How to enable "On resume, display logon screen"

Copper Contributor

I'm building an Intune-managed AzureAd environment from the ground up at my organization, and so far, this configuration item has stumped me.


Things I've done so far:

Two custom configuration profiles (OMA-URI).

  • ScreenLockTimeout
    • OMA-URI: "./Device/Vendor/MSFT/Policy/Config/DeviceLock/MaxInactivityTimeDeviceLock"
    • Value: Integer: 5
  • InteractiveLogon_MachineInactivityLimit
    • OMA-URI: "./Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit"
    • Value: Integer: 300

A Device restriction configuration profile:

  • Password: require
  • Maximum minutes of inactivity until screen locks: 5 Minutes
  • Require Password when device returns from idle state (Mobile and Holographic): require

An Endpoint Protection configuration profile:

  • Minutes of lock screen inactivity until screensaver activates: 0

This is what those settings give me.

I need that "On resume, display logon screen" ticked.


Any suggestions?

1 Reply

Hello! @JonSmitty


Please see my configuration profile as reference. I am using an administrative template profile and I have it deployed to my dynamic autopilot device group.


Try it out and let me know if we need to do some tweaking to make it fit your org. I am happy to help.




//Nicklas Ahlberg