Noncompliant devices
An unenrolled device that attempts to access corporate resources will be deemed to be noncompliant and access will be blocked. If a user subsequently enrolls the device in Intune and re-attempts to access corporate resources, the Intune compliance policies will be evaluated again, and the device may or may not be granted access based on the current policies in place.
The outcome for noncompliant, but enrolled, devices will typically be to block access to company resources. However, you can configure actions for noncompliance as follows:
- Send Email To End User You can customize an email notification that is sent to the end user. You can customize the recipients, subject, and message body. Also, you can add a company logo and contact information. Lastly, you can add any instructions on how the user can bring the device into a compliant state.
- Remotely Lock The Noncompliant Device Devices that are noncompliant can be remotely locked. The user will need to enter a PIN or password to unlock the device.
- Mark Device Noncompliant The noncompliant device can be allowed access to company resources as long as the device is made compliant within a specified grace period. After the grace period has expired, noncompliant devices will be blocked. Alternatively, the grace period can be set to zero, and the action will take effect immediately.
To configure a notification email message template, follow these steps:
- Sign into the Microsoft Endpoint Manager admin center at https://endpoint.microsoft.com as a global administrator.
- Select Devices, and then under Policy, click Compliance policies.
- On the Compliance policies page, select Notifications.
- Select Create notification.
- On the Create notification blade, as shown in Figure 2-1, enter the name of the notification.
Figure 2-1 Configure notification email
- On the Email header–include company logo, select Enable or Disable.
- On the Email footer–include company name, select Enable or Disable.
- On the Email footer–include contact information, select Enable or Disable.
- On the Company Portal Website Link, select Enable or Disable.
- Click Next.
- On the Notification message template page, select the Locale.
- For the subject, enter a message subject.
- In the message box, enter your notification message.
- If this is your only message template, under Is Default, select the check box to make this message template the default template.
- Click Next.
- On the Review + Create page, review the details and then click Next.
- The notification is created and listed in the list of notifications.