Easily Configure Interactive Logon Message Using Intune
Let’s look at the steps to configure interactive logon message using Intune (MEM) for users. You can easily configure Intune interactive logon message for users using Settings Catalog.
An interactive logon message is useful to personalize the logon process, provide news or information, and for other similar purposes. The logon message appears just before the logon screen and disappears after the user clicks OK.
If you want to display a message to all the users before the login, an interactive logon message policy is the solution. Many organizations prefer to set a logon message for users displaying the company information, legal notices etc.
Another advantage of displaying a warning message before logon may help prevent an attack by warning malicious or uninformed users about the consequences of their misconduct before it happens.
I have covered one such example of displaying the Interactive logon message on domain controllers. There are multiple ways to display an interactive logon message for users :-
- You can run a PowerShell script and use it to display an interactive logon message for users.
- Using group policy, you can configure Legal Notices On Domain Computers.
- You can use Microsoft Intune (Endpoint Manager) to configure an Interactive logon message when users log in to their computers.
If you aren’t using Intune, you can always use a group policy to configure the logon message for users. With Intune settings catalog, you can easily enable and configure the interactive logon message and display it to users.
Intune Interactive Logon Message Settings
If you want to display an interactive logon message using Intune for users, you can configure the following settings. We will use both these settings to configure Intune Interactive Logon Message.
- Interactive Logon: Message Text for users attempting to log on – This security setting specifies a text message that is displayed to users when they log on. This text is often used for legal reasons, for example, to warn users about the ramifications of misusing company information or to warn them that their actions may be audited.
- Interactive Logon: Message Title for users attempting to log on – This security setting allows the specification of a title to appear in the title bar of the window that contains the Interactive logon: Message text for users attempting to log on. This text is often used for legal reasons – for example, to warn users about the ramifications of misusing company information, or to warn them that their actions might be audited.
Note – The Interactive logon: Message text for users attempting to log on and Interactive logon: Message title for users attempting to log on policy settings are closely related. There is a slight difference and if you read the description, you can find out that difference.
Configure Interactive Logon Message using Intune For Users
To configure Interactive logon message using Intune, sign in to Microsoft Endpoint Manager admin center. In the portal, go to Devices > Windows > Configuration Profiles. Click Create Profile.
When you create a profile in Intune, you select platform and profile type. In this case, select Platform as Windows 10 and later and Profile Type – Settings Catalog. Select Create.
On the Basics tab of Create profile section, specify the name and suitable description. For example, you can specify the profile name as “Configure Interactive Logon Message using Intune“. And description can be something like Specifies a text message to be displayed to users when they log on.
On the Configuration Settings tab, we will use the settings catalogs to configure the settings. Click Add Settings.
On the Settings Picker window, type Interactive Logon in the search box and click Search. The Interactive Logon message settings are located in the Local Policies Security Options.
Select Local Policies Security Options category and this category includes several settings related to interactive logon. Under Setting name, select or enable the following settings.
- Interactive Logon Message Text for users attempting to log on
- Interactive Logon Message Title for users attempting to log on
You have to configure both the settings since you selected them in the above step.
- Interactive Logon Message Text for users attempting to log on – Specify a text message to be displayed to users when they log on.
- Interactive Logon Message Title for users attempting to log on – Here you specify a title to appear in the title bar of the window that contains the text message. For example, you can specify the title like Logon Warning, Important Notice etc.
Click Next to continue.
On the Assignments tab, select Add Groups and include the groups to target the settings. Click Next.
Scope tags are optional, you can assign a tag to filter the profile to specific groups such. Click Next.
Finally, on the Review+Create tab, ensure you have defined the right settings for displaying the interactive logon message for users. Click Create.
You should now see a notification “Configure Interactive Logon Message Using Intune” which confirms the policy has been created successfully.
You have to wait until the groups will receive the policy settings that you just deployed. Let’s look at an example of how the interactive logon message appears for users.
Interactive Logon Message for Users
When the user logs in to the computer, a logon warning title and message text is displayed. The message title and text matches the one that we configured in the policy settings. The user can click OK to acknowledge the warning and proceed to log in.
Worth noting that this does not work on devices that use the AutoPilot process
You can add empty rows with blank spaces for line breaks, using Settings templates CSP for interactive logon messages.
I’d like to know how to configure that message so it looks decent. The line breaks that work in AD (” ,”) don’t work in Intune.
For using commas without it forcing the line break you can use the Single Low-9 Quotation Mark by pressing the following key combo