Intune Device Compliance Notifications

Standard

This weeks short blogpost is all about the new Device Compliance Notification functionality in Microsoft Intune. With this new option you can send notifications to your users when the device of the user becomes non-compliant. This is a great new way of informing users about the compliance state of their device. When using Device Compliance in AzureAD Conditional Access it’s very important to inform your users about the compliance state of the device. Users can view the compliance state in the Intune Company portal and this is just a new additional functionality.

Configuring this new functionality is a 2-step process. First you will need to configure a notification and when created you need to link this notification to a compliance policy. Let’s configure both steps now:

  1. Go to the Azure portal (https://portal.azure.com) and go to the Intune section;
  2. Go to Device Compliance –> Notifications and click on Create Notification;
  3. Fill-in the information and click on Create;
    image
  4. Next step is to configure this notification inside your Compliance Policies. Go to the compliance policies section and open one of your compliance policies.
  5. Click on Properties;
  6. Click on Actions for noncompliance and click on Add;
    image
  7. Select your notification template and select the number of days of noncompliance before the email should be send to your users:
    image
  8. Click on OK and save the policy.

The users should see the following mail arriving when the device is not compliant:

image

This notification is send from the Microsoft Intune Notification service. If you’ve configured a Company Logo for the Company Portal this logo can be added to the notification to make it more personalized. It would be great if in the future the reason of being not-compliant is added to the email so that your users can see the reason directly in the mail and don’t have to go to the Company Portal for that.

Note 1: On Twitter I received a question: “Will the mail arrive even if the device is marked as non-compliant”. The answer is that in my tests the mail arrived on my workstations even when the device was marked as non-compliant.”

5 thoughts on “Intune Device Compliance Notifications

Leave a Reply