Easily Locate Device with Microsoft Intune
You can easily locate device with Microsoft Intune using the Locate Device remote action. The locate device remote action in Intune is applicable for both Windows 10 and iOS/iPadOS devices. The Locate Device remote action for Windows 10 devices was first added in Intune Service release 2104.
According to Microsoft, you can easily locate lost or stolen iOS/iPadOS or Windows 10 devices with Intune. Personally I had not tested this feature before and I was curious to locate my Windows 10 device with Microsoft Intune.
The locate device remote action is available when you sign in to the Microsoft Endpoint Manager admin center and choose Devices > Windows > Select a Windows 10 device > Locate device.
Note – It is important that Location services must be enabled on devices for this remote action to work. If Intune is unable to fetch the device’s location and the user has set a default location in device settings, it will display the default location.
The iOS/iPadOS devices offer slight advantage over Windows devices. When you configure lost mode, you can customize a message that appears on the lock screen. In this message, to help the person that finds the device, you may include specific details to return the lost device.
Prerequisites for Locate Device Remote Action
Before you start to locate device with Microsoft Intune, there are few prerequisites. The Locate Device remote action in Microsoft Intune is applicable to following operating systems.
- iOS/iPadOS 9.3 and later (These devices must be in supervised mode. Before you use this action, be sure the device is in lost mode.)
- Windows 10 version 20H2 (10.0.19042.789) or later
- Windows 10 version 2004 (10.0.19041.789) or later
- Windows 10 version 1909 (10.0.18363.1350) or later
- Windows 10 version 1809 (10.0.17763.1728) or later
The locate device remote action feature isn’t supported for the following systems.
- Windows Phone
- macOS
- Android
How to Locate Device with Microsoft Intune
Use the below steps to locate Windows 10 device with Microsoft Intune.
- First sign in to the Microsoft Endpoint Manager admin center.
- Select Devices, and then select All devices.
- From the list of devices you manage, choose a Windows 10 device and then choose the Locate device remote action.
- After the device is located, its location is shown in Locate device.
On the locate device window, you will see a Bing map with the location of device. When you use the locate device action, the latitude and longitude coordinates of the device are retrieved by using the Graph API.
In my testing, it took approximately 30-60 minutes to find the location of the Windows 10 device for the first time. The next time when I located the same Windows 10 device, it displayed the map in just 30 seconds.
On the top right corner of the map you have some map view options.
- Road View – A Standard road map
- Aerial view – A detailed look from above
- Bird’s eye – A better angle of aerial photography. This option was disabled in my case.
Selecting the Aerial view shows the device location in a better way. You can Zoom in and Zoom out the location with the help of + and – icons. The location data is encrypted, both while stored and while being transmitted.
Once the device has been successfully located, you should see the Locate Device status as Completed. The Locate Device remote action can be triggered multiple times for a device.
Under Device action status, you should see the Locate Device status as Completed. You also see date and time stamp along with the Completion status. Once you find the location of device, the data is stored for 24 hours and then removed. You can’t manually remove the location data.
When I tested, I got a notification in the Windows machine that my Tenant accessed location of this computer
Can we get the location data for a specific users laptop and potential also run a KQL query (I can set it to run the alert based on the query every 4hrs) to get constant data relating to the laptop or is this something that has to be triggered manually?
Will the end user know that the laptop is being monitored?
When I tested, I got a notification in the Windows machine that my Tenant accessed location of this computer
How can Location Services be enabled using Endpoint Manager?
All my devices are marked corporate, but device location is still greyed out for me. Anyone with any ideas? MS support doesn’t seem to know how to turn it on.
Can you confirm the device OS ?.
The feature is avalable for some of our Windows 10 devices and greyed out for others. Do you why this might be?
The device must be marked as corporate for the option to be available. Personal devices will have this option greyed out.
Our iPhones won’t let you do the locate device command until put them into lost mode.