Microsoft Intune enhancements to noncompliance email notifications
Published Feb 03 2021 12:21 PM 14.9K Views

By: Adrian Moore, Sr. PM and Sameer Yadav, Program Manager - Microsoft Endpoint Manager – Intune


The following article helps IT Pros and mobile device administrators understand the new enhancements to the noncompliance notification feature of Microsoft Intune.


A lot of customers we work with operate globally, with end-users in countries all over the world. Many of these customers standardise their IT communications in English. This certainly makes things easier from an IT perspective but can often leave some staff with limited English struggling to understand what is being asked of them. One area that we often get this feedback about is noncompliance email notifications. With Conditional Access (CA), you can control the devices and apps that can connect to your email and company resources. Intune enhances CA by adding mobile device compliance to the access controls. With an Intune compliance policy that defines requirements for devices to be compliant, you can use a device's compliance status to either allow or block access to your apps and services. You can do this by creating a CA policy that uses the setting Require device to be marked as compliant. When a device falls out of compliance, end-users are notified by email. While it has been technically possible to achieve localised language email notifications, it did require duplication of policies. We have heard your feedback, and are delighted to announce a new, streamlined approach to providing localised language support for noncompliance emails, making it easier for this part of your IT communications to be more inclusive and remove language as a barrier for self-remediation of noncompliance issues.


The current experience

Prior to our new experience, compliance policy could only have a single noncompliance email template attached to it. In practice, this means a duplicate compliance policy for each language you want and a corresponding template. Even with a few languages in play, you can see below how this can be challenging for large organisations:


Compliance policies - Policies bladeCompliance policies - Policies blade


Compliance policies - Notifications bladeCompliance policies - Notifications blade


The feedback from our customers has been that, for many, this would result in many compliance policies to set up and maintain.


The new experience

With the new enhancements, you only need to create a single notification template, which you can add multiple localised email messages to. Let us look at this in practice.


First, create a single compliance policy (instead of one for each language):


New experience of the Compliance policies - Policies bladeNew experience of the Compliance policies - Policies blade


Then, we create a single notification template and add multiple localised email messages to it:


Notification message templates settingsNotification message templates settings


Notification message templates summary viewNotification message templates summary view


We then assign that template to our compliance policy (note the languages in the details pane on the right):


List of notification message templatesList of notification message templates


If you are wondering how we determine which template to send to the user, the answer lies in the user’s Microsoft 365 “Display Language” setting, which is accessed via


Microsoft 365 - Settings & Privacy - Display Language settingMicrosoft 365 - Settings & Privacy - Display Language setting


This means the language that the user has set themselves will be what Intune uses to trigger the localised email message. However, some customers may want to manage this centrally, in which case you have a couple of options:


  • Leverage Microsoft Graph and patch the “preferredLanguage” attribute at{user id}
  • Use Powershell scripts



You must use a defined language tag (for example en-US for the US, or es-ES for Spain). Supported languages can be found at the Supported Language Packs and Language Interface Packs page.


If a user’s display or preferred language cannot be determined, they will receive the default template selected by their IT admin.


Hybrid environments

The above methods for setting the user’s language only applies to cloud-only accounts. For those customers who are using Azure Active Directory (Azure AD) Connect to sync their identities from their on-premises Active Directory, the language must be set on-premises and then sync’d to Azure AD. If this is the case, your users will see the following:


Language & Region - Display language for Hybrid usersLanguage & Region - Display language for Hybrid users


To set the language in your local Active Directory, navigate to the user object and edit the attribute:


preferredLanguage setting for a user object in local Active DirectorypreferredLanguage setting for a user object in local Active Directory


This may be something you leverage scripting for as, in large organizations, you may run into scale challenges without scripting.



As our customers move towards more inclusive workplaces, technology needs to move with it. Keeping your end-users productive demands that, should their device become noncompliant for any reason, they can self-remediate the problem quickly and, ideally, without the help of others. Ensuring your end-users always receive their noncompliant email notifications in their preferred language means they can easily understand what they need to do to get their corporate access back - without language being a barrier.


More info and feedback

For further resources on this subject, please see the links below.


Use compliance policies to set rules for devices you manage with Intune

How to set language and region settings for Office 365

Supported Language Packs and Language Interface Packs


As always, we want to hear from you! If you have any suggestions, questions, or comments, please visit us on our Tech Community Page, or leave a comment below.


Follow @MSIntune and @IntuneSuppTeam on Twitter and feel free to ask any questions about implementing this new feature to the @IntuneSuppTeam on Twitter!

Version history
Last update:
‎Nov 30 2023 04:12 PM
Updated by: