Posted in Endpoint Administrator, How To, Microsoft 365 Administrator, MS 365 Enterprise Administrator, MS 365 Modern Desktop Administrator, MS 365 Security Administrator

Step by Step: Creating a Microsoft Intune Device Configuration Profile and Assigning them

   October 9, 2023

Creating a Microsoft Intune Device Configuration Profiles involves defining settings that will be applied to managed devices. Here’s a step-by-step guide for IT beginners on how to create a Device Configuration Profile for Windows, iOS, and Android, including functions, workflows, and usage examples.

Prerequisites:

  • An active Microsoft Intune subscription.
  • Appropriate permissions in the Microsoft Intune portal.

Step-by-Step: Creating a Device Configuration Profile in Microsoft Intune

For Windows:

Step 1: Profile Creation:

  1. Log in to the Microsoft Intune portal (https://portal.azure.com).
  2. In the left-hand navigation pane, select “Intune” and then “Device configuration.”
  3. Click on “Profiles” and then “Create profile.”

Step 2: Platform Selection:

  1. Choose the appropriate platform for the profile. In this case, select “Windows 10 and later.”

Step 3: Configuration Settings:

  1. Configure the profile settings based on your organization’s requirements. These settings can include security, network, and app-related configurations.
  2. For example, if you want to configure Windows Defender settings, navigate to “Endpoint protection” and select “Windows Defender Antivirus.” Configure the settings as needed.

Step 4: Profile Assignment:

  1. After configuring the settings, go to the “Assignments” tab.
  2. Click “Select groups to include” to choose which groups of devices or users will receive this profile. You can assign the profile to specific devices, user groups, or all devices/users.

Step 5: Review and Create:

  1. Review the profile settings and assignments to ensure they align with your organization’s needs.
  2. Click “Create” to create the Device Configuration Profile.

For iOS and Android:

Step 1: Profile Creation:

  1. Log in to the Microsoft Intune portal.
  2. In the left-hand navigation pane, select “Intune” and then “Device configuration.”
  3. Click on “Profiles” and then “Create profile.”

Step 2: Platform Selection:

  1. Choose the appropriate platform for the profile. For iOS, select “iOS/iPadOS,” and for Android, select “Android.”

Step 3: Configuration Settings:

  1. Configure the profile settings based on your organization’s requirements. These settings can include email configurations, app restrictions, and network settings.
  2. For example, if you want to configure email settings for iOS devices, navigate to “Email” and set up the desired email configurations.

Step 4: Profile Assignment:

  1. After configuring the settings, go to the “Assignments” tab.
  2. Click “Select groups to include” to choose which groups of devices or users will receive this profile. Assign the profile to specific devices, user groups, or all devices/users.

Step 5: Review and Create:

  1. Review the profile settings and assignments to ensure they align with your organization’s needs.
  2. Click “Create” to create the Device Configuration Profile.

Usage Examples:

  • Windows Profile: Create a Windows Device Configuration Profile to enforce BitLocker encryption settings on all Windows 10 laptops used by employees to enhance data security.
  • iOS Profile: Configure an iOS Device Configuration Profile to enforce passcode requirements, VPN settings, and email configurations for iOS devices used by remote workers.
  • Android Profile: Create an Android Device Configuration Profile to restrict app installations, configure Wi-Fi settings, and enforce data encryption on Android tablets used in a retail kiosk.

These examples illustrate how Device Configuration Profiles can be tailored to specific platforms and organizational needs to ensure that devices are configured and managed according to your organization’s standards and requirements.

Assigning Microsoft Intune Device Configuration Profiles is a crucial step in configuring and managing settings on managed devices. Here’s a step-by-step guide for IT beginners on how to assign Device Configuration Profiles for Windows, iOS, and Android, including functions, workflows, and usage examples.

Prerequisites:

  • A Device Configuration Profile already created in Microsoft Intune.
  • An active Microsoft Intune subscription.
  • Appropriate permissions in the Microsoft Intune portal.

Step-by-Step: Assigning a Device Configuration Profile in Microsoft Intune

For Windows:

Step 1: Access Profile Assignments:

  1. Log in to the Microsoft Intune portal (https://portal.azure.com).
  2. In the left-hand navigation pane, select “Intune” and then “Device configuration.”
  3. Click on “Profiles” to see the list of existing profiles.
  4. Select the Windows Device Configuration Profile you want to assign.

Step 2: Configure Assignment:

  1. In the profile details page, go to the “Assignments” tab.
  2. Click “Edit” to configure the assignment.

Step 3: Select Assignments:

  1. In the “Include” section, click “Select groups to include.” This is where you specify which groups of devices or users will receive this profile. You can choose specific devices, user groups, or all devices/users.

Step 4: Define Scope Tags (Optional):

  1. You can assign scope tags to the profile to further refine the profile’s assignment based on organizational structures or specific departments.

Step 5: Review and Save:

  1. Review the assignment settings to ensure they align with your organization’s needs.
  2. Click “Review + save” to save the assignment.

For iOS and Android:

Step 1: Access Profile Assignments:

  1. Log in to the Microsoft Intune portal.
  2. In the left-hand navigation pane, select “Intune” and then “Device configuration.”
  3. Click on “Profiles” to see the list of existing profiles.
  4. Select the iOS or Android Device Configuration Profile you want to assign.

Step 2: Configure Assignment:

  1. In the profile details page, go to the “Assignments” tab.
  2. Click “Edit” to configure the assignment.

Step 3: Select Assignments:

  1. In the “Include” section, click “Select groups to include.” Specify which groups of devices or users will receive this profile, such as specific devices, user groups, or all devices/users.

Step 4: Define Scope Tags (Optional):

  1. You can assign scope tags to the profile to further refine the profile’s assignment based on organizational structures or specific departments.

Step 5: Review and Save:

  1. Review the assignment settings to ensure they align with your organization’s needs.
  2. Click “Review + save” to save the assignment.

Usage Examples:

  • Windows Profile Assignment: Assign a Windows Device Configuration Profile with Wi-Fi and VPN settings to a group of remote workers who need secure access to corporate networks from their Windows laptops.
  • iOS Profile Assignment: Assign an iOS Device Configuration Profile with email configurations and passcode requirements to a group of executives using company iPhones for email communication.
  • Android Profile Assignment: Assign an Android Device Configuration Profile with app restrictions and Wi-Fi settings to a group of Android tablets used by field technicians who require access to specific apps and networks.

These examples illustrate how Device Configuration Profiles can be assigned to specific groups of devices or users, allowing organizations to tailor configurations to meet the unique needs of various device types and user roles within the organization.

Share: XFacebookPinterestLinkedin
Author: tonyhughes