Forum Discussion

Brass Contributor

Aug 18, 2022

Hybrid Azure AD joined Devices WITHOUT Intune show up as Non Compliant

Hello, We do not use Intune for Windows at the moment. Everything is blocked e.g. Enrollment Polices, not Autopilot etc. At the moment we are seeing some devices in AAD under Devices that s...

Conditional Access

Intune

Ketzpatel

Brass Contributor

Aug 23, 2022

Rudy_Ooms_MVP

We have GPO configured to push these devices as hybrid joined in Azure so they can pass the conditional access. there is nothing else configured to manage these devices in Intune. All users are currently licensed to Intune and other services under E5.

Rudy_Ooms_MVP

MVP

Aug 23, 2022

Those devices that show n/a thats of course obvious... but those "NO" are weird as normally you need intune to deliver that "judgment" 🙂

https://docs.microsoft.com/en-us/answers/questions/909847/non-compliance-of-devices-in-azure-ad-without-intu.html

ErikVet
Brass Contributor
Aug 23, 2022
Rudy_Ooms_MVP
Ketzpatel

I guess I have found something that may have something to do with this ...

MS changed the Device restriction to bei more granular (Could not find since when). Before you have device platform polices into one Policy as seen here in an old screenshot.

If i look now into the Intune device restriction portal we have different possibilities per platform (e.g Android, Windows)

If i look in our tenant i can see the restriction policy for windows, mac and ios with a weird behavior. The groups are not displayed correctly as they should. Maybe here is a issue and it happend when MS rollout out the new restriction policys - from general to platform specific.

Only Android works correctly

Greetings
Erik