Intune – You can now send organization messages to Windows 11 devices

In 2029, Microsoft introduced a way to send messages to Android and iOS devices using Company Portal (see https://blog.hametbenoit.info/2019/07/24/intune-you-can-send-notification-to-managed-devices/).

Well, this functionality has been extended to now allows you to send messages to Windows 11 devices too.

With this updated functionality you can do the following:

  • Enable always-on device onboarding messages to help people ramp more quickly within your organization using up to 12 message types and personalized versions from your organization for the Get Started app.
  • Reach people during work on their device with important information updates from 7 different message types and personalized messages from your organization displayed on the Taskbar area and Windows notifications.
  • Use your organization’s logo for branded messages.
  • Deliver people to a custom destination URL for each organizational message.
  • Messages localized in 15 languages (with admin preview) that are displayed in a dark or light theme depending on user settings.
  • Schedule a time window and frequency for the delivery of the taskbar and notifications area messages—or set a message to always appear in the Get Started app for users onboarding new devices.
  • Select who can see a message by assigning it to Azure Active Directory (Azure AD) user groups.
  • Track the status of the organizational messages you’ve created as well as user engagement (count of message views and engagement).
  • Cancel scheduled or active organizational messages.
  • Delegate permissions for sending and managing organizational messages using the new Intune built-in role Organizational Messages Manager, or Azure AD built-in role for Organizational Messages Writer.

Prerequisites

Before being able to use this new capability you need to ensure you meet the below requirements:

  • Target devices must be running Windows 11 22H2 or later
  • Licensing; you must have either of the below licenses:
    • Microsoft 365 E3
    • Microsoft 365 E5
    • Endpoint Management + Security E3 and Windows Enterprise E3
    • Endpoint Management + Security E5 and Windows Enterprise E5
  • Role-based access control; to manage organizational message you need to have one of the below role assigned to your admin account:
    • Azure AD Global administrator
    • Intune administrator
    • Organizational messages manager (Microsoft Intune role)
    • Organizational messages writer (Azure AD role)
  • Logo requirements
    • PNG file
    • Transparent background
    • Size requirements:
      • Taskbar messages: 64 x 64 pixels
      • Notification area messages: 48 x 48 pixels
      • Get Started app messages: 50 pixels long x 50 – 100 pixels wide
  • The domain for your custom destination URLs must be added to your list of verified Azure AD custom domain
  • Policies configured for message delivery and Windows Spotlight (see below)

Policies

Message Delivery Policy

To allow organization message to be delivered to your Windows 11 devices you need to create a Settings catalog profile to enable the Enable delivery of organizational messages (User) option available under the Experience category

image

Windows Spotlight Policies

2 different policies must be in place to allow Windows Spotlight: one Device restriction profile type and one Settings catalog profile (you may merged this one with the Message Delivery Policy)

The settings depend on which option you want to use for the delivery.

Device restriction policy settings:

  • Taskbar messages:
    • Windows Spotlight: Select Not configured
    • Windows Spotlight Tips: Select Not configured
  • Notification area messages:
    • Windows Spotlight: Select Not configured
    • Windows Spotlight on Action Center: Select Not configured
  • Get Started app messages:
    • Windows Spotlight: Select Not configured

image

Settings catalog policy settings (under the Experience category):

  • Taskbar messages:
    • Allow Windows Spotlight (User): Select Allow
    • Windows Spotlight Tips: Select Allow
  • Notification area messages:
    • Windows Spotlight (User): Select Allow
    • Windows Spotlight on Action Center: Select Allow
  • Get Started app messages:
    • Allow Windows Spotlight (User): Select Allow
    • Disable Cloud Optimized Content: Select Disabled

image

Use and manage the organizational messages

Then you are ready to use the organizational message feature by accessing the Tenant administration\Organization messages blade

image

From there you can configure and manage your messages using the Messages tab

image

Depending of the message type, you have different themes available:

  • Taskbar
    • Mandatory update message
  • Notification area
    • Organizational HR training
    • Organizational skills training
    • Organizational training
    • Organization update
    • Update browser
    • Update device
  • Get started app

After selecting the corresponding theme you will be able to configure your logo, URL, language…

image

Leave a Comment

Your email address will not be published. Required fields are marked *