In this article, I will show you how to Remotely lock devices with Intune. With Intune Remote Lock device action, you can lock any remote devices such as Android, iOS, macOS from the MEM admin console.
In simple words, the Intune Remote lock device action locks the device. To unlock the device, the device owner must enter their passcode or PIN.
So, when do we use the remote lock action in Intune? If a device is lost or stolen and regardless of where the device is, you can remotely lock it via Intune. A person must enter the correct passcode before the device can be unlocked and used again.
Note that you can remotely lock devices that have a PIN or password set. Devices that don’t have a PIN or password can’t be remotely locked. This is an important requirement for locking devices remotely using Intune.
The remote lock actions work similar for different device platforms – Android, iOS, macOS. I will show you multiple instances of initiating the remote lock device action on my Android mobile and iOS device. My Android mobile and iOS device is enrolled in Intune and I have performed a recent sync via company portal app.
When you enroll user’s Android device, they get access to company email, files, applications and other resources. To learn more enrolling Android devices in Intune, refer to how to enroll your Android device in Microsoft Intune.
Supported Device Platforms for Remote Lock
Remote lock is supported for the following platforms:
- Android Devices
- Android Enterprise kiosk devices
- Android Enterprise work profile devices
- Android Enterprise fully managed devices
- Android Enterprise corporate-owned with work profile devices
- iOS
- macOS
Note: The Remote lock device action in Intune isn’t supported for Windows 10 desktop and Windows 11 desktops. The option to remote lock and reset passcode device actions are disabled or greyed out for Windows OS in Intune. Microsoft may add the remote lock support for Windows Devices in future.
How to Remotely lock devices with Intune
To remotely lock devices from Intune portal :-
- Sign in to the Microsoft Endpoint Manager admin center.
- In the Intune portal, select Devices > All devices.
- In the list of devices, select a device, and then select the Remote lock device action.
When you initiate a remote lock action, you get a confirmation box. Are you sure you want to lock this device? Users with the passcode will be able to unlock the device. Select Yes.
As soon as you trigger a remote lock on a device, in the Intune portal, under Notifications, you see a new notification – Remote lock initiated. This confirms the remote lock has been initiated on a remote device.
In the Intune portal, you can check the status of remote lock for a device. Select the device on which you initiated the remote lock and check Device Action Status. It now shows Remote lock status as complete. This means the remote lock has been successful on our Android Device.
Regarding the end-user experience, I noticed that my Android mobile instantly got locked after I triggered the remote lock action. To unlock it, I had to enter the PIN.
How to Remote Lock iOS Devices with Intune
With Intune, you can lock remote iOS devices and this can be initiated from the admin console. Before you initiate remote lock for iOS devices, the following prerequisites are important.
- Ensure devices have a PIN or password policy enforced before using the Remote lock action to lock the device.
- The iOS devices must be enrolled into Intune. Read this guide on how to enroll iOS devices in Intune.
To remote lock iOS devices in Intune:
- Sign in to the Microsoft Endpoint Manager admin center.
- In the Intune portal, select Devices > iOS/iPadOS Devices
- From the list of devices, select the iOS device, and then select the Remote lock device action.
When you initiate a remote lock for iOS device, you see the following message: Are you sure you want to lock this device? A locked device can only be unlocked by users with a passcode. Devices without a passcode will still be accessible to any user. To continue with remote lock action, click Lock.
After the remote lock is triggered for iOS device, in the Intune portal, under Notifications, you see a new notification – Remote lock initiated. This confirms the remote lock has been initiated on a remote iOS device.
In the Intune portal, you can monitor the status of remote lock for a iOS device. Select the iOS device on which you initiated the remote lock and check Device Actions Status. It now shows Remote lock status as complete along with Date and Time information. This confirms the remote lock has been successful on our iOS device.
Remote Lock macOS Devices with Intune
The procedure to lock remote macOS devices in Intune is as follows:
- Sign in to the Microsoft Endpoint Manager admin center.
- In the Intune portal, select Devices > macOS Devices
- From the list of devices, select the macOS device, and then select the Remote lock device action.
After the remote lock is triggered for macOS device, in the Intune portal, under Notifications, you see a new notification – Remote lock initiated. This confirms the remote lock has been initiated on a remote macOS device.
Note: For macOS devices, you set a 6-digit recovery PIN. When the device is locked, the Device overview displays the PIN until another device action is sent. Please make sure to write down the pin since it will only be available for 30 days after the remote lock command is sent. After the 30 days, Intune will no longer have the PIN.
Still Need Help?
If you need further assistance on the above article or want to discuss other technical issues, check out some of these options.