SOLVED

CA policy Chrome browser iphone

%3CLINGO-SUB%20id%3D%22lingo-sub-2594238%22%20slang%3D%22en-US%22%3ECA%20policy%20Chrome%20browser%20iphone%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2594238%22%20slang%3D%22en-US%22%3E%3CP%3EHello%3C%2FP%3E%3CP%3EI%20have%20a%20user%20that%20is%20getting%20a%20failed%20login%20because%20non%20supported%20browser.%20The%20user%20is%20using%20iPhone%20iOS%2014.6%20and%20chrome%20browser%26nbsp%3B%20version%20%22%3CSPAN%3EChrome%20Mobile%20iOS%2092.0.4515%22.%20The%20user%20is%20trying%20to%20access%20exchange%20online%20application.%26nbsp%3B%20When%20i%20look%20at%20the%20azure%20sign-in%20logs%20for%20the%20request.%20I%20see%20%22530001%20browser%20not%20supported%22.%26nbsp%3B%20I%20can%20also%20see%20from%20looking%20at%20the%20sign-in%20logs%20that%20MFA%20was%20successfully%20completed.%20When%20i%20click%20on%20%22Conditional%20Access%22%20I%20see%20a%20policy%20that%20is%20reporting%20as%20%22Failure%22%2C%20and%20its%20%22Grant%20Controls%22%20that%20is%20not%20being%20satisfied%20.%26nbsp%3B%20The%20policy%20is%20configured%20as%20below.%20I'm%20a%20little%20stumped%20on%20why%20%22Grant%20Controls%22%20is%20not%20being%20satisfied%26nbsp%3Bwhen%20the%20device%20is%20compliant%2C%20and%20the%20user%20is%20successfully%20passing%20mfa%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Skipster3111_0-1627490564208.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F299056i302F7AA7C4D8C76A%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Skipster3111_0-1627490564208.png%22%20alt%3D%22Skipster3111_0-1627490564208.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Skipster3111_1-1627490593875.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F299057i3E33E2F595DB1991%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Skipster3111_1-1627490593875.png%22%20alt%3D%22Skipster3111_1-1627490593875.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Skipster3111_2-1627490631051.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F299058i12AB3392F7BB6C6B%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Skipster3111_2-1627490631051.png%22%20alt%3D%22Skipster3111_2-1627490631051.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2594238%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2595131%22%20slang%3D%22en-US%22%3ERe%3A%20CA%20policy%20Chrome%20browser%20iphone%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2595131%22%20slang%3D%22en-US%22%3EThank%20you%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2594720%22%20slang%3D%22en-US%22%3ERe%3A%20CA%20policy%20Chrome%20browser%20iphone%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2594720%22%20slang%3D%22en-US%22%3EWhen%20device%20state%20is%20one%20of%20the%20controls%20put%20in%20place%2C%20you%20need%20to%20use%20a%20supported%20browser%20to%20be%20able%20to%20satisfy%20this%20control.%20Chrome%20on%20iOS%20is%20not%20supported%2C%20have%20a%20look%20at%20the%20URL%20below.%20The%20only%20supported%20browsers%20on%20iOS%20are%20Edge%2C%20Intune%20Managed%20Browser%20or%20Safari.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconditional-access%2Fconcept-conditional-access-conditions%23supported-browsers%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconditional-access%2Fconcept-conditional-access-conditions%23supported-browsers%3C%2FA%3E%3C%2FLINGO-BODY%3E
Frequent Contributor

Hello

I have a user that is getting a failed login because non supported browser. The user is using iPhone iOS 14.6 and chrome browser  version "Chrome Mobile iOS 92.0.4515". The user is trying to access exchange online application.  When i look at the azure sign-in logs for the request. I see "530001 browser not supported".  I can also see from looking at the sign-in logs that MFA was successfully completed. When i click on "Conditional Access" I see a policy that is reporting as "Failure", and its "Grant Controls" that is not being satisfied .  The policy is configured as below. I'm a little stumped on why "Grant Controls" is not being satisfied when the device is compliant, and the user is successfully passing mfa

 

Skipster3111_0-1627490564208.png

Skipster3111_1-1627490593875.png

Skipster3111_2-1627490631051.png

 

 

 

2 Replies
best response confirmed by Skipster311-1 (Frequent Contributor)
Solution
When device state is one of the controls put in place, you need to use a supported browser to be able to satisfy this control. Chrome on iOS is not supported, have a look at the URL below. The only supported browsers on iOS are Edge, Intune Managed Browser or Safari.

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-acces...
Thank you