Event details
MicrosoftHi stdcsb,
The word "mobile" here is a bit misleading as it does not refer to third-party mobile devices but rather Windows mobile devices like Windows Phone and Windows Hololens. Thus, it's mostly an artifact left over from our support of these now legacy device types and has no applicability to Windows desktop devices.
What's your goal or expected end result on the devices in question?
Hi Jason_Sandys, thanks for engaging on my question,
I'm fairly new to my current employer and what I am finding is variables and values for Windows password complexity and enabling Windows Hello are showing up in several different locations and I'm trying to shift those into one place and thought the Compliance Polity might be the logical place to manage these things. Thoughts?
- Jason_Sandys
Compliance (in Intune) is specific to settings that are local to the device or the OS instance itself so unless you are wanting to confirm compliance of password complexity for local accounts on the device, these settings won't help.
Password complexity and measurements for non-local accounts (like Entra) are enforced by the IdP (Entra ID for Entra accounts). I strongly suggest moving to a passwordless strategy though and not worrying about password complexity -- it sounds like you may have already started this journey.
Also, keep in mind that compliance is not necessarily configuration. In some cases, configuring compliance in Intune will also enforce settings, but that is not the primary purpose and this only happens with a few settings (like BitLocker). Even for settings where it does enforce a setting, it's best to use configuration policies to actual configure and enforce the settings. For Windows Hello for Business, start here: Configure a tenant-wide Windows Hello for Business policy with Microsoft Intune - Microsoft Intune | Microsoft Learn