Skip to main content

How To Configure Intune Device Enrollment Restrictions

 In this post, I will show you how to create and configure Intune device enrollment restrictions. Device Enrollment restrictions in Intune define what devices can enroll into management with Endpoint Manager.

https://directory6.org/listing/external-hard-drive-356330

With Intune, you can manage different types of devices. Intune Device restriction policies control a wide range of settings and features of mobile devices (iOS, Android, macOS, and Windows 11).

http://blog.pucp.edu.pe/blog/comprensionlectora5/2022/06/13/impact-of-our-food-consumption-on-our-environment/

As an Intune administrator, you can create and manage enrollment restrictions that define what devices can enroll into management with Intune which include:

  • A number of devices.
  • Operating systems and versions.

When you create a new restriction, it takes priority over the default policy. The priority level determines which policy gets applied when a group is targeted with multiple restrictions. You can also edit the enrollment restrictions after you create them.


In the next section, we will understand what are enrollment restrictions in Intune, and the types of enrollment restrictions. We will see how to configure the device limit and device platform restrictions in Intune.


What are Device Enrollment Restrictions in Intune?


Enrollment restrictions block Intune enrollment on devices that fall short of your device requirements. With Enrollment restrictions, you can define what devices can enroll into Intune for management. You can also prevent people from enrolling personal devices in Intune.


With enrollment restrictions, you can define who can enroll personal devices and restrict other users in Intune. For example, you may allow your IT team permission to enroll personal devices while everyone else cannot.

Types of Intune Device Enrollment Restrictions


There are two types of device enrollment restrictions available in Intune:

  • Device Platform Enrollment Restriction
  • Device Limit Enrollment Restriction

Both the device enrollment restrictions are available in Microsoft Endpoint manager Admin Center > Devices. You can configure the Intune enrollment restrictions to override the default ones.


In the Intune portal, the default restrictions are automatically provided for both device type and device limit enrollment restrictions.


You can change the options for the defaults. Default restrictions apply to all user and userless enrollments. You can override these defaults by creating new restrictions with higher priorities.

Difference between Device Platform Restrictions vs. Device Limit Restrictions

There is a major difference between device platform restrictions and device limit restrictions. The Device limit restrictions will let you restrict the number of devices allowed to enroll whereas Device platform restrictions let you restrict device platforms, OS versions, and personally owned devices.

Device type restrictions allow you to control enrollment rights based on the device itself type such as Android, iOS, macOS, Windows, ownership, operating system and version, and manufacturer.


Note that some of these values are only supported on certain types of devices. For example, macOS does not support restrictions based on OS version, and only Android enrollment can be controlled by the manufacturer.

The Intune device limit restrictions set the maximum number of devices that a user can control (the maximum setting is 15).


Create Device Platform Restriction in Intune


In Intune, you can configure device platform restrictions for the following device types:

  1. Android restrictions
  2. Windows restrictions
  3. macOS restrictions
  4. iOS restrictions

These restrictions don’t affect devices that have already been enrolled. Only
Let’s create a new enrollment device platform restriction in Intune:

  • Sign in to the Microsoft Endpoint Manager admin center.
  • Go to Devices > Enrollment device platform restrictions.
  • Select a restriction type that corresponds with the platform you’re configuring and click Create Restriction.
  • On the Basics page, specify the restriction name, and an optional description. Click Next.
  • On the Platform settings page, configure the restrictions for your selected platform. For example, if you had selected Windows Restrictions in the initial step, you get to Allow or Block MDM, Block personally owned devices. Configure the settings based on your requirements and click Next.
  • You may add scope tags to the restriction. Click Next.
  • On the Assignments page, select Add groups and then use the search box to find and select groups. To assign the restriction to all device users, select Add all users.
  • On the Review+Create page, review all the settings for device platform enrollment restrictions and click Create.
  • This completes the steps to create an enrollment device platform restrictions in Intune. You should see a notification about the creation of platform restrictions in the top-right corner of the Endpoint admin center console.

Labels:

Comments

Post a Comment

Popular posts from this blog

10 of the latest Microsoft Teams integrations to help you work smarter, not harder

We built Microsoft Teams as a platform to bring together all of your workplace tools, apps, and services—whether or not we built them—to allow you to deliver better workday flow for you and your employees. A lot of you recognize the power of Teams, and you’ve been asking how to use Teams to its full advantage. Look no further. Today, we’re sharing ten of the latest Teams integrations you can use every day to simplify workflows, refocus your attention, and get back to working smarter—not harder. This is something our CEO, Satya Nadella, recently addressed in his interview on the future of communication at work with the Wall Street Journal. http://www.kadimkrallik.com/forum/thread-49637-post-77336.html#pid77336 http://forum.mukhronus.com/thread-67277.html https://pozyczkaforum.pl/thread-145665.html https://www.netmaid.com.sg/forums/showthread.php?tid=1504&pid=3947#pid3947 https://forum.armdevelopers.com/thread-18108.html Ten of the latest integrations to try in Teams These ten integr...
Post a Comment
Read more

9 Killer Blogspot SEO Tips For bloggers

We already had enough conversation about BlogSpot or WordPress and for one reason I don’t like BlogSpot much is because of the limitation of optimizing it for the search engine. There are many BlogSpot SEO guides that you will find on The Internet, and many of them are related to template editing and all, but in WordPress, plugins make it easier to optimize your blog. Anyhow, I’m not here to disappoint my BlogSpot friends. Instead, I will be sharing some cool BlogSpot SEO tips which will help you to get better ranking. Blog-Spot being a free Blogging platform, it’s always a preferred platform to start Blogging and learn the basics. If you or a friend need step by step guide to creating a Blog, You can refer below link to him/her:  How to create a free blog on BlogSpot. Google Blogger is free and easy to use the web publishing tool. Many bloggers initially use Blogger and then Migrate to WordPress complaining about the lack of official templates, post SEO friendliness, plugins, etc....
8 comments
Read more

Best Ways to Clear Clipboard History in Windows 11

 In this article, I will cover different methods to clear Clipboard history in Windows 11. The Windows 11 clipboard is a special place in the computer’s memory that stores everything you copy. When you copy content on your Windows 11 PC, it’s automatically copied to your clipboard for you to paste. Windows 11 Clipboard is a very useful feature but most Windows 11 PC users are unaware of Clipboard functionality. You can paste multiple items from your clipboard history. In addition, you can also pin the items you tend to use all the time and sync your clipboard history to the cloud. On Windows 11 PC, you can launch the clipboard using the Windows+V shortcut key. The Clipboard data shows the history of items that you have copied on a Windows 11 PC. http://www.nometoqueslashelveticas.com/2010/04/la-aspirina-se-anuncia-con-graffitis.html?m=0 https://www.iloveitallwithmonikawright.com/2010/12/get-ready.html You can pin an item if it’s important and used frequently, and you can even delet...
Post a Comment
Read more