在 Microsoft Intune 中创建设备合规性策略Create a device compliance policy in Microsoft Intune

适用于:经典门户中的 IntuneApplies to: Intune in the classic portal
在寻找有关 Azure 门户中 Intune 的文档吗?Looking for documentation about Intune in the Azure portal? 请转到此处Go here.

本主题概述了创建合规性策略时可使用的步骤,设备必须遵循该策略才能被视为相容。This topic outlines the steps you can use to create a compliance policy that a device must follow in order to be considered compliant.

步骤 1:添加新策略Step 1: Add a new policy

Microsoft Intune 管理控制台中,选择“策略”>“遵从性策略”>“添加”。In the Microsoft Intune administration console, choose Policy > Compliance Policies > Add.

Intune 管理控制台中“合规性策略”页的屏幕截图,显示了页面顶部菜单中的“添加”选项

步骤 2:配置设置Step 2: Configure settings

在“创建策略” 页上启用所需的设置:On the Create Policy page, enable the settings you require:

  • 密码和加密等系统安全设置。The system security settings, like password and encryption.
  • 设备运行状况设置,例如,设备是否已越狱,或者是否在 Windows 设备运行状况证明服务中被报告为正常。Device health settings, like whether or not a device is jailbroken, or is reported healthy by the Windows device health attestation service.
  • 设备属性设置,例如所需的最低操作系统版本或允许的最高操作系统版本。Device property settings, like the minimum operating system version required or maximum operating system version allowed. “创建策略”页的“常规”选项卡General tab of the Create Policy page

步骤 3:保存策略Step 3: Save the policy

完成后,请选择“保存策略”。When you are finished, choose Save Policy.

可以选择在保存策略后立即部署策略,也可以选择稍后部署策略。You have the option to deploy the policy right after saving the policy, or you can choose to deploy it later. 新的策略将在“策略”工作区的“合规性策略”节点处显示。The new policy displays in the Compliance Policies node of the Policy workspace.

步骤 4:设置合规性状态有效期Step 4: Set the compliance status validity period

若要指定设备必须签入的时间,在该设备被视为不合规之前,请转到合规性策略设置并更新时间。To specify the time the device has to check in before a device is considered not compliant, go to compliance policy settings and update the time. 默认设置为 30 天。The default is set to 30 days.

策略菜单栏中的合规性策略设置选项

合规性策略对话框

支持的策略设置Supported policy settings

下表列出了合规性策略设置和支持这些设置的平台。The following table lists the compliance policy settings and the platforms on which they are supported.


SettingSetting iOSiOS AndroidAndroid WindowsWindows
需要密码才可解锁移动设备Require a password to unlock mobile devices iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
允许简单密码Allow simple passwords iOS 6 及更高版本iOS 6 and later 不支持Not supported Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
最短密码长度Minimum password length iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows 8.1Windows 8.1
所需的密码类型Required password type iOS 6 及更高版本iOS 6 and later 不可用Not available Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows RTWindows RT
Windows RT 8.1Windows RT 8.1
Windows 8.1Windows 8.1
最小字符集数Minimum number of character sets iOS 6 及更高版本iOS 6 and later 不可用Not available Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows RTWindows RT
Windows RT 8.1Windows RT 8.1
Windows 8.1Windows 8.1
密码质量Password quality 不可用Not available Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
不可用Not available
需要提供密码之前处于非活动状态的分钟数Minutes of inactivity before password is required iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows RT 和 Windows RT 8.1Windows RT and Windows RT 8.1
Windows 8.1Windows 8.1
密码过期(天)Password expiration (days) iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows RT 和 Windows RT 8.1Windows RT and Windows RT 8.1
Windows 8.1Windows 8.1
记住密码历史记录Remember password history iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows RT 和 Windows RT 8.1Windows RT and Windows RT 8.1
Windows 8.1Windows 8.1
防止重用以前的密码Prevent reuse of previous passwords iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows RT 和 Windows RT 8.1Windows RT and Windows RT 8.1
Windows 8.1Windows 8.1
当设备从空闲状态返回时需要密码Require a password when the device returns from an idle state 不可用Not available 不可用Not available Windows 10 移动版Windows 10 Mobile
需要对移动设备加密Require encryption on mobile device 不适用Not applicable Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows 8.1Windows 8.1
要求设备被报告为正常Require devices to be reported as healthy 不可用Not available 不可用Not available WindowsWindows
Windows 10 移动版Windows 10 Mobile
设备不能已越狱或取得 root 权限Device must Not be jailbroken or rooted iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
不可用Not available
必须由 Intune 管理电子邮件帐户Email account must be managed by Intune iOS 6 及更高版本iOS 6 and later 不可用Not available 不可用Not available
选择必须由 Intune 管理的电子邮件配置文件Select the email profile that must be managed by Intune iOS 6 及更高版本iOS 6 and later 不可用Not available 不可用Not available
所需的最低操作系统Minimum OS required iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows 8.1Windows 8.1
允许的最高操作系统版本Maximum OS version allowed iOS 6 及更高版本iOS 6 and later Android 4.0 及更高版本Android 4.0 and later
Samsung KNOX 标准版 4.0 和更高版本Samsung KNOX Standard 4.0 and later
Windows Phone 8.1 及更高版本Windows Phone 8.1 and later
Windows 8.1Windows 8.1

选择以下值之一,了解有关每个平台上支持的合规性设置的详细信息:Select one of the following to learn more about compliance settings supported on each platform:

后续步骤Next steps

部署和监视合规性策略Deploy and monitor a compliance policy

另请参阅See also

设备合规性策略简介Introduction to device compliance policies