使用 Intune 重設 Windows 裝置的密碼Reset the passcode on Windows devices using Intune

您可以重設 Windows 裝置的密碼。You can reset the passcode for Windows devices. 重設密碼功能使用了 Microsoft PIN 重設服務,來為執行 Windows 10 行動裝置版的裝置產生新密碼。The reset passcode feature uses the Microsoft Pin Reset Service to generate a new passcode for devices that run Windows 10 Mobile.

支援的平台Supported platforms

  • 執行 Creators Update 和更新版本 (已聯結 Azure AD) 的 Windows 10 行動裝置版。Windows 10 Mobile running Creators Update and later (Azure AD joined).

以下是不支援的平台:The following platforms are not supported:

  • WindowsWindows
  • iOSiOS
  • macOSmacOS
  • AndroidAndroid

授權 PIN 重設服務Authorize the PIN reset services

若要重設 Windows 裝置上的密碼,請將 PIN 重設服務導入您的 Intune 租用戶。To reset the passcode on Windows devices, onboard the PIN reset service to your Intune tenant.

  1. 移至 Microsoft PIN 重設服務生產,並使用租用戶系統管理員帳戶登入。Go to Microsoft PIN Reset Service production, and sign in using the tenant administrator account.
  2. 接受以同意 PIN 重設服務存取您的帳戶:接受 PIN 重設伺服器要求權限Accept consent for the PIN reset service to access your account: Accept the PIN Reset Server request for permissions
  3. 移至 Microsoft PIN 重設客戶端生產,並使用租用戶系統管理員帳戶登入。Go to Microsoft PIN Reset Client production, and sign in using the tenant administrator account. 接受以同意 PIN 重設用戶端存取您的帳戶。Accept consent for the PIN reset client to access your account.
  4. Azure 入口網站中,確認 PIN 重設服務已列在企業應用程式 (所有應用程式) 中:PIN 重設服務權限頁面In the Azure portal, confirm that the PIN reset services are listed in Enterprise applications (All applications): PIN reset service permissions page

注意

接受 PIN 重設要求之後,您可能會收到 Page not found 訊息,或可能看似沒有任何反應。After you Accept the PIN reset requests, you may get a Page not found message, or it may appear as if nothing happens. 此為正常現象。This behavior is normal. 請務必確認該兩項 PIN 重設應用程式均已列給您的租用戶。Be sure to confirm that the two PIN Reset applications are listed for your tenant.

設定 Windows 裝置使用 PIN 重設Configure Windows devices to use PIN reset

若要在您管理的 Windows 裝置上設定 PIN 重設,請使用 Intune Windows 10 自訂裝置原則To configure the PIN reset on the Windows devices you manage, use an Intune Windows 10 custom device policy. 使用下列 Windows 原則設定服務提供者 (CSP) 設定原則:Configure the policy using the following Windows policy configuration service provider (CSP):

使用裝置原則 - ./Device/Vendor/MSFT/PassportForWork/*tenant ID*/Policies/EnablePinRecoveryUse the device policy - ./Device/Vendor/MSFT/PassportForWork/*tenant ID*/Policies/EnablePinRecovery

以您 Azure AD 目錄的識別碼取代租用戶識別碼,這會列在 Azure 入口網站中 Azure Active Directory 的屬性裡。Replace tenant ID with your Azure AD Directory ID, which is listed in the Properties of Azure Active Directory in the Azure portal.

針對此 CSP 將值設定為 TrueSet the value for this CSP to True.

提示

建立原則之後,將其指派 (或部署) 給群組。After you create the policy, you assign (or deploy) it to a group. 原則可以指派給使用者群組或裝置群組。The policy can be assigned to user groups or a device groups. 如果您指派給使用者群組,該群組可能包含其他裝置 (例如 IOS) 的使用者。If you assign it to a users group, then the group may include users who have other devices, such as IOS. 技術上來說並不會套用原則,但這些裝置仍然會包含在狀態詳細資料中。Technically, the policy doesn't apply, but these devices are still included in the status details.

重設密碼Reset the passcode

  1. 登入 Azure 入口網站Sign in to the Azure portal.
  2. 選取 [All services] (所有服務),篩選 [Intune],然後選取 [Microsoft Intune]。Select All services, filter on Intune, and select Microsoft Intune.
  3. 選取 [裝置],然後選取 [所有裝置]。Select Devices, and then select All devices.
  4. 選取您要重設密碼的裝置。Select the device you want to reset the passcode. 在裝置屬性中,選取 [新密碼]。In the device properties, select New passcode.
  5. 選取 [是] 確認。Select Yes to confirm. 密碼即產生,而且會在入口網站中顯示七天。The passcode is generated, and is displayed in the portal for the next seven days.

後續步驟Next step

如果密碼重設失敗,入口網站會提供連結供您取得更多詳細資訊。If the passcode reset fails, a link is provided in the portal that provides more details.