Compliance policy settings is to define rules and settings to users and devices and they must meet the requirements. It works with or without conditional access. With conditional access, we can alllow or restrict the devices to access organization resources. In this post, I configured compliance settings for minimum OS version and deployed to devices. The device with specified OS version & above will report as Compliant and other devices will report as Non-compliance. By default, the devices is in non-compliant status.
1. Open Microsoft 365 device management portal and navigate to Device Compliance -> Policies.
2. On the Policies blade, click Create Policy.
3. Please provide the below information on the Create Policy blade.
Name: Win10 Min OS Version
Platform: Windows 10 and later
Click Settings -> Device Properties -> Provide Minimum OS Version and click ok to return to Create Policy blade. Open Command prompt and type ver to get the OS version details.
4. Click Actions for Non-Compliance and Mark Device noncompliant actions has configured by default and also, specify the number of days(0 by default).
5. Assign a scope tag to this policy and click to create the policy.
6. Now, please assign the policy to the groups and click Save to complete the assignment.
7. After compliance policy applied, the device reports as Compliance in the console.