In this blog post, we will test a settings catalog policy called Interactive Logon Do Not Require CTRLALTDEL. This policy is used to enable or disable interactive logon on Windows 10/11 computers. For security reasons, you may want users to press Ctrl + Alt + Del before signing in. By default, Interactive logon is enabled and users are not required to press Ctrl+Alt+Del keys for sign in.
There is a corresponding policy when you are using Active directory group policy. The policy setting is Interactive logon: Do not require CTRL + ALT+ DEL under Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options.
Intune Policy to Enable/Disable CTRL+ALT+DEL Key Logon
- Sign in to Intune admin center > Devices > Windows > Configuration > Create > New Policy.
- Platform: Windows 10 and later
- Profile type: Settings catalog
- Click Create.
- On the Basics tab, provide a Name and Description of the policy and click Next.
- On Configuration settings tab, click on + Add settings and use the Settings picker to search using interactive logon keyword and select Local Policies Security Options. Check the policy Interactive Logon Do not Required CTRLALTDEL.
- Use the toggle switch to disable this setting. That means Interactive logon will be disabled and users will be required to press Ctrl+Alt+Del to Sign in.
Monitoring Policy Deployment Progress
- Sign in to the Intune admin center > Devices > Configuration.
- Choose the Device Configuration profile you want to work with, and at the top of the page, you’ll see a quick view of the Success, Failure, Conflict, Not Applicable, and In Progress status.
- Click on View report to access more detailed information.
Sync Intune Policies
The device check-in process might not begin immediately. If you’re testing this policy on a test device, you can manually kickstart Intune sync from the device itself or remotely through the Intune admin center.
Alternatively, you can use PowerShell to force the Intune sync on Windows devices. Restarting the device is another way to trigger the Intune device check-in process.
End User Experience
After Intune configuration policy has been applied successfully, restart your device once, and you will notice the Logon screen message Press Ctrl+Alt+Delete to unlock. This confirms that the input policy is working fine.
