Forum Discussion
Conditional Access Policy
I am currently auto registering my workstations with AZ via GPO so the workstations display in AAD as Hybrid joined. I then have a policy applied to Exch-onLine that only computers that are Hybri...
The GPO you are referring to is to enroll a device into MDM and is only required if your CA policy requires compliant device. If you simply just want to allow/block access for hybrid ad joined then you dont need the GPO.
FYI - the GPO is part of the windows 10 1709 and later ADMX files
FYI - the GPO is part of the windows 10 1709 and later ADMX files
My guess is they may experience this issue when they are trying to access cloud resources through a browser which is not supported for device based conditional access and therefore cannot satisfy the requirement so gets blockedz
- Agreed the user however was on the internal LAN and launching outlook 2016 which is why this threw me for a loop.
