Forum Discussion
Conditional Access with Android phones
Thijs LecomteI would like to resurrect this topic, as we are also having this issue with enabling enrolled android devices with native/manufacturer developed email clients.
From the Conditional Access (CA) logs, the android devices did not report back to AAD/CA its compliance status. Its simply blank. See below for screenshot.
Seems like I can only ID the device by OS, not its state. Not sure if this is a limitation on the Android side since iOS is reporting all info to CA.
Thijs Lecomte We are using android work profile, they are all personal owned devices.
I am pulling hairs out trying to figure this out.
- I just checked and I am also not seeing it in a couple of tenants.
Are the devices failing on device compliance?Thijs Lecomte They are showing up as compliant under Intune. I have about 20 Androids now that we have started the MDM enrollment last month.
I have a ticket open with Microsoft and its in the process of being escalated. At this moment I cannot do a Conditional Access Policy based on device compliance. I have a policy that will require MFA for non-managed devices connecting to cloud apps (Workday), and it simply not working for Android.
The support person was sort of arguing with me because I put the ticket in about android vendor specific email app (Samsung email on a Galaxy s9) not working in the same logic.
Thanks for all your help.