Forum Discussion

rossonero's avatar
rossonero
Copper Contributor
Feb 17, 2021

No user affinity - conditional access

I have a conditional policy that require the device to be compliant. But I have devices that have no user affinity so there is no compliance evaluted. Will they still fit in under compliance, so the ...
Intune
mobile device management (mdm)
rossonero's avatar
rossonero
Copper Contributor
Feb 19, 2021

Pa_D 

 

So all devices that have a system account should not be part of conditional access polices? - there is no workarround on this ?

rossonero's avatar
rossonero
Copper Contributor
Feb 19, 2021

rossonero 

 

Can see that my devices with a system account fails the compliance, so also fails the conditional access.

So how can I either add those devices to a compliance policy - or how can I exclude them?

I could easily make a device group, but this will not work as exclusion in Conditional access, as it must be user based. And the user "system account" is not a azure account, so wondering what can be done.

 

Guess that also non-user devices, should be able to be verified with compliance ?

  • Pa_D's avatar
    Pa_D
    Brass Contributor
    Feb 19, 2021

    rossonero 

    1) Please clarify "System Account" here. Did you mean Windows system account? if not what is it?

    2) From your description, you have targeted CA policy to user group. Is it correct?

    3) Which OS are you focusing here?

     

Resources