Remotely lock devices with Intune
The Remote lock device action locks the device. To unlock the device, the device owner enters their passcode. You can remotely lock devices that have a PIN or password set. Devices that don't have a PIN or password can't be remotely locked.
When Remote lock is applied to a device that doesn’t have a PIN or password, the device’s screen will turn off but the device will not be locked and the user will be able to wake the device and start using it again without entering a PIN or password. Ensure devices have a PIN or password policy enforced before using the Remote lock action to lock the device.
Remote lock is supported for the following platforms:
- Android Enterprise kiosk devices
- Android Enterprise work profile devices
- Android Enterprise fully managed devices
- Android Enterprise corporate-owned with work profile devices
Remote lock isn't supported for:
- Windows 10 desktop
For macOS devices, you set a 6-digit recovery PIN. When the device is locked, the Device overview displays the PIN until another device action is sent. Please make sure to write down the pin since it will only be available for 30 days after the remote lock command is sent. After the 30 days, Intune will no longer have the PIN. Also, you will see a failed status in reporting if you initiate this command again for the same device while the original pin has not been used to successfully unlock the device. You should only send this command once, write down the pin, and until you use it to get into the macOS device successfully, do not try to send this command to the same device again.
Remote lock a device
- Sign in to the Microsoft Endpoint Manager admin center.
- Select Devices > All devices.
- In the list of devices, select a device, and then select the Remote lock action.
- To see the status of this action, select Microsoft Intune > Devices > Device actions.
- For more actions that can help you manage your devices, see Available actions.
Submit and view feedback for