intune compliance policy

Question

Hi, We have setup windows 10 Intune compliance policy. We have set mark device non-compliant after 10 days. As per microsoft article if any device marked non-compliant with the given grace period then non-compliant device should go into 10 days grace period. We are facing issue with non-compliant devices they are not going into grace period time devices goes into non-compliant status. Kindly suggest any changes. Our devices are co managed with intune and sccm.

rudy_ooms_mvp · Answer

Hi...Good morning!1. "We have set mark device non-compliant after 10 days" --&gt; Mmm looks bad 🙂 .. So a device (as example) without bitlocker could still have access to your office 365 data and store those files on that device without being compliant?2. Which compliant rule is it failing on? could you show us some more information about what was configured

gaurav10001suri · Answer

thanks&nbsp;Rudy_Ooms_MVP&nbsp;for the response.Compliance condition we have setup.minimum os version should be xxxx.xxx.bitlocker key should be enabled.defender real time should be enabled.&nbsp;most of the devices falling in defender real time and bitlocker key. Devices are not going into grace period time. Devices are going into non-compliant.&nbsp;

rudy_ooms_mvp · Answer

Are you also 100% sure , when looking at the compliance monitor, none of those compliance settings had an error? as that could make the device go in to not compliance state instead of grace period

gaurav10001suri · Answer

yes we have few devices which are in error state. I have seen non-compliant devices which are not going into grace period. I have question it is devices status not changed in intune if new policy applied on devices

Forum Discussion

intune compliance policy

4 Replies

Resources