Forum Discussion
Exclude Intune apps from Conditional access/MFA
We have conditional access in place for all employees and we're about to join several 100 devices into MDM now through hybrid join AAD.
While testing, I discovered that MFA prevents enrollment in most real-life situations and I would like to disable MFA for this part.
I tried to add Intune and Intune enrollment to the excluded apps in the CA policy, but I can't save it, its giving me a "Invalid session control" error.
Session control is set up with "Sign-in frequency" and "Persistent browser session". I don't udnerstand whats invalid about this, can someone explain? Also, how can I fix this? Can I just set up another policy? But if I just copy everything from the first policy, the error will likely just show up again.
- cabletastic123Copper Contributor
hannessyZv hi there - experiencing the exact same issue here trying to exclude an app from MFA. Did you ever get a solution to this please?