How to Block OOC and Unmanaged Device Registration
- Agat Support
- Avi J. Levin (Unlicensed)
- Former user (Deleted)
Without using SkypeShield App
The maintenance Service can be set to block OOC devices.
In order to get to the registration settings, sign in to the Admin Portal admin area → Settings → Maintenance Service → MDM, or by using the following URL:/admin/settings?category=settings_housekeeping_service_category_header
Set 'Block devices that are OOC in MDM' to 'Yes'.
Set 'Block device that are not managed in MDM' to 'Yes' too.
Warning!
Configuring to block only devices that are OOC without the blocking unmanaged devices,
might allow a user to connect a unmanaged device which is OOC.
Please consider to allow blocking unmanaged devices too!
Using SkypeShield App
One of the MDM integration features is to set a policy to block Out-Of-Compliance (OOC) or/and devices that are not managed by the MDM server.
In order to get to the registration settings, sign in to the Admin Portal admin area → Settings → MDM integration → OOC registration validation, or by using the following URL: /admin/settings?category=mdm_integration_settings
There are 3 OOC registration validation options:
Block if OOC
This policy will only block a device if it will find a record in the MDM server that this device is OOC.
Registration will still be allowed if no matching device is set in the MDM server.
Block if OOC or device is not managed
This policy will block devices if they have a record in the MDM server that this device is OOC.
Also, registration will be blocked if there is no matching record in the MDM server for this device.
Do not check OOC
This policy will not check if the device is OOC or not managed by the MDM server.