Managing Devices and Profile
Managing Devices and Profile
Microsoft endpoint manager admin center:
Microsoft endpoint manager helps deliver the modern workplace and modern management to keep your data secure in the cloud and on-premises. Endpoint manager includes the services and tools you use to manage and monitor mobile devices, desktop computers, virtual machines, embedded devices, and servers.
To go to the Microsoft endpoint manager admin center, you will need to type endpoint.microsoft.com on your browser’s address bar.
A compliance program is a set of internal policies and procedures of a company to comply with laws,
rules, and regulations or uphold the business reputation.
How to create a compliance policy and add to a group
A new policy is created; when users turn off their real-time protection action for noncompliance, they will retire the non-compliant device or send an email.
Click on ‘Devices’ then ‘Compliance policies’ then ‘+Create Policy.’
_Figure 1 Create Policy_
Select a platform; types of platforms are in the image below. Click create
_Figure 2 platform_
Give the name of the policy and description.
_Figure 3 policy and description_
Select the compliance setting that you want to require
_Figure 4 compliance setting_
Give action for noncompliance
_Figure 5 action for noncompliance_
Assignments of the group of users
_Figure 6 Assignments of group_
Review and create
_Figure 7 Review and create_
Conditional Access gives you the ability to enforce access requirements when specific conditions occur.
Let's take a few examples
How to create a new conditional access policy:
Click on ‘Devices’ then ‘Conditional access’ then ‘+New Policy’
_Figure 8 ‘+New Policy’_
Give suitable name, assign users or groups
_Figure 9 name, assign users or groups_
Select cloud apps used or actions performed by user
_Figure 10 Select cloud apps_
Give condition that defines when the policy will apply
_Figure 11 Give condition_
Block access or grant access with condition
_Figure 12 Block access_
Switch enable policy mode on
_Figure 13 enable policy mode on_
Device profiles allow you to add and configure settings and then push these settings to devices in your
organization. You have some options when creating policies.
How to create a profile
In the following example, we will bock the users from changing time and language in windows ten
Click on ‘Devices’ then ‘Configuration profiles’ then ‘create profile’
_Figure 14 create profile_
Select platform windows 10 and later, profile type templates then ‘device restrictions’ click create.
_Figure 15 device restrictions_
Give a suitable name and description, click next
_Figure 16 suitable name and description_
In configuration setting go to control panel and settings and block time and language
_Figure 17 configuration setting_
Assign users or groups or devices. For example, all users, all devices
_Figure 18 Assign users or groups or devices_
Specify how to apply this profile within an assigned group. Intune will only use the profile to
devices that meet the combined criteria of these rules. For example, set profile if OS edition
windows ten professional.
_Figure 19 Application rules_
Review and click create
_Figure 20 Review and create_
Updated on: 31/01/2023