หมายเหตุ
การเข้าถึงหน้านี้ต้องได้รับการอนุญาต คุณสามารถลอง ลงชื่อเข้าใช้หรือเปลี่ยนไดเรกทอรีได้
การเข้าถึงหน้านี้ต้องได้รับการอนุญาต คุณสามารถลองเปลี่ยนไดเรกทอรีได้
The remote lock device action locks a managed device so the user must enter the existing passcode or PIN to continue. Use this action when a device is misplaced, left unattended, or suspected of unauthorized use without wiping data or removing enrollment.
Important
Remote lock is only effective if a passcode or PIN is already set:
- If no passcode exists, the screen may just turn off and the user can still access the device.
- Enforce a passcode policy before relying on this action.
Prerequisites
Device platform requirements
This remote action supports the following platforms:
- Android Enterprise corporate-owned dedicated (COSU)
- Android Enterprise corporate-owned fully managed (COBO)
- Android Enterprise corporate-owned work profile (COPE)
- Android Open Source Project (AOSP)
- iOS/iPadOS
- macOS
Roles requirements
To execute this remote action, at a minimum, use an account that has one of the following roles:
- Help Desk Operator
- School Administrator
- Endpoint Security Manager
- Custom role that includes:
- The permission Remote tasks/Remote lock
- Permissions that provide visibility into and access to managed devices in Intune (for example, Organization/Read, Managed devices/Read)
How to remote lock a device from the Intune admin center
- In the Microsoft Intune admin center, select Devices > All devices.
- From the devices list, select a device.
- At the top of the device overview pane, find the row of remote action icons. Select Remote lock.
- Set a six-digit recovery PIN.
Note
The recovery PIN is shown on the device overview pane for up to 30 days, or until another device action is sent. Record it securely; it can't be retrieved afterward. Don't resend remote lock to the same macOS device until that PIN is used—additional attempts show a Failed status in reporting.
Reference links
- Microsoft Graph API: remoteLock action