Let’s check the steps to disable Bluetooth using Intune. You can restrict users from enabling Bluetooth access in a device in Intune, aka Endpoint Manager.
When you create the policy, it creates a device configuration profile. You can then assign or deploy this profile to devices in your organization.
You should go ahead and turn Bluetooth off. Minimizing your Bluetooth usage minimizes your exposure to very real vulnerabilities. You can learn to create a policy with Intune Settings Catalog. Let’s see a list of Intune Settings Catalog Policies.
Here you check the alternative method based on your requirement to configure the required setting to disable Bluetooth with Provisioning Package, learn how to deploy PPKG files with Intune.
How to Disable Bluetooth using Intune
Let’s follow the below steps to disable Bluetooth access using Intune –
- Sign in to the Microsoft Endpoint Manager admin center
- Select Devices > Windows > Configuration profiles > Create profile.
In Create Profile, Select Platform, Windows 10, and later and Profile, Select Settings catalog (preview). Click on Create button.
On the Basics tab, enter a descriptive name, such as Block Bluetooth Access. Optionally, enter a Description for the policy, then select Next.
In Configuration settings, select Add settings.
Select Connectivity, Under these settings, you will see all the settings in this category. After adding your settings, click the cross mark at the right-hand corner to close the settings picker. For Example – I selected the Allow Bluetooth option below –
Bluetooth: Block prevents users from enabling Bluetooth. Not configured (default) allows Bluetooth on the device.
Allows the user to enable Bluetooth or restrict access. Note This value is not supported in Windows Phone 8. 1 MDM and EAS, Windows 10 for desktop, or Windows 10 Mobile.
If this is not set or deleted, the default value of 2 (Allow) is used. Most restricted value is 0
You can also configure the additional settings to control Bluetooth settings under the Bluetooth Catagory:
Bluetooth/Allow Advertising – Specifies whether the device can send out Bluetooth advertisements.
Allow Discoverable Mode – Specifies whether other Bluetooth-enabled devices can discover the device.
Allow Preparing – Specifies whether to allow specific bundled Bluetooth peripherals to automatically pair with the host device.
Allow Prompted Proximal Connections – This policy allows the IT admin to block users on these managed devices from using Swift Pair and other proximity-based scenarios.
Local Device Name – Sets the local Bluetooth device name.
Services Allowed List – Set a list of allowable services and profiles.
Set Minimum Encryption Key Size – This policy helps prevent weaker devices cryptographically from being used in high-security environments.
The following list shows the supported configuration, Set Allow Bluetooth to Disallow Bluetooth. The radio in the Bluetooth control panel will be grayed out, and the user will not be able to turn Bluetooth on to prevents users from enabling Bluetooth –
Disallow Bluetooth – The radio in the Bluetooth control panel will be grayed out and the user will not be able to turn Bluetooth on.
Reserved – The radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
Allow Bluetooth (Default) – The radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
Under Assignments, In Included groups, select Add groups and then choose Select groups to include one or more groups. Select Next to continue.
In-Scope tags, you can assign a tag to filter the profile to specific IT groups. Add scope tags (if required) and click Next.
In Review + create, review your settings. When you select Create, your changes are saved, and the profile is assigned.
A notification will appear automatically in the top right-hand corner with a message. Here you can see, Policy “Block Bluetooth Access” was created successfully. This completes the steps to disable Bluetooth using Intune. The policy is also shown in the Configuration profiles list.
Your groups will receive your profile settings when the devices check-in with the Intune service.
Once the policy applies to the device, The radio in the Bluetooth control panel will be grayed out, and the user will not be able to turn Bluetooth on.
Author
About Author -> Jitesh has over 5 years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus area is Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.
Hi Jitesh, thanks for detailed explanation about how to disable Bluetooth using Intune, just wondering can we enable the same Bluetooth services (limited to Audio/Mic/Headphone only) using the above set method? At the same time the Bluetooth can’t be discoverable for other devices.
Hi,
I want to control data sharing over Bluetooth for Android fully managed device.
What’s the possibility in Intune?
Hi, Is there any option to block Bluetooth for macOs ??