a local Active Directory, as it involves a one-time cost for purchasing and configuring servers. With Windows Server's built-in Active Directory feature, there are no additional costs for customizing policies. In contrast, Intune is a cloud-based solution that requires a recurring monthly payment. Moreover, the price increases with every additional endpoint, which wasn't the case before.

This cost structure could pose challenges for startups that are struggling financially. However, companies aiming for a fully secure environment and those with a dedicated cybersecurity budget can plan to implement Intune effectively. In summary, I would say that Microsoft Intune is the best product for established companies. It can be quite difficult for new companies without a cybersecurity budget to manage the associated costs.

I would rate Microsoft Intune a ten out of ten.

We have IT solutions in this organization, but it's different. It's AWS, majorly.

I am dealing with AWS S3 storage services myself, and apart from this, we have multiple services which we are using, the different instances of VM, virtual machines. Majorly the VMs and the storage part we are utilizing. We are planning to use Route 53 as well for the network.

I don't think we have been dealing with something Amazon Virtual Private Cloud. We are just launching the VMs, the instances, and utilizing it for the services. The storage services we have been using in it to store our data.

The user experience of Microsoft Intune is very friendly and the interface is very good. It's very easy. Although Microsoft keeps on changing the console, you log in today and you will find something, and then after two months you log in and you will see the options change. That's how it is, but then again, it's quite interesting. It's always nice to explore things in it, always nice to connect and do things. It's not very difficult for me; I don't find it very difficult. Somebody who has worked on SCCM or these products can easily use Microsoft Intune. If they understand the technology, they will be able to use it. It's very good. Microsoft Intune is very good in terms of support as well. We get very good support from Microsoft. Overall, my experience is awesome.

We have utilized Copilot in Microsoft Intune very well.

My experience with Copilot was good. There are always some chances to do some enhancement and improvement, and of course, there is a lot of competition in the market as well against the AI tools we have, the open AI tools we have, and the chatbots we have. Definitely, but it is very good. It is very nice.

I see room for improvement with Microsoft Intune because the only thing is that under the policies, there are certain policies which are very deep dive. Somebody has to understand it very particularly, then only they should implement it. That's the only thing. Some demo videos would be available on the portal, that would be helpful. If somebody has to do some implementation of any new policies, how would they do it? The person has to search somewhere how this policy works, and that will help. A small demo would be available in the portal itself. That would be helpful if Microsoft itself can launch some demos.

So far, I think the things are going smooth with Microsoft Intune. I do not see any conflicts with that, any additional features. In terms of comparing with the other cloud providers, the things are smooth. But when it comes to AWS, they have a bundled package of security and everything in one portal, including the billings part as well. Whereas in Microsoft, it is separate. A bundle package would be helpful. Although with AWS, we can get it through Marketplace, in Microsoft it is subscription-based. That is also good, but if I compare with both of them, then console-wise, of course, Microsoft Intune has very good features and everything in terms of endpoint devices. But in terms of the virtual machines connect and onboarding the virtual machines and syncing them, it is a bit tricky. One improvement that is needed if I compare with AWS where it's pretty easy.

I have been working with AWS for three months already, but this organization has been working on AWS for the past one and a half years or more.

During the onboarding of Microsoft Intune, we faced the problem that the policies were not getting synced. Sometimes, even after removing the devices from the domain and then re-onboarding the devices, joining the domain again, the sync was not happening. For example, there was one case where the devices were already synced, everything was synced, the user was logged in, and then suddenly when we handed it over, when somebody left the organization, we handed over the asset to another, assigned it to somebody else. In that case, that syncing was not working. It was taking a lot of time. It was very difficult. We removed it from the domain, we formatted the machine completely, then again installed the fresh image. Everything we did, it took time. Then ultimately, we had to take the help from Microsoft. It got resolved, but that was a difficult situation.

Microsoft Intune support is very good. We get very good support from Microsoft.

Ultimately, we had to take the help from Microsoft. It got resolved, but that was a difficult situation.

Positive

Before this, I was working with Microsoft in my previous company, where I was using Microsoft Intune and other services of Azure and Microsoft.

My experience with the deployment of Microsoft Intune was a bit tricky. It was tricky. But the overall experience was good because there was a lot of learning and enough support from Microsoft in terms of deployment as well.

I haven't used Microsoft Intune Suite Cloud PKI. We haven't used it. But we were having the Citrix environment, so we were launching the Microsoft Intune services in it, connecting our services, and connecting our virtual machines on Microsoft Intune, onboarding the VMs on Microsoft Intune. That's how we were using it, through Citrix.

I need to check that with the engineer regarding something Amazon DCV.

I would rate technical support at least a nine.

I would rate Microsoft Intune at least eight to nine overall.

I would rate it at least eight out of ten. My overall review rating for Microsoft Intune is eight.

I'm responsible for the end-user computing. I'm responsible for packaging the applications, deploying it to all the end-user devices in my organization via Intune, and also creating the monthly patching through update rings and deploying all the patches to the workstations across the entire organization. 

We have also created an Autopilot profile, deployment profile, and enrollment status page to ensure all the new devices are compliant with company policies and compliance policies as per our organization rules.

It significantly reduces the need for manual human efforts and is very cost-effective. This makes it particularly advantageous for large enterprises, especially in the financial sector, as it is secure and reliable. Microsoft Intune helps protect against vulnerabilities and third-party attacks by providing timely patches and update rings, ensuring compliance with security standards.

The best features of Microsoft Intune are creating the package in very simple terms using the Content Preparation Master tool, which I find easy. I'm able to pull reports and get device status very easily, which has been very helpful. 

Regarding the compliance policy settings and configuration profile, I can check on each device to see where it failed. However, I struggle to troubleshoot the exact root cause of these failures, which I want to highlight. 

I have observed that while I can generate reports, I am unable to address the log files from end-user devices effectively. For instance, when an application is deployed on a user device and it shows an error indicating failure, I can't pinpoint the exact reason for the failure. In Microsoft SCCM, we can access log files in the "C:\Windows\SCCM\Logs" directory. From there, we can check the "AppEnforce.log" and "AppIntentEval.log" files. Unfortunately, Intune’s management extension does not provide the same level of logging. When I try to review the "Windows IMEI" logs, I cannot determine where the application is failing.

Moreover, I lack the visibility in Intune that I had with SCCM. Looking ahead, with Windows 11 on the horizon and Windows 10 support ending on October 14th, I am currently involved in a Windows land migration project. I plan to image the new devices using Autopilot. Once the hardware hash is added to Intune, we are able to assign the group tag, which allows for the deployment profile to be assigned, enabling both device enrollment and user enrollment. This approach helps minimize the overall experience issues.

Maintaining Microsoft Intune is not very complex; we generally export the entire list of applications we've created once every three months, and we make sure to update or remove any old policies that are no longer required in our organization. However, this is a time-consuming and tedious process. I suggest that Microsoft include an option, similar to SCCM, for every three months or 90 days to automatically remove devices from the console. This suggestion could apply not just to device management but also to application management and compliance policies or configurations.

Because Microsoft Intune is cloud-based, we would like to gain a better technical understanding of how Microsoft develops the tool from the backend. For instance, with SCCM, we learned how it operates—creating distribution points, performing system discovery, and identifying machines present in Active Directory. We understood how to create boundaries and assign boundary groups for distribution points to access content. However, in Intune, we struggle to determine where content is stored. For example, when I create a .IntuneWin file or a package application, I want to know where it is stored and how to retrieve the raw files or the source media if needed. These are some of the challenges we face with Microsoft Intune. We lack a lot of visibility in Microsoft Intune.

I have been using Microsoft Intune for the past eight years.

I find that Microsoft Intune is stable, but it would be beneficial for support infrastructure engineers to receive presentations about new features and how earlier issues were overcome, as this information is not readily available to them, which affects the perceived stability. On a scale of one to ten, I would rate it a seven out of ten for stability.

For scalability, I would rate it a six out of ten.

Currently, I'm managing around 6,000 devices at Alter Domus, and once I deploy an application, profile, or policy, it takes around two weeks to achieve 92% to 94% compliance. We have around 13,000 users.

For technical support, I previously received direct calls from escalation engineers at Microsoft, and I found that very supportive. However, now Microsoft has changed their process, and L1 and L2 tickets are often assigned to third-party companies where the personnel may lack the necessary knowledge, resulting in lengthy resolution processes. In my organization, management suggests we handle issues ourselves until a solution is provided.

When an escalation support engineer at the L3 or L4 level assists me, I would give them a rating of 10 out of 10. However, for L1 or L2 engineers from third parties, I would rate them a four out of ten due to the lengthy resolution times. 

Overall, I would rate vendor support very poorly, at three or four out of ten. However, when I talk to engineers directly working for Microsoft, especially those familiar with SCCM and Intune, I would give them a 10 out of 10 due to their proper understanding of the tools.

Neutral

I have seen a return on investment with Microsoft Intune, as it has saved me resources. Previously, I managed my infrastructure with a team of around six to seven members, but after transitioning to the Microsoft Intune hybrid model, I am able to manage it with just one resource, allowing me to cut costs significantly, around 50-60 lakhs.

It's expensive.

When comparing Microsoft Intune with other solutions or vendors, I find that it is a very fast and safe procedure technology. While I believe it is good technology, there are minor issues that could be resolved by Microsoft. We want transparency for engineers to understand where issues arise so we can troubleshoot effectively.

I don’t want to constantly disturb the service support engineers by raising cases. As technical engineers, we want to solve problems on our own. We aim to become subject matter experts for Microsoft Intune within our organization.

In my organization, we use Copilot whenever we don't understand a particular feature, and it provides the answers we need. For example, when I need to create a BitLocker encryption policy, Copilot assists me and guides me through the steps and necessary settings required before creating that policy.

We have a certificate infrastructure, and we generally embed machine certificates and handle the PKI certificates via SCCM. 

The cloud distribution point that we have already configured in SCCM is particularly useful when an end-user device is not connected to the VPN (Virtual Private Network). During this time, the cloud distribution point allows content, such as application patches, to be distributed and successfully installed on end-user devices. This is why we have been able to achieve good compliance.

I would recommend Microsoft Intune to other users because it offers many benefits. Overall, I would rate Microsoft Intune an eight out of ten.

Our primary use case for Microsoft Intune is endpoint management across our enterprise, particularly for Windows and mobile endpoints.

Intune simplifies compliance. The ability to manage software updates and policies on endpoints has helped us meet contract requirements.

We like Intune's mobile device management features. When we migrated from another solution to Intune, onboarding our mobile devices was straightforward. Intune is pretty transparent for the end user. They have a customer portal, and I've never had complaints about it. 

The enterprise application management feature allows us to identify systems outside our standard security baseline and limit their access to company resources until they are updated and approved.

The interface is not as modern as some competitors in terms of single pane of glass visibility across the entire landscape. It has a very Azure vibe and may not be as graphically appealing as other products.

I have used Intune for around two years.

There are no complaints about the stability. It works one hundred percent of the time.

There are no concerns about scalability, especially coming from an on-premises solution. We no longer need additional hardware and infrastructure.

I rate Microsoft support eight out of 10. We haven't needed support much, but what we've gotten has been good. 

Positive

Previously, we used MobileIron for mobile devices, which is our primary use case for Intune. We switched to Intune mainly because it was included in our standard E5 license, providing cost savings and managing everything under a single pane of glass.

The initial setup was straightforward with minimal support required from Intune's side.

No external integrator, reseller, or consultant was used. All implementation was handled in-house.

We have seen a small return from the native integration with our Microsoft systems and Intune's reporting. 

With our standard E5 agreement with Microsoft, there have been no pricing concerns. Introductory professional services, like a fast-track service, were included with our E5 membership, and there have been no additional costs.

We evaluated Workspace ONE and Jamf for mobile management but stuck with Intune because it's included in our license.

I rate Microsoft Intune eight out of 10. It's a great solution, but there is room for it to become a more polished product.