Event banner
Event details
A large percentage of our devices show as non-compliant because they are failing the Windows built-in policy named "Is active". This is supposed to ensure our devices are reporting in at least every 30 days (default). Like nearly everything else in Intune, this built-in policy is being evaluated per device AND per user. I have found that this behavior is causing devices we would consider "active" to be marked as inactive, once someone who had logged in at one time has not been seen again for 30 or more days. Should I submit this as a bug? If it is working as designed, is there a workaround? We haven't enabled Conditional Access because of these.
Recently discussed this with Intune Support on Twitter.
The user evaluations seen in Intune reports, what do they represent?
- An evaluation that happens when the user logs on.
- Or, an evaluation per user profile.
- Or, an evaluation per logged on user.
If it is testing per logged on user, maybe these devices only need to be rebooted to become compliant.
- A reboot and overnight wait did not resolve the problem. I am now trying the "change the shorten the expiration, then change it back" trick.
- reading the twitter message now 🙂
- Intune Support, on Twiter, says they are looking into this behavior. https://twitter.com/IntuneSuppTeam/status/1586011352681824262
