Forum Discussion

Brass Contributor

Dec 10, 2021

Solved

Intune marks Not Compliant if device does not sign in regularly, then permanently blocks the device

I'm using Intune's Conditional Access to block non-compliant devices on my O365 tenant. A problem I'm encountering is that the "Built-in Device Compliance Policy" turns Not Compliant if the device fa...

Mobile Endpoint Management

Rudy_Ooms_MVP
Dec 15, 2021
Dr_Snooze

Hi , could you also share if there are any device cleanup rules configured ?

Rudy_Ooms_MVP

MVP

Dec 15, 2021

~~is this more or less than the "is active" setting before not getting compliant?~~

Skip that question 🙂 14 days and 90 days clean up rules.. So after 14 days you are experiencing the issue... not after 90 days?

Amidah1

Brass Contributor

Dec 16, 2021

I do not have 14 day policy. Only the clean up policy after 90 days on inactivity to get retired.

Rudy_Ooms_MVP
MVP
Dec 16, 2021
Ahh wait.. responding to different persons.. with 2 different kind of settings 🙂

so dr_snooze has set the compliance policy to 14 days and a cleanup policy...(not sure how many day?)

And amidah1 is using cleanup rules ... and after the 90 days the device isn't compliant because it has been "removed" from intune.. Am i right about that one? so before the 90 days, it still works?
- Amidah1
  Brass Contributor
  Dec 16, 2021
  @Rudy
  If ask me the retire policy is useless. After u get non compliant from 30 day without activity you don't get any command to the device because the device will no longer sync with the platform. If command change to delete to remove the registry of the device from the platform will be more effective(at least do something, clearing the useless device registers from the platform). But I wasn't the enlighten engineer who set up this way I just come along in this Frankenstein.