Forum Discussion
How to block non-enrolled devices
We have recently migrated from Basic Security (O365) to Intune and we're trying to setup a policy to block iOS and Android devices if they are not enrolled with the company portal app. I setup a conditional access policy but it's not affected the test group at all.
Can someone help with what we are missing here - the test device does not even have the company portal app installed so it's not listed in the devices area of endpoint manager, but email still works.
Hi,
To be sure everything is working as it should, are you also making sure you have enabled the template
Because when you are not blocking legacy auth... conditional access does nothing 🙂
"conditional access only works for clients that support modern authentication (ADAL)"
- 8i5-5i1Copper Contributor
Hi Rudy, thanks for replying. We already have a conditional access policy to block legacy authentication - is this what you mean?
- Mmmm okay so you have configured the compliance policies ....how did you configure the default compliance settings (mark devices without compliance policy as compliant or not compliant)