Forum Discussion
MicrosoftWelcome to the Windows Autopatch Community!
Hi ambarishrh !
No you absolutely can still use Windows Autopatch if you have Conditional Access. However, conditional access policies will block Windows Autopatch service accounts from connecting to your tenant if the accounts are not excluded. As such, part of the enrollment process includes excluding our service accounts from your conditional access policies. For more information on how we handle this, check out our public docs on this: https://docs.microsoft.com/en-us/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues#conditional-access-policies
MicrosoftHi ambarishrh !
No you absolutely can still use Windows Autopatch if you have Conditional Access. However, conditional access policies will block Windows Autopatch service accounts from connecting to your tenant if the accounts are not excluded. As such, part of the enrollment process includes excluding our service accounts from your conditional access policies. For more information on how we handle this, check out our public docs on this: https://docs.microsoft.com/en-us/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues#conditional-access-policies
You talk about excluding Windows Autopatch service accounts. But the assessment tool talks about excluding autopatch devices. But that would be all my devices.. I"m confused...
3. On the Include page, change the policy to use an assignment that targets a specific Azure AD group that doesn’t include any Windows Autopatch devices, and then select Save.
Hi
I too would like to know this.
I'm looking into the Conditional Access advisory and 3 of the supposedly affected Conditional Access policies are pointing to the same group. This group only contains users, no devices.
I also have an issue with Co-Management, but one problem at a time.......
