Device Enrolment Device Status

Copper Contributor

We have discovered some anomalises wth device status under conditional access.

 

With a sample number of users where I expect that AAD Registered, Compliant & EAS Activated to all be at 'YES' before the device is fully enrolled and receiving policies I have a numer of devices that work when some of the statuses are at 'NO'.

 

Example below:

debug_enrolment.png

The issue I have is for a security audit I have to prove a device passed all stages of enrolment before they receive service. In every case I have confirmed the user's device is active and receiving email.

2 Replies

Could you add a picture of your Conditional Access configuration, is it towards Exchange on-premise or Online? 

Its Exchange Online and conditional access is being utilised. Microsoft's Premier Support are investigating this anomaly in a ticket as the EAS activation and stamp should apply to all devices enrolled and some of ours are not.

 

Initially we were advised (wrongly) that devices utilising Outlook App for Mobile (iOS & Android) would not apply EAS and nothing would show in the console, this clearly isn't the case and this is now accepted by the investigating engineer following more information and pressing Microsoft.