Do you want to use your favorite vendor to validate your device compliance and send that status per device back to Intune?
By default, Intune is set up to be the Mobile Device Management (MDM) authority for your devices. When you add a compliance partner to Azure AD and Intune, you’re configuring that partner to be a source of Mobile Device Management (MDM) authority for the devices you assign to that partner through an Azure AD user group.
Microsoft Intune can add compliance state data to Azure Active Directory (Azure AD) for the devices you manage with one or more third-party device compliance partners. With this configuration, compliance data from those devices can be used with your conditional access policies.
To enable use data from device compliance partners, complete the following tasks:
- Configure Intune to work with the device compliance partner, and then configure groups of users whose devices are managed by that compliance partner.
- Configure your compliance partner to send data to Intune.
- Enroll your iOS or Android devices to that device compliance partner.
With these tasks complete, the device compliance partner sends device state details to Intune. Intune then adds this information to Azure AD. For example, devices with a state of non-compliant have that status added to their device record in Azure AD.
The compliance state is then evaluated by conditional access policies, the same as compliance state data for devices managed by Intune. By default, Intune is a registered compliance partner for iOS and Android. When you add additional partners, you can set the priority order to ensure the correct partner manages device to fit your business needs.
The following partners are supported as generally available:
- JAMF Pro
- MobileIron Device Compliance On-prem
- VMware Workspace ONE UEM (formerly AirWatch)
However, the following partners are also listed for use. These additional vendors haven’t been announced yet. But you can rest assured that you can leverage these partners too.
Use the documentation from your third-party partner to create compliance policies for devices.
[button size=”medium” style=”primary” text=”Add a Compliance Partner to Microsoft Intune” link=”https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-partners#add-a-compliance-partner-to-intune” target=””]