Policy CSP example: making an MDM profile non-removable on Windows 10 and 11

Remotely managed Windows 10 and 11 devices are connected to LogMeIn Resolve MDM by installing a work account/ MDM

profile to the device. Device users can, by default, disconnect the work account, which effectively removes the device from the management. In this article, we explain how you can make the work account non-removable and prevent users from disabling the management.

Before you begin: You must meet the following requirements:

This policy is supported on Pro, Business, Enterprise, and Education editions of Windows 10 and 11.

Go to Management > Configuration profiles page on LogMeIn Resolve MDM and add a new Custom policy configuration profile for Windows.
Fill in the CSP policy Area name, Policy name, and Value as described in Microsoft's Policy CSP documentation and click Add.

The layout of the screen may look different in the product.
Proceed with Next and give a name and description for the profile.
The final stage is to deploy the profile to your Windows 10 and 11 computers.

Results: If a user tries to remove the work account after the deployment, he/she will see a message saying "This work or school account cannot be removed by system policy."

Article last updated: 20 January, 2025

Were you able to complete your task?

GoTo Connect

GoTo Meeting

GoTo Webinar

GoTo Room

GoTo Training

OpenVoice

Grasshopper

join.me

LogMeIn Resolve

LogMeIn Resolve MDM

LogMeIn Pro

LogMeIn Central

LogMeIn Rescue

GoToMyPC

GoToAssist

Hamachi

RemotelyAnywhere