Get ready for Windows Information Protection in Windows 10/11
Enable Windows Information Protection (WIP) for Windows 10/11 by setting the WIP provider in Microsoft Entra ID. Setting a WIP provider in Microsoft Entra ID allows you to define the enrollment state when creating a new WIP policy with Intune. The enrollment state can be either WIP or mobile device management (MDM).
Important
Windows Information Protection (WIP) policies without enrollment has been deprecated. You can no longer create WIP policies for unenrolled devices.
To configure the WIP provider
Sign in to the Microsoft Intune admin center.
Select All services and choose M365 Microsoft Entra ID to switch dashboards.
Select Microsoft Entra ID.
Choose Mobility (MDM and WIP) in the Manage group.
Select Microsoft Intune.
Configure the settings in the Restore default WIP URLs group on the Configure pane.
WIP user scope
Use WIP autoenrollment to manage enterprise data on your employees' Windows devices. WIP autoenrollment will be configured for your own device scenarios.- None
Select if no users can be enrolled in WIP. - Some
Select Microsoft Entra groups that contain users who will be enrolled in WIP. - All
Select if all users can be enrolled in WIP.
WIP terms of use URL
The WIP terms of use URL isn't supported for Microsoft Intune. This input box must be left blank for protection policies to apply.WIP discovery URL
The URL of the enrollment endpoint of the WIP service. The enrollment endpoint is used to enroll devices for management with the WIP service.WIP compliance URL
The WIP compliance URL isn't supported for Microsoft Intune. This input box must be left blank for protection policies to apply.- None
Select Save.
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for