Intune: Manage devices
Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). Using Microsoft Intune, you can manage your organization’s devices, including mobiles, laptops, tablets, Cloud PCs, and Azure Virtual Desktops.
Nerdio Manager provides a consolidated interface for managing Intune-enrolled endpoints, including AVD hosts, Windows 365 Cloud PCs, and physical devices.
Manage Intune devices: searching, filtering, and actions
Nerdio Manager allows you to search for or filter Intune devices based on a variety of criteria, and to perform actions on the selected device(s).
Navigate to Endpoints > All Devices.
-
Search and filter the list as follows:
Search by device name or user name.
Filter by compliance status.
Filter by device type.
Filter by free space.
Filter by groups.
Filter by user assigned.
View and/or edit the device's details. See Manage Intune device details below for details.
In the Compliance column, select the tooltip to see its details.
-
Perform an available action on the device by selecting it from the action menu. The actions applicable to each device type are shown in the table below.
Notes:
These actions mirror the available device actions in the Intune console. You can restrict these actions by creating custom RBAC roles within Nerdio Manager .
The table shows the device type(s) to which each action applies. However, some actions may be unavailable for specific devices depending on Intune enrollment type, OS version, permissions, or other tenant-specific conditions. If an action is grayed out in the menu for a given device, hover over the grayed-out text to reveal a tooltip that explains why the action is currently unavailable.
Action menu tasks Action menu task
Device type(s)
Description
Sync
All
Force the device to check for updates to compliance policies.
Restart (Restart Cloud PC for Windows 365 devices)
All
Sign user(s) out of the device and restart it.
Quick scan
AVD, Windows 365
Perform a quick scan on the device. The device is scanned for system- and kernel-level malware using Windows Defender.
Full scan
AVD, Windows 365
Perform a full scan on the device using Windows Defender.
Request logs
All
Download the selected device's logs to a .zip file.
Rename device
AVD, macOS, iOS/iPadOS, Android
Change the Device name. Applies to Nerdio Manager and the Intune admin center only: does not impact the device's Management name in the Intune admin center or the Device name in the Company Portal. See the Microsoft Learn article Rename a device in Intune for details.
Change primary user
AVD, Windows 365
Assign a new Primary user to the device in Intune. Includes the ability to change the Primary user from none (shared) to a single user, or from a single user to none (shared).
Retire
All
Remove all Intune-managed company data from a device. Users' personal data remains on the device.
Wipe
All
Perform a full factory reset to return a device to its default settings and delete all data.
Delete
All
Remove the device from the list of managed devices in Intune. The next time the device checks in with Intune, any company data is removed from the device.
Fresh Start
AVD
Remove all preloaded Win32 apps from the device. Choose whether or not to retain the user data on the device.
Autopilot Reset
AVD
Return the device to a fully configured or known IT-approved state.
Update Windows Defender
AVD, Windows 365
Update Windows Defender's malware definitions on the device.
Bitlocker key rotation
AVD
Rotate the encryption keys on the device.
Rotate local admin password
AVD, Windows 365
Rotate the local admin password on the device.
Restart Cloud PC
Windows 365
Sign user(s) out of the device and restart it. Equivalent to the Restart command for other devices.
Reprovision Cloud PC
Windows 365
Delete the user's current Cloud PC and create a brand new Cloud PC for the same user.
Restore Cloud PC
Windows 365
Restore the Cloud PC to a chosen restore point. This action is permanent and deletes any data and apps added to the Cloud PC after the selected restore point.
Power Off/On Cloud PC
Windows 365
Remotely power the Cloud PC on or off. Powering on a Cloud PC immediately consumes a license; Powering off an in-use Cloud PC signs out the current user and any unsaved data is lost.
End Grace Period Cloud PC
Windows 365
End the Cloud PC's grace period immediately, withdrawing user access and erasing the OS and data.
Shutdown
iOS/iPadOS, macOS
Remotely power off the device. This action takes effect immediately, with no warning given to the user.
Locate device
iOS/iPadOS, macOS, Android
Show the device's current or last-known location. For iOS/iPadOS devices, the device must first be in lost mode (see the Lost Mode action).
Remote lock
iOS/iPadOS, macOS, Android
Lock a PIN- or password-protected device, requiring the user to enter their passcode before they can continue using it.
Reset work profile passcode
Android
Reset the device passcode. You are provided with a new admin passcode that the user must enter before they can continue using the device.
Remove passcode
iOS/iPadOS
Remove the current passcode from the device. If the device management policy mandates a passcode, the user will be prompted to create a new one.
Lost Mode
iOS/iPadOS
Block a lost or stolen device, and display a message and/or contact phone number on screen to facilitate the device's recovery.
Play Lost Mode sound
iOS/iPadOS, Android
Play an alert sound on a lost device to help the user locate it.
Logout current user
iOS/iPadOS
Sign out the current user on a shared iPad device.
Send custom notification
iOS/iPadOS, Android
Enter a custom message that will display on the managed device as a push notificaton.
Disable activation lock
iOS/iPadOS, macOS
Bypass Apple's Activation Lock to allow the device to be accessed/reset without the user's Apple ID and password.
Revoke licenses
iOS/iPadOS, macOS
De-allocate a software license that was volume purchased using Apple Business Manager or Apple School Manager from the device.
Tip: For many tasks, it may take an hour or longer for the action to actually run on the device after you have requested the action from Nerdio Manager. You can follow the status of the task in the Intune Tasks section.
Perform bulk actions on selected devices
Nerdio Manager allows you to perform bulk actions on selected devices.
To perform a bulk action on selected devices:
Navigate to Endpoints > All Devices.
Identify the device(s) you want to work with from the list and select the corresponding check icon
.
Once you have selected all the desired devices, in the upper right side, select the bulk action icon
and then select the desired action.
Manage Intune device details
Nerdio Manager allows you to view key metrics related to your Intune-enrolled devices and to configure their properties and settings.
To manage the properties of an Intune device:
Navigate to Endpoints > All Devices.
-
Locate the device you want to manage and select either its name or Details from the actions dropdown.
A pop-up window opens, presenting you with an overview of the device's name, ID, and other basic information.
-
Use the headings in the left-hand pane to navigate to the section you want to view or edit. Configuration options and performance metrics are organized into a number of tabs, determined by the device type.
Note: For a summary of the management options available for each device type, consult the table below.
Device details options Option
Device type(s)
Description
Overview
All
Displays basic information about the device, including device IDs, OS version, user details, and group memberships.
Any user with RBAC permissions to manage device groups can add or remove Group Memberships (Device).
Users with RBAC permissions to manage user groups can also add or remove Group Memberships (Owner).
Compliance
All
Displays an overview of the compliance policies and configuration profiles applied to the device, as well as managed applications and applied software updates.
Policies
All
Provides a detailed breakdown of the policies applied to your device, and the compliance status of each policy.
Use the drop-down menus to filter the list of policies by state (enabled/disabled, compliance status, and error status) or type.
Select a policy to view a detailed breakdown of its settings and the compliance status of each setting.
Updates
All
Displays details of the device's memberships of update rings and profiles.
Applications
All
Displays a list of managed applications on the device and their versions.
Select an application to view its state and history.
Select Show on Intune admin center to open and configure the managed application's settings in Intune.
Scripts
All
Displays a list of the scripts configured to run on the device. Select the script name to view its output.
User Experience
AVD, Windows 365
Displays a series of performance metrics for the device, including startup performance, application reliability, and Work from anywhere report.
Hardware
All
Displays details of the device's physical or virtual hardware, including memory and storage, OS version, and device IDs. Select the copy
icon next to a field to copy its the value to the clipboard.
Recovery Keys
AVD, Windows 365, macOS
Allows you to view and rotate BitLocker or FileVault keys for the device, providing that the appropriate permissions are configured.
Anti-Virus
AVD, Windows 365
Allows you to perform quick and full malware scans of the device, update malware definitions, and view any malware found in scans.
Location
All
Displays the physical location of the device, if applicable. Select the copy
Device actions status
All
Displays a log of remote actions that have been run on the device, and their status.
Local admin password
AVD, Windows 365
Allows you to view and manually rotate local admin passwords.
Cloud PC Connectivity Status
Windows 365
Displays a history of connectivity events, including device checks and user sign-in and sign-out activity, along with the result (success or failure) of each event.
Comments (0 comments)