Forum Discussion

Brass Contributor

Dec 10, 2021

Solved

Intune marks Not Compliant if device does not sign in regularly, then permanently blocks the device

I'm using Intune's Conditional Access to block non-compliant devices on my O365 tenant. A problem I'm encountering is that the "Built-in Device Compliance Policy" turns Not Compliant if the device fa...

Conditional Access

Mobile Endpoint Management

Rudy_Ooms_MVP
Dec 16, 2021
Dr_Snooze

Hi , could you also share if there are any device cleanup rules configured ?

Brass Contributor

Dec 15, 2021

Update: Excluding the Intune apps made no difference. Stale device is still blocked after reboots and forced syncs from both sides.

MVP

Dec 16, 2021

Hi , could you also share if there are any device cleanup rules configured ?

Dr_Snooze
Brass Contributor
Dec 16, 2021
I thought I had them set up, but I didn't. I just set them for a 60 day deletion.
- Rudy_Ooms_MVP
  MVP
  Dec 17, 2021
  Hi, Good morning.. So we can rule out the "cleanup rules " 🙂
  - Dr_Snooze
    Brass Contributor
    Dec 17, 2021
    Rudy_Ooms_MVP
    
    Well, yesterday I would have said yes. This morning, however, the machine signed in without issue after a reboot. I found another stale device which also logged in without issue, so I guess this problem is fixed. Thank you so much!!
    
    Out of curiosity, what made you think about cleanup rules in this context?
Amidah1
Brass Contributor
Dec 16, 2021
Yes. They get retire command after 90 days.
- Rudy_Ooms_MVP
  MVP
  Dec 16, 2021
  ~~is this more or less than the "is active" setting before not getting compliant?~~
  
  Skip that question 🙂 14 days and 90 days clean up rules.. So after 14 days you are experiencing the issue... not after 90 days?
  - Amidah1
    Brass Contributor
    Dec 16, 2021
    I do not have 14 day policy. Only the clean up policy after 90 days on inactivity to get retired.

Resources