This Microsoft Intune blog post will show how to create a custom device profile with Microsoft Intune.
Before diving into creating a custom device profile, let’s start by explaining what a custom device profile is.
In Microsoft Intune, a custom device profile is a configuration profile that includes settings unavailable in the built-in profiles (Email, VPN, Identity, Security).
We configure custom profiles using the Service Provider Reference, which lists all the settings needed for configuration items not in the built-in profiles.
Creating a Custom Device Profile Microsoft Intune
In the following configuration, we will set a custom policy, apply the following configuration item (Allow lockout of administrator account), and set it not to allow.
To create a custom configuration profile for a Windows machine.
Open the Intune console
Create a new configuration profile
Select Custom template
Name the policy and move to the Configuration settings tab.
In the Configuration settings, click on Add.
Fill in the details using the reference link and set the value (0-1).
Name: AllowAdministratorLockout
Description: Allow Administrator account lockout
OMA-URL: ./Device/Vendor/MSFT/Policy/Config/DeviceLock/AllowAdministratorLockout
Data type: Integer
Value: 0