Professional Documents
Culture Documents
As part of your mobile device management (MDM) solution, use these configuration
profiles to complete different tasks. Some profile examples include:
This article gives an overview of the different types of profiles you can create. Use these
profiles to allow or prevent some features on the devices.
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 2/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
Administrative templates
Administrative templates include hundreds of settings that you can configure for
Internet Explorer, OneDrive, remote desktop, Word, Excel, and other Office programs.
Certificates
Certificates configure trusted, SCEP, and PKCS certificates that are assigned to devices.
These certificates authenticate WiFi, VPN, and email profiles.
Android
Android Enterprise
iOS/iPadOS
macOS
Windows Phone 8.1
Windows 8.1
Windows 10 and later
Custom profile
Custom settings let administrators assign device settings that aren't built in to Intune.
On Android devices, you can enter OMA-URI values. For iOS/iPadOS devices, you can
import a configuration file you created in the Apple Configurator.
Android
Android Enterprise
iOS/iPadOS
macOS
Windows Phone 8.1
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 3/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
Delivery optimization
Delivery optimization provides a better experience to delivery software updates. These
settings are replacing the Software Updates > Windows 10 update ring settings.
Use these settings to control how software updates are downloaded to devices in your
organization. For example, you can let users get their own updates, or get updates
using the delivery optimization cloud services in a device profile.
Device features
Device features controls features on iOS/iPadOS and macOS devices, such as AirPrint,
notifications, and lock screen messages.
iOS/iPadOS
macOS
Device restrictions
Device restrictions controls security, hardware, data sharing, and more settings on the
devices. For example, create a device restriction profile that prevents iOS/iPadOS device
users from using the device camera.
Android
Android enterprise
iOS/iPadOS
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 4/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
macOS
Windows 10 and later
Windows 10 Team
Edition upgrade
Windows 10 edition upgrades automatically upgrades devices that run some versions
of Windows 10 to a newer edition.
Education
Education settings - Windows 10 configure options for the Windows Take a Test app.
When you configure these options, no other apps can run on the device until the test is
complete.
Education settings - iOS/iPadOS uses the iOS/iPadOS Classroom app to guide learning,
and control student devices in the classroom. You can configure iPad devices so many
students can share a single device.
Email settings creates, assigns, and monitors Exchange ActiveSync email settings on the
devices. Email profiles help with consistency, reduce support calls, and let end-users
access company email on their personal devices, without any required setup on their
part.
Android
Android Enterprise
iOS/iPadOS
Windows Phone 8.1
Windows 10 and later
Endpoint protection
Endpoint protection settings for Windows 10 configures BitLocker and Microsoft
Defender settings for Windows 10 devices.
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 5/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
Extensions
Kernel extensions allows administrators to add features or programs at the kernel-level
on macOS devices. Configure these settings to trust all extensions from a specific
developer or partner, or allow specific kernel extensions.
macOS
Identity protection
Identity protection controls the Windows Hello for Business experience on Windows 10
and Windows 10 Mobile devices. Configure these settings to make Windows Hello for
Business available to users and devices, and to specify requirements for device PINs and
gestures.
Kiosk
Kiosk settings profile configures a device to run one app, or run many apps. You can
also customize other features on your kiosk, including a start menu and a web browser.
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 6/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
Kiosk settings also available as device restrictions for Android, Android Enterprise, and
ios/iPadOS.
OEMConfig
OEMConfig is a standard that allows OEMs (original equipment manufacturers) and
EMMs (enterprise mobility management) to build and support OEM-specific features in
a standardized way on Android Enterprise devices. With OEMConfig, an OEM creates a
schema that defines OEM-specific management features, and embeds it in an app
uploaded to Google Play. Intune reads the schema from the app, allows Intune
administrators to configure the settings in the schema.
PowerShell scripts
PowerShell scripts on Windows 10 devices uses the Intune Management Extension to
upload your PowerShell scripts in Intune, and then run these scripts on your devices.
Also see what's required to use the extension, how to add them to Intune, and other
important information.
These shared multi-user device settings allow an administrator to control some of the
device features, and manage these shared devices using Intune.
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 7/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
Update policies
iOS/iPadOS update policies shows you how to create and assign iOS/iPadOS policies to
install software updates on your iOS/iPadOS devices. You can also review the
installation status.
iOS/iPadOS
VPN
VPN settings assigns VPN profiles to users and devices in your organization, so they
can easily and securely connect to the network.
Virtual private networks (VPNs) give users secure remote access to your company
network. Devices use a VPN connection profile to start a connection with your VPN
server.
Android
Android Enterprise
iOS/iPadOS
macOS
Windows Phone 8.1
Windows 8.1
Windows 10 and later
Wi-Fi
Wi-Fi settings assigns wireless network settings to users and devices. When you assign
a WiFi profile, users get access to your corporate WiFi without having to configure it
themselves.
Android
Android Enterprise
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 8/9
05/09/2023 21:01 IntuneDocs/intune/configuration/device-profiles.md at main · MicrosoftDocs/IntuneDocs · GitHub
iOS/iPadOS
macOS
Windows 8.1 (import only)
Windows 10 and later
Manage your profiles to check the status of devices, and the profiles assigned. Also
help resolve conflicts by seeing the settings that cause a conflict, and the profiles that
include these settings. Common issues and resolutions helps administrators work with
profiles. It describes what happens when deleting a profile, what causes notifications to
be sent to devices, and more.
Next steps
Choose your platform, and get started.
https://github.com/MicrosoftDocs/IntuneDocs/blob/main/intune/configuration/device-profiles.md 9/9