Forum Discussion

hannessyZv's avatar
hannessyZv
Copper Contributor
Jul 05, 2023

Exclude Intune apps from Conditional access/MFA

We have conditional access in place for all employees and we're about to join several 100 devices into MDM now through hybrid join AAD.

While testing, I discovered that MFA prevents enrollment in most real-life situations and I would like to disable MFA for this part.

I tried to add Intune and Intune enrollment to the excluded apps in the CA policy, but I can't save it, its giving me a "Invalid session control" error.

Session control is set up with "Sign-in frequency" and "Persistent browser session". I don't udnerstand whats invalid about this, can someone explain? Also, how can I fix this? Can I just set up another policy? But if I just copy everything from the first policy, the error will likely just show up again.

  • cabletastic123's avatar
    cabletastic123
    Copper Contributor

    hannessyZv hi there - experiencing the exact same issue here trying to exclude an app from MFA. Did you ever get a solution to this please?

Resources