Device not compliant based on service running

%3CLINGO-SUB%20id%3D%22lingo-sub-1606644%22%20slang%3D%22en-US%22%3EDevice%20not%20compliant%20based%20on%20service%20running%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1606644%22%20slang%3D%22en-US%22%3EHello%2C%20does%20anybody%20know%20if%20intune%20allows%20you%20mark%20a%20device%20not%20compliant%20if%20a%20certain%20windows%2010%20service%20is%20not%20running%3F%20If%20it%20is%20posible%2C%20what%20is%20the%20most%20restrictive%20action%20that%20we%20can%20take%3F%20Can%20we%20lock%20windows%2010%20for%20example%20and%20not%20allow%20user%20to%20continue%20working%3F%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1606644%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EConditional%20Access%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1606657%22%20slang%3D%22en-US%22%3ERe%3A%20Device%20not%20compliant%20based%20on%20service%20running%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1606657%22%20slang%3D%22en-US%22%3EIt's%20not%20possible%20throug%20device%20compliance.%3CBR%20%2F%3ECompliance%20in%20intune%20is%20pretty%20limited.%3CBR%20%2F%3E%3CBR%20%2F%3EYou%20can%20look%20into%20remediation%20scripts%20from%20endpoint%20analytics.%20That%20might%20help%20you%3C%2FLINGO-BODY%3E
New Contributor
Hello, does anybody know if intune allows you mark a device not compliant if a certain windows 10 service is not running? If it is posible, what is the most restrictive action that we can take? Can we lock windows 10 for example and not allow user to continue working?

3 Replies
It's not possible throug device compliance.
Compliance in intune is pretty limited.

You can look into remediation scripts from endpoint analytics. That might help you

Hi @Thijs Lecomte 

 

I am not getting your idea, are you proposing to detect that a service is not running or installed and then launch an script to start or install it?

 

Can we use that to mark the device as not compliance and then apply some restrictions like not allowing to access office 365? can you think in another solution

 

Thanks in advanced!

@Alberto Palma 

 

I guess what I am proposing will be a very stupid idea :) but it's just an idea!

 

When you create proactive remediations which runs every hour to check if a specific service ain't running... and if it ain't running it will fire up a remedation script.

 

In that remediation script you could make sure real time protection will be disabled (again it's not what you want !! its all about the idea nothing more)

 

And when configure a compliance rule to detect if the device is compliant and you have your ca rules in place.... it will be blocked

Rudy_Ooms_0-1629368389899.png

 

Again ... i am not recommending this :) !