Managing Devices and Profile

Managing Devices and Profile

Microsoft endpoint manager admin center:

Microsoft endpoint manager helps deliver the modern workplace and modern management to keep your data secure in the cloud and on-premises. Endpoint manager includes the services and tools you use to manage and monitor mobile devices, desktop computers, virtual machines, embedded devices, and servers.

To go to the Microsoft endpoint manager admin center, you will need to type endpoint.microsoft.com on your browser’s address bar.

Compliance policies:

A compliance program is a set of internal policies and procedures of a company to comply with laws,
rules, and regulations or uphold the business reputation.

How to create a compliance policy and add to a group

A new policy is created; when users turn off their real-time protection action for noncompliance, they will retire the non-compliant device or send an email.

Click on ‘Devices’ then ‘Compliance policies’ then ‘+Create Policy.’

_Figure 1 Create Policy_

Select a platform; types of platforms are in the image below. Click create

_Figure 2 platform_

Give the name of the policy and description.

_Figure 3 policy and description_

Select the compliance setting that you want to require

_Figure 4 compliance setting_

Give action for noncompliance

_Figure 5 action for noncompliance_

Assignments of the group of users

_Figure 6 Assignments of group_

Review and create

_Figure 7 Review and create_

Conditional access 

Conditional Access gives you the ability to enforce access requirements when specific conditions occur.
Let's take a few examples

How to create a new conditional access policy:

Click on ‘Devices’ then ‘Conditional access’ then ‘+New Policy’

_Figure 8 ‘+New Policy’_

Give suitable name, assign users or groups

_Figure 9 name, assign users or groups_

Select cloud apps used or actions performed by user

_Figure 10 Select cloud apps_

Give condition that defines when the policy will apply

_Figure 11 Give condition_

Block access or grant access with condition

_Figure 12 Block access_

Switch enable policy mode on
Click Create

_Figure 13 enable policy mode on_

Configuration profiles:

Device profiles allow you to add and configure settings and then push these settings to devices in your
organization. You have some options when creating policies.

How to create a profile

In the following example, we will bock the users from changing time and language in windows ten
and late.
Click on ‘Devices’ then ‘Configuration profiles’ then ‘create profile’

_Figure 14 create profile_

Select platform windows 10 and later, profile type templates then ‘device restrictions’ click create.

_Figure 15 device restrictions_

Give a suitable name and description, click next

_Figure 16 suitable name and description_

In configuration setting go to control panel and settings and block time and language

_Figure 17 configuration setting_

Assign users or groups or devices. For example, all users, all devices

_Figure 18 Assign users or groups or devices_

Specify how to apply this profile within an assigned group. Intune will only use the profile to
devices that meet the combined criteria of these rules. For example, set profile if OS edition
windows ten professional.

_Figure 19 Application rules_

Review and click create

_Figure 20 Review and create_

Updated on: 31/01/2023