Submit a request

Nerdio Help Center

Overview of Intune device management


Applies to: Nerdio Manager for MSP (NMM) v3.0+


Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). You can control and securely manage how your organization's devices such as mobile phones, tablets, and laptops are used. For example, you can configure settings or policies so as to prevent emails from being sent to people outside your organization. Let us understand how you can manage your Intune devices using the NMM portal.

Managing Intune devices

Login to your account and from the Home page and navigate to INTUNE > Devices tab as shown below:

Home_intune_devices.png

The Intune devices page opens up:

Intune_devices_page.png

You can perform several operations on Intune devices. Expand the action menu to view all options:

Intune_devices_actionmenu.png

Let us look at all the options one by one. Note that the actions available differ based on device type. Actions that apply to an iOS device or MacOS device may not apply to a Windows 11 device. 

Nerdio Tip
  • For many actions, it can take an hour or longer for the action to actually run on the device after you have kicked off the action from NMM.

 

Sync

Once you click "Sync" option on the Intune device action menu, the following pop-up opens up:

Sync_confirm_action.png

Click "OK" button to confirm the action. Sync allows you to force a device to check for updates to compliance policies and such.

Restart

Once you click "Restart" option on the Intune device action menu, the following pop-up opens up:

Restart_device.png

You can either restart the selected device right away or schedule it for later. If you choose to restart the device immediately (SCHEDULE slider is OFF), users allocated to the device won't be notified about the restart and may lose their unsaved data. If you want to schedule the restart at a later time (SCHEDULE slider is ON), you need to configure the start date, timezone, start time, or setup a recurring restart operation.

Quick Scan

Once you click "Quick Scan" option on the Intune device action menu, the following pop-up opens up:

Quick_scan_popup.png

You can either initiate a quick scan operation on the selected device right away or schedule it for later. If you choose to do a quick scan for the device immediately (SCHEDULE slider is OFF), the device will be scanned for system and kernel-level malware right away. If you want to schedule the quick scan at a later time (SCHEDULE slider is ON), you need to configure the start date, timezone, start time, or setup a repeat operation. This feature is available only for Windows devices.

Full Scan

Once you click "Full Scan" option on the Intune device action menu, the following pop-up opens up:

Fullscan_device_popup.png

You can either initiate a full scan operation on the selected device right away or schedule it for later. If you choose to full scan the device immediately (SCHEDULE slider is OFF), the hard disk will be scanned for malware right away. If you want to schedule the full scan at a later time (SCHEDULE slider is ON), you need to configure the start date, timezone, start time, or setup a repeat operation. We recommend you schedule this operation outside of business hours since the scan may take up to an hour to complete. This feature is available only for Windows devices.

Retire

Once you click "Retire" option on the Intune device action menu, the following pop-up opens up:

Retire_device.png

Enter CONFIRM in the textbox provided and click OK button to confirm that you want to retire the selected Intune device. This action will only remove company data from the selected device. The user's personal data will not be removed. The device will no longer be managed by Intune, and will no longer be able to access corporate resources. Removing company data is not supported for Windows devices that are joined to Azure Active Directory. Any Win32 app deployed using Intune will not be automatically removed from the device, when the device is retired. The Win32 app and the data it contains will remain on the device. If the Win32 app is not removed prior to retiring the device, you will need to take explicit action on the device to remove the app.

Wipe

Once you click "Wipe" option on the Intune device action menu, the following pop-up opens up:

Wipe_device.png

Once you are sure that you want to do a factory reset on the selected Intune device, enter CONFIRM in the textbox provided and click OK button. This action removes all personal and company data and settings from this device. You can choose whether to keep the device enrolled and the user account associated with this device. You cannot revert this action. 

Run script

Once you click "Run script" option on the Intune device action menu, the following pop-up opens up:

Run_script.png

You can select a Scripted Action from the drop-down and check appropriate options:

  • Run the script using logged in credentials
  • Enforce script signature check
  • Run script in 64 bit PowerShell host

 

Delete

Once you click "Delete" option on the Intune device action menu, the following pop-up opens up:

Delete_device.png

Once you delete a device, you no longer will be able to view or manage it through NMM portal.

Change primary user

Once you click "Change primary user" option on the Intune device action menu, the following pop-up opens up:

Change_primary_user.png

Select the primary user, the one with an Intune license, and click OK button:

Change_primary_user1.png

Discovered Apps

Once you click "Discovered apps" option on the Intune device action menu, the following pop-up opens up:

Discovered_apps.png

Discovered apps is a list of all detected applications on Intune enrolled device. It acts as a software inventory, collecting information from app installation reports. In general, this list refreshes every 7 days from the time of enrollment. You can export it to a .csv file and can also search it by name using search filters.

Managed Apps

Once you click "Managed apps" option on the Intune device action menu, the following pop-up opens up:

Managed_apps.png

Managed apps is a list of applications on an intune device that can be managed (for example, installed). You can view all the applications with current Installation status and Resolved Intent that were added and assigned to the device.

Action status

Once you click "Action status" option on the Intune device action menu, the following pop-up opens up:

Device_action_status.png

This allows you to view any ongoing or pending actions on the device.

Application reliability

Application reliability is the probability that the application will work without failure in a specified environment over a set duration of time. Once you click "Application reliability" option on the Intune device action menu, the following windows opens up:

Application_reliability_score.png

Startup performance

Once you click "Startup performance" option on the Intune device action menu, the following window opens up. You can view details such as boot history, sign-in history, apps affecting login times, OS restart history etc. to give you an idea of the startup performance of the device:

mceclip0.png

Factors that contribute to a device's startup performance are:

Boot history: Boot history section gives you an insight into how long it takes to boot up a device. The duration of each phase (update phase, group policy phase, to sign-in screen and feature update) are displayed under this section.

Sign-in history: Sign-in history provides an insight into how long it takes to sign-in after device has booted up. The duration of each phase (responsive desktop phase, group policy phase, desktop phase and first sign-in phase) are displayed under this section.

Apps affecting login times: In this section, you will find the list of applications that slow down your device or affect login times.

OS restart history: In this section, you will find the OS restart history such as date, OS version, and restart category for your device.

Search

You can search Intune devices based on filters like device name, user's name, compliance, primary user, and device type (model): AVD, CPC, or physical device:

mceclip1.png

Select bulk action

You can also select multiple devices and expand the Select bulk action menu as shown below:Select_bulk_action.png

You can perform bulk sync, restart, quick scan, full scan or delete selected devices in one go.

Was this article helpful?
0 out of 0 found this helpful
Important Notification for NFA Partners Only
  • Microsoft is sunsetting Azure Classic (not Azure Virtual Desktop (AVD)) - Microsoft Article
  • NFA sunset occurs February 20th, 2023
  • NFA will be fully supported until the official sunset - nfa.support@getnerdio.com

Comments

Please sign in to leave a comment.