Deploy IOS Device Compliance Policy with Microsoft Intune

When it comes to mobile devices management Microsoft Intune offers Device Compliance policies that allow us to manage and make sure devices running the latest IOS version, password policy, etc.

Compliance Policy

By default, Intune doesn’t come with an applied Compliance and using the polices below can create policies, run reports and take actions when devices are non-compliance.

Below you can see that I have 4 devices without a compliance policy applied to them.

Create Policy

To create my first Device Compliance Policy, I will go to Intune -> Device Compliance -> Policies and create a new policy

In my case, I will create a very basic compliance policy that will check for an IOS version.

Below you can see the Policy options break down which include

  • Email profile policy
  • Device Health
  • Device Properties
  • System Security

To setup Minimum OS version compliance policy, I will use Device properties section and set it to version 8.0

Next, I will set up the action for noncompliance.

I can create a new action or use the default policy which will report the noncompliant devices

I can also create a new action that will email the user when the device becomes noncompliant

To create an email template I need to create a template under Notifications

Once the policy has been created, I will get the message below

Assignment

To assign my compliance policy to users, I will click on Assignments in my Policy page and use the menu to assign it to a group.

Remember that the policy will not be assigned to users without the assignment group configured.

And after I add the group, my Assignment is configured and ready to be applied to users in the group.


Posted

in

by