“Notify and comply is the name of the game.”

So, you’re managing devices in your environment using Microsoft Endpoint Manager and you’ve figured out how to setup compliance for your devices.  The question left is, “Now what do you do?” 

Notify and comply is the name of the game. 

With Microsoft Endpoint Manager you can enforce compliancy for your devices and laptops and restrict access to corporate data until the device becomes compliant.  With the instructions below you will be able to create custom notifications for users who are out of compliance and inform them of what they need to do next to (re-)gain access to corporate data. 

 

Create Compliance Notifications in Microsoft Intune

Sign in to the client tenant here

  • Click Endpoint security -> Device Compliance -> Notifications -> Create notification 

 

 

 

  • Fill in the template as needed.

 

 

 

Once the template is created it can be used as an action for noncompliance. Microsoft Endpoint Manager already handles this process by default and marks devices non-compliant when they check-in and are deemed so. 

Now administrators can add additional actions to this process with notification messages to the users.   

Note: It may be necessary to have multiple templates for different messages or scenarios depending on the notification that is needed. 

 

Add actions for non-compliant devices in Microsoft Endpoint Manager

Actions can be defined for each platform type in Microsoft Endpoint Manager. Set your desired actions by doing the following. 

  • Click Devices -> Compliance Policies -> Policies 

  • Click Create Policy if none currently exists 

  • Select Platform and Policy Type 

  • Click Create
     
    image5.png

 

 

 

  • Follow the wizard to create your compliance policy

    image6.png

 

 

 

  • In this example, we select System Security -> Encryption

  • Once the Compliance settings are selected click Next to configure Actions for noncompliance 

  • Select Action and Schedule (days after noncompliance) settings 

  • Select Send email to end-user then choose the Message Template you desire

 

  • Click None selected under Message Template 

  • The notification message templates preview will appear 

  • Choose your desired template – we chose the one created in the previous section 

  • Click Select 

 

 

 

  • Once the template has been selected click Next through the wizard and create to complete the compliance policy creation.

    image11.png

 

 

 

  • Once the end user device checks in registers as non-compliant, they will receive an email to their primary email address. It should be noted that sometimes the notification can take up to 8-10 minutes to appear.

    image15.png

 

 

Are you interested in remote device management?

We offer several services for Microsoft Intune, from implementation to support. If you have more questions about Microsoft Intune, contact us or see our Endpoint Support service.

Microsoft Intune is a part of Microsoft Endpoint Manager and provides the cloud infrastructure, the cloud-based mobile device management (MDM), cloud-based mobile application management (MAM), and cloud-based PC management for your company.

 
Learn more about endpoint support

Terrence Brown

Terrence is our Senior Engineer in the US and works with clients in the Microsoft O365 space helping to design and development Endpoint Management solutions. Terrence is a Marine Corps veteran and graduate of Kaplan University. Prior to joining Mobile Mentor, Terrence spent over 5 years working for a Microsoft top 10 Consulting partner in the SCCM and O365 technology space where he implemented and designed solutions for different clients both large and small.