Skip to content

Latest commit

 

History

History
67 lines (50 loc) · 2.65 KB

app-protection-policies-configure-windows-10.md

File metadata and controls

67 lines (50 loc) · 2.65 KB
Raw
title titleSuffix description keywords author ms.author manager ms.date ms.topic ms.service ms.subservice ms.localizationpriority ms.assetid ms.reviewer ms.suite search.appverid ms.collection
Configure app protection policies for Windows 10/11
Microsoft Intune
This article describes how to configure app protection policies (APP) for Windows 10/11 devices.
Erikre
erikre
dougeby
02/27/2024
how-to
microsoft-intune
apps
medium
949fddec-5318-4c9a-957e-ea260e6e05be
scottduf
ems
MET150
tier2
M365-identity-device-management
Windows

Get ready for Windows Information Protection in Windows 10/11

[!INCLUDE azure_portal]

Enable Windows Information Protection (WIP) for Windows 10/11 by setting the WIP provider in Microsoft Entra ID. Setting a WIP provider in Microsoft Entra ID allows you to define the enrollment state when creating a new WIP policy with Intune. The enrollment state can be either WIP or mobile device management (MDM).

Important

Windows Information Protection (WIP) policies without enrollment has been deprecated. You can no longer create WIP policies for unenrolled devices.

To configure the WIP provider

  1. Sign in to the Microsoft Intune admin center.

  2. Select All services and choose M365 Microsoft Entra ID to switch dashboards.

  3. Select Microsoft Entra ID.

  4. Choose Mobility (MDM and WIP) in the Manage group.

  5. Select Microsoft Intune.

  6. Configure the settings in the Restore default WIP URLs group on the Configure pane.

    WIP user scope
    Use WIP autoenrollment to manage enterprise data on your employees' Windows devices. WIP autoenrollment will be configured for your own device scenarios.

    • None
      Select if no users can be enrolled in WIP.
    • Some
      Select Microsoft Entra groups that contain users who will be enrolled in WIP.
    • All
      Select if all users can be enrolled in WIP.

    WIP terms of use URL
    The WIP terms of use URL isn't supported for Microsoft Intune. This input box must be left blank for protection policies to apply.

    WIP discovery URL
    The URL of the enrollment endpoint of the WIP service. The enrollment endpoint is used to enroll devices for management with the WIP service.

    WIP compliance URL
    The WIP compliance URL isn't supported for Microsoft Intune. This input box must be left blank for protection policies to apply.

  7. Select Save.

Next steps

Create a WIP policy.