Manage devices enrolled in Mobile Device Management in Office 365

The built-in Mobile Device Management for Office 365 helps you secure and manage your users' mobile devices like iPhones, iPads, Androids, and Windows phones. The first step is to sign in to Office 365 and set up MDM for Office 365.

After you've set it up, the people in your organization must enroll their devices in the service. Then you can use MDM for Office 365 to help manage devices in your organization. For example, you can use device security policies to help limit email access or other services, view devices reports, and remotely wipe a device. You'll typically go to the Security & Compliance Center to do these tasks.

Device management tasks

After you've got MDM for Office 365 set up, here's how you can manage the mobile devices in your organization.

To do this…

Do this

Wipe a device

Go to Security & Compliance Center> Security policies > Device management. Select device name, then Full wipe to delete all information or Selective wipe to delete only organizational information on the device.

See Wipe a device in Office 365.

Block unsupported devices from accessing Exchange email using Exchange ActiveSync

Go to Security & Compliance Center> Security policies > Device management > Manage device access settings. Select Block.

Set up device policies like password requirements and security settings

Go toSecurity & Compliance Center > Security policies > Device security policies > Add + Add icon .

See Create and deploy device security policies.

View list of blocked devices

Go to the Security & Compliance Center, then Device management > Select a view > Blocked.

Unblock noncompliant or unsupported device for a user or group of users

You can unblock noncompliant devices several ways depending on your situation. Pick one of the following:

  • Remove the user or users from the security group the policy has been applied to. Go to Office 365 admin center > Groups, and then select group name. Click Edit members and admins.

  • Remove the security group the users are a member of from the device policy. Go to Security & Compliance Center> Security policies > Device security policies. Select device policy name, then click Edit Edit icon > Deployment.

  • Unblock all noncompliant devices for a device policy. Go to Security & Compliance Center> Security policies > Device security policies. Select device policy name and then click Edit Edit icon > Access requirements. Select Allow access and report violation.

To unblock a noncompliant or unsupported device for a user or a group of users, go to Go to Security & Compliance Center> Security policies > Device management > Manage device access settings. Add a security group with the members you want to exclude from being blocked access to Office 365. See Create, edit, or delete a security group.

Remove users so their devices are no longer managed by MDM

Edit the security group which has device management policies for MDM to remove the user. See Create, edit, or delete a security group.

To remove MDM from all your Office 365 users, see Turn off Mobile Device Management in Office 365.

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×