Ensure device compliance with Configuration Manager
Applies to: Configuration Manager (current branch)
Compliance settings in Configuration Manager gives you the tools and resources you need to manage the configuration and compliance of devices in your organization. This helps you support the following business requirements:
Compare the configuration of Windows PCs, Macs computers, servers, and mobile devices you manage against best practices configurations you create, or obtain from other vendors
Identify unauthorized device configurations
Report compliance with regulatory policies and in-house security policies
Identify security vulnerabilities
Provide the help desk with the information to detect probable causes of reported incidents and problems by identifying noncompliant configurations
Automatically remediate some noncompliant settings on mobile devices
Remediate noncompliance by deploying applications, packages and programs, or scripts to a collection that is automatically populated with devices that report that they are out of compliance
Learn the basics about compliance settings, and the tasks you can accomplish with them.
Get started with compliance settings
Plan and design
Before you start working with compliance settings, make sure you have implemented the necessary prerequisites that you'll find in this topic.
Plan for and configure compliance settings
In this section, you'll find some common scenarios that will help you learn to use compliance settings in Configuration Manager.
Common tasks for managing compliance
Remote connection profiles
This configuration item type allows you to configure your user's PCs to remotely connect to work computers when they are not connected to the domain or if their personal computers are connected over the Internet.
Create remote connection profiles
User data and profiles
This configuration item type contains settings that can manage folder redirection, offline files and roaming profiles on computers that run Windows 8 and later for users in your hierarchy.
Create user data and profiles configuration items
Windows edition upgrade policy
The edition upgrade policy lets you automatically upgrade Windows 10 devices to a newer version. You can specify a product key to upgrade Windows 10 desktop versions, or a license file that can be used to upgrade devices running Windows 10 Mobile and Windows 10 Holographic.
Submit and view feedback for