Video Experience Intune Device Restriction Policy Deployment to Windows 10 Devices

Intune configuration restriction policies are very important in modern device management strategy. Intune device restriction policy is the security settings which are applied on your Windows 10 CYOD device. As part of your organization’s security policies you may need to lock down mobile devices or Windows devices which have access to corporate data and app. yes, Intune configuration restriction policies are to help you to lock down Windows devices as per your organizations security requirements.

Create Intune Device Restriction Policy for Windows 10 Devices

You can create Intune device restriction policy for Windows 10 from Microsoft Intune – Device Configuration – Profiles – Create New Profile. I selected Windows 10 as the platform and Selection of platform in very important. Also, you need to select the profile type while creating Intune Configuration Restriction policy, in my scenario, it’s Device restriction policy. Name of the policy is “Windows 10 CYOD Restrictions”.

Intune Device Restriction Policy for Windows 10Windows platform Intune device restriction policy out of box Settings are segregated in to 16 sections as you can see below. This list is very comprehensive and we can lock down Windows 10 machines as per the requirement. Is this Intune device restriction policy a replacement for group policies? No, it’s still not a replacement for AD group policies.

  1. General
  2. Password
  3. Personalization
  4. Locked screen experience
  5. App Store
  6. Edge Browser
  7. Search
  8. Cloud and Storage
  9. Cellular and Connectivity
  10. Control Panel and Settings
  11. Defender
  12. Defender Exclusions
  13. Network proxy
  14. Windows Spotlight
  15. Display
  16. Start

Deploy Windows 10 Intune Device Restriction Policy

You can deploy Windows 10 Intune Device Restriction Policy to either Windows 10 CYOD dynamic devices or Windows 10 users group. Dynamic device groups are still in preview and those typo of groups are not very stable at times. So at least for next two months I will prefer to deploy policies to user groups rather than dynamic device groups.

Windows 10 End user experience of Intune Device Restriction Policy

As you can see in the video tutorial at the top of this post or here, I’ve enabled time settings disable option as part of initial Windows 10 device restriction policy. The end user logged to Windows 10 machine can’t change time on the system. After that I have changed the windows time setting policy again and after applying the new policy, the user is able to change the time on Windows 10 system.

Intune Device Restriction Policy for Windows 10END USER ExperienceReference :- 

Windows 10 and later device restriction settings in Microsoft Intune HERE

Sharing is caring!

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.