You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/protect/compliance-use-custom-settings.md
+2-3Lines changed: 2 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -44,7 +44,7 @@ Before you can add custom settings to a policy, you’ll need to prepare the Pow
44
44
45
45
- The JSON file defines the settings you want to base your custom compliance on, and the acceptable values for those settings. You can also configure messages for device users for how to restore compliance for each setting. You’ll upload the file when you create a compliance policy that will include custom compliance settings.
46
46
47
-
After you’ve deployed custom compliance settings and devices have reported back, you’ll be able to view the results alongside the built-in compliance setting details in the Microsoft Endpoint Manager admin center. Custom settings can also be used for conditional access decisions, the same as the built-in compliance settings.
47
+
After you’ve deployed custom compliance settings and devices have reported back, you’ll be able to view the results alongside the built-in compliance setting details in the Microsoft Endpoint Manager admin center. Custom compliance settings will be used for conditional access decisions, the same way built-in compliance settings are. Together they form a compound rule set, equally affecting the device compliance state.
48
48
49
49
## Prerequisites
50
50
@@ -89,14 +89,13 @@ During the workflow to create a compliance policy, on the *Compliance settings*
89
89
5. Complete the compliance policy creation task and assign the policy to devices.
90
90
91
91
> [!NOTE]
92
-
> When a Windows device receives a compliance policy with custom settings, the device runs an MSI that installs services that enable the client to download and run PowerShell scripts that are part of a compliance policy, and to upload compliance results. Actions managed by the services include:
92
+
> When a Windows device receives a compliance policy with custom settings, it checks for the presence of [Intune Management Extensions](../apps/intune-management-extension.md). If not found, the device runs an MSI that installs the extensions, enabling the client to download and run PowerShell scripts that are part of a compliance policy, and to upload compliance results. Actions managed by the services include:
93
93
>
94
94
> - Checking for new or updated PowerShell scripts every eight hours.
95
95
> - Running the discovery scripts every eight hours.
96
96
> - Running scripts that download when a user selects Check Compliance on the device. However, there is no check for new or updated scripts when Check Compliance is run.
97
97
> - Don't support push notifications to enable custom compliance to run on demand.
98
98
>
99
-
> For more information, see [Add PowerShell Add PowerShell scripts to Windows 10/11 devices in Microsoft Intune.
0 commit comments