Forum Discussion

Gordon_Smith3520's avatar
Gordon_Smith3520
Copper Contributor
Oct 04, 2023

Allow Polycom models to be enrolled but block other personally owned Android devices.

Is there a way through a compliance policy or conditional access policy to allow Polycom models to be enrolled in Intune but block other personally owned Android devices? Polycom models with Teams are enrolled as personal/Android (device administrator) devices so they can be managed through the Microsoft Teams Admin Center. Not realizing the Polycom models were installing in Intune we set the device platform restriction for Android models personally owned to block. When we did the Unified Communications Team started having issues when trying to onboard a Polycom phone. In additional reading provided by Microsoft the serial numbers can't be added as corporate device identifiers. Looking for any direction that we can take to allow these Polycom models to be enrolled but still able to block other Android personally owned devices.  

  • If you can group them in a Dynamic Device group based on a certain attribute then yes you can then target your policies to this Dynamic Device group (syntax based on the attribute that identifies these as Polycom) to find the attribute look into Entra or the Graph API or see the list of available attributes when creating a Dynamic Device group.
    • Gordon_Smith3520's avatar
      Gordon_Smith3520
      Copper Contributor
      We have created dynamic groups for the Polycom models but what compliance policy/conditional access policy would be setup to assign these dynamic groups to. We have looked at properties for both and don't see how this can done.

Resources