In enterprise environments, unrestricted access to Task Manager’s “End Task” action can lead to serious operational issues. Standard (non-admin) users may accidentally – or intentionally – terminate business-critical applications, background services, or security agents, resulting in data loss or service disruption.

With Microsoft Intune Settings Catalog, administrators can centrally disable the End Task option in Task Manager without scripts, registry hacks, or custom ADMX ingestion.

This guide walks you through exactly how to configure this setting in Intune, step by step.

Why Disable “End Task” for Non-Administrative Users?

Disabling the End Task option is especially useful in:

• Kiosk or shared devices
• Call center and frontline worker systems
• Highly regulated environments
• Line-of-business (LOB) application lockdown scenarios

Key Benefits

• Prevents accidental termination of critical apps
• Reduces helpdesk tickets
• Improves device stability
• Enforces least-privilege security principles
• Centralized control via Intune (no local changes)

Prerequisites

Before you begin, ensure:

• Windows 10 / Windows 11 devices are Azure AD joined or Hybrid joined
• Devices are enrolled in Microsoft Intune
• You have Intune Administrator or Policy Administrator permissions
• Target users are non-administrators (standard users)

Understanding the Policy Scope

This configuration specifically targets non-administrative users, meaning:

• Standard users will be unable to end tasks or processes in Task Manager
• Local administrators and domain administrators will retain full Task Manager functionality
• The restriction applies at the user level, not the device level 
• Users will see grayed-out or disabled End Task buttons when the policy is applied

Step-by-Step: Disable End Task Using Intune Settings Catalog

Step 1: Sign in to Microsoft Intune Admin Center

1. Go to https://intune.microsoft.com
2. Sign in with an administrator account

Step 2: Create a New Configuration Profile

1. Navigate to:

• Devices → Configuration profiles

2. Click Create profile

3. Click Create

Step 3: Name the Profile

Use a clear, descriptive name:

1. Name: "Task Manager Restrictions - Standard Users"
2. Description: "Prevents non-administrative users from ending tasks in Task Manager to maintain system stability and prevent accidental termination of critical processes."
3. Click Next

Step 4: Add the Required Setting

1. Click Add settings
2. Search for “Task Manager“
3. Select the Task Manager category
4. Click on the Search button
5. Click on the Allow End Task Checkbox.
6. Toggle the setting bar to left to change it to Blocked state.
7. Click Next

Step 5: Scope Tags Tab 

1. Add appropriate scope tags if your organization uses them
2. Click Next

Step 6: Assign the Policy to Target Groups

1. Under Included groups, click + Add groups
2. Select the security group(s) that should receive this policy
3. Click Select to confirm group selection
4. Click Next

Step 7: Review and Create

1. Review your settings
2. Click Create

The policy will sync automatically during the next Intune check-in.

Step 8: Monitor Policy Deployment

After creating the policy, it’s important to monitor its deployment status to ensure it’s reaching target users successfully.

1. Navigate back to Devices > Configuration > Policies
2. Locate your newly created policy in the list
3. Click on the policy name to open its details
4. Review the deployment status showing:

• • Number of users or devices assigned
  • Success, error, or pending status
  • Any conflicts with other policies

Step 9: Verify the Policy on End-User Devices

Testing is crucial to confirm that the policy works as intended before considering the deployment complete.

For a standard user account:

• Sign in to a test device with a non-administrative user account that’s part of the assigned group
• Wait for the Intune policy to sync (or manually sync through Settings > Accounts > Access work or school > Info > Sync)
• Press Ctrl + Shift + Esc to open Task Manager
• Observe that either: 
• • The End Task button is grayed out or disabled
  • Right-click on any process and verify that the End Task option is unavailable

For an administrative user account:

• Sign in with an administrator account 
• Open Task Manager using Ctrl + Shift + Esc
• Verify that all Task Manager functionality, including End Task, works normally
• This confirms that administrators are not affected by the restriction

Conclusion

Disabling the End Task option in Task Manager using Intune Settings Catalog is a clean, supported, and scalable solution for protecting enterprise Windows devices from accidental disruptions.

With no scripts, no registry changes, and full cloud-based management, this approach aligns perfectly with modern endpoint management best practices.