Forum Discussion
Exclude/Allow Particular non-managed devices from Conditional access policy without enrolling
Hello Experts
How to Exclude or Allow some Personal ( Non-company Managed) Particular devices from Conditional access policy without enrolling or joining them to Intune or Entra.
For Example I have created some Conditional access polices and now We want to allow some personal devices to be able to Login to Office or Outlook from some two or three personal Android devices which are Unmanaged or not company managed.
Can we achieve using these Devices unique ID or ICCID ? If possible please give some hint or clue.
Thank you.
- SebastiaanSmitsSteel Contributor
This will not work, the device needs an Entra Registration for the Conditional Access conditions to work, so you are unable to create something specific for a unknown device and logical so, in my opinion. You could for example exclude certain network segments from a policy, but this is not close to what you are looking for..
- prakashx86Copper Contributor
Hello Sebastiaan, Thank you for your reply.
Do you think adding serial number of personal non-managed devices can help you in this case or using of extensionAttribute1-15 from device properties filtering
OR my adding Personal device's IMEI or ICCID
Please see below link
https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-condition-filters-for-devices