Forum Discussion
Incorrect compliancy issue
We sometme have an issue with users where the signin logs show that they have in incompliant device which causing issue with logging in applications because of the conditional access policies. Wh...
I got the dsregcmd status log from the downloaded diagnostics
This is what the User state en SSO state says. Not the way it should compare to a device with no issues. Next question is what is the best way to repair it.
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : ERROR
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority :
EnterprisePrt : NO
EnterprisePrtAuthority :
This is what the User state en SSO state says. Not the way it should compare to a device with no issues. Next question is what is the best way to repair it.
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : ERROR
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority :
EnterprisePrt : NO
EnterprisePrtAuthority :
Also the NGC Prereq check says this.
I am starting to wonder if the particular user has another work or school account present
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : YES
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
I am starting to wonder if the particular user has another work or school account present
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : YES
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
- Its hard to tell from a “distance” but i would start with looking at the aad and modern deployment eventlogs… it looks like something is reallt broken in the device. Is the intune mdm certificate still valid ? (I am mentioning this in one of my blogs)
- Yes but is joined. All our laptops are. They are All provisioned with Windows autopilot. This device was working perfect until last monday.
- Looking at the outputs you showed....I have the idea I am looking at information from a non azure ad joined device...?
