Forum Discussion

  • If a device has no Compliance policy assigned, AD Registered devices mostly, then it will be marked as compliant. (Registered devices can't be scanned for compliance because they are not Intune enrolled. If you have Conditional Access rules stating a device should be compliant to access 365 services, then this could a bad idea
    • ElieAT's avatar
      ElieAT
      Iron Contributor
      So what i have to do with this configuration sent?
      • Move the top slider so that devices without a compliance policy assigned are marked as not compliant for security reasons (If all of your devices are enrolled with Intune). By doing so, you can use Conditional Access rules with the setting that devices should be compliant to use services.

Resources