Managing devices in the Azure portal

In a mobile-first, cloud-first world, Azure Active Directory (Azure AD) enables single sign-on to devices, apps, and services from anywhere. With the proliferation of devices – including Bring Your Own Device (BYOD), IT professionals are faced with two opposing goals:

  • Empower the end users to be productive wherever and whenever
  • Protect the corporate assets at any time

Through devices, your users are getting access to your corporate assets. To protect your corporate assets, as an IT administrator, you want to have control over these devices. This enables you to make sure that your users are accessing your resources from devices that meet your standards for security and compliance.

Device management is also the foundation for device-based conditional access. With device-based conditional access, you can ensure that access to resources in your environment is only possible with managed devices.

This blog post shows how to manage devices in Azure AD

Manage devices

Sign in to the Azure portal as administrator.

On the left navbar, click Active Directory.

In the Manage section, click Devices.

Configure device settings

To manage your devices using the Azure portal, your devices need to be either registered or joined to Azure AD.

As an administrator, you can fine-tune the process of registering and joining devices by configuring the device settings.

The device settings page enables you to configure:

  • Users may join devices to Azure AD – This setting enables you to select the users who can join devices to Azure AD.
  • The default is

    • Additional local administrators on Azure AD joined devices – You can select the users that are granted local administrator rights on a device. Users added here are added to the Device Administrators role in Azure AD. Global administrators in Azure AD and device owners are granted local administrator rights by default. This option is a premium edition capability available through products such as Azure AD Premium or the Enterprise Mobility Suite (EMS).
      • Users may register their devices with Azure AD
      • Require Multi-Factor Auth to join devices
      • Maximum number of devices
      • Users may sync settings and app data across devices
    • Locate devices

    • Devices

    •     

    • All devices in the Manage section of the Devices page

    •     

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s