How to Send Notifications to Noncompliant Devices in Microsoft Intune
“Notify and comply is the name of the game.”
So, you’re managing devices in your environment using Microsoft Endpoint Manager and you’ve figured out how to setup compliance for your devices. The question left is, “Now what do you do?”
Notify and comply is the name of the game.
With Microsoft Endpoint Manager you can enforce compliancy for your devices and laptops and restrict access to corporate data until the device becomes compliant. With the instructions below you will be able to create custom notifications for users who are out of compliance and inform them of what they need to do next to (re-)gain access to corporate data.
Create Compliance Notifications in Microsoft Intune
Once the template is created it can be used as an action for noncompliance. Microsoft Endpoint Manager already handles this process by default and marks devices non-compliant when they check-in and are deemed so.
Now administrators can add additional actions to this process with notification messages to the users.
Note: It may be necessary to have multiple templates for different messages or scenarios depending on the notification that is needed.
Add actions for non-compliant devices in Microsoft Endpoint Manager
Actions can be defined for each platform type in Microsoft Endpoint Manager. Set your desired actions by doing the following.
Click Devices -> Compliance Policies -> Policies
Click Create Policy if none currently exists
Select Platform and Policy Type
Follow the wizard to create your compliance policy
In this example, we select System Security -> Encryption
Once the Compliance settings are selected click Next to configure Actions for noncompliance
Select Action and Schedule (days after noncompliance) settings
Select Send email to end-user then choose the Message Template you desire
Click None selected under Message Template
The notification message templates preview will appear
Choose your desired template – we chose the one created in the previous section
Once the template has been selected click Next through the wizard and create to complete the compliance policy creation.
Once the end user device checks in registers as non-compliant, they will receive an email to their primary email address. It should be noted that sometimes the notification can take up to 8-10 minutes to appear.
Are you interested in remote device management?
We offer several services for Microsoft Intune, from implementation to support. If you have more questions about Microsoft Intune, contact us or see our Endpoint Support service.
Microsoft Intune is a part of Microsoft Endpoint Manager and provides the cloud infrastructure, the cloud-based mobile device management (MDM), cloud-based mobile application management (MAM), and cloud-based PC management for your company.
Terrence is our Senior Engineer in the US and works with clients in the Microsoft O365 space helping to design and development Endpoint Management solutions. Terrence is a Marine Corps veteran and graduate of Kaplan University. Prior to joining Mobile Mentor, Terrence spent over 5 years working for a Microsoft top 10 Consulting partner in the SCCM and O365 technology space where he implemented and designed solutions for different clients both large and small.