Forum Discussion
Hybrid Azure AD joined Devices WITHOUT Intune show up as Non Compliant
Hello, We do not use Intune for Windows at the moment. Everything is blocked e.g. Enrollment Polices, not Autopilot etc. At the moment we are seeing some devices in AAD under Devices that s...
Just curious if you ever figured out what was going on. We are seeing the same thing and I have opened a ticket with MS but haven't heard back yet. I did notice that this only happens in our environment for those Windows 10 workstations that hybrid join via federation (ADFS). If the ADFS process fails and the devices goes through the managed hybrid join (azure ad connect) then the compliance field is left at N/A. When going through ADFS the registration add sets iscompliant to FALSE.
if the device is a hybrid AD join and without any owner it will show up as non compliant even if its not enrolled to Intune .
- This is correct but 50% of the total devices shows NA and other devices shows compliant = none which is **bleep** confusing and all user devices with either status able to pass conditional access and can access org resources. Opening a case and involving product team did not help as they have no clue why this is happening.
- Interesting. According to the documentation (https://learn.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal) Hybrid Azure AD joined Windows 10 or newer devices don't have an owner which is what we see. This doesnt explain why Windows 10 devices that hybrid join via azure ad connect have N/A for compliant (isCompliant=null) which appears to be more consistent with the documentation.