Managing Devices and Profile
Managing Devices and Profile
Microsoft endpoint manager admin center:
Microsoft endpoint manager helps deliver the modern workplace and modern management to keep your data secure in the cloud and on-premises. Endpoint manager includes the services and tools you use to manage and monitor mobile devices, desktop computers, virtual machines, embedded devices, and servers.
To go to the Microsoft endpoint manager admin center, you will need to type endpoint.microsoft.com on your browser’s address bar.
Compliance policies:
A compliance program is a set of internal policies and procedures of a company to comply with laws,
rules, and regulations or uphold the business reputation.
How to create a compliance policy and add to a group
A new policy is created; when users turn off their real-time protection action for noncompliance, they will retire the non-compliant device or send an email.
Click on ‘Devices’ then ‘Compliance policies’ then ‘+Create Policy.’

Select a platform; types of platforms are in the image below. Click create

Give the name of the policy and description.

Select the compliance setting that you want to require

Give action for noncompliance

Assignments of the group of users

Review and create

Conditional access
Conditional Access gives you the ability to enforce access requirements when specific conditions occur.
Let's take a few examples
How to create a new conditional access policy:
Click on ‘Devices’ then ‘Conditional access’ then ‘+New Policy’

Give suitable name, assign users or groups

Select cloud apps used or actions performed by user

Give condition that defines when the policy will apply

Block access or grant access with condition

Switch enable policy mode on
Click Create

Configuration profiles:
Device profiles allow you to add and configure settings and then push these settings to devices in your
organization. You have some options when creating policies.
How to create a profile
In the following example, we will bock the users from changing time and language in windows ten
and late.
Click on ‘Devices’ then ‘Configuration profiles’ then ‘create profile’

Select platform windows 10 and later, profile type templates then ‘device restrictions’ click create.

Give a suitable name and description, click next

In configuration setting go to control panel and settings and block time and language

Assign users or groups or devices. For example, all users, all devices

Specify how to apply this profile within an assigned group. Intune will only use the profile to
devices that meet the combined criteria of these rules. For example, set profile if OS edition
windows ten professional.

Review and click create

Updated on: 31/01/2023
Thank you!