conditional access to to exclude android from O365 services

%3CLINGO-SUB%20id%3D%22lingo-sub-2797032%22%20slang%3D%22en-US%22%3Econditional%20access%20to%20to%20exclude%20android%20from%20O365%20services%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2797032%22%20slang%3D%22en-US%22%3E%3CP%3EIn%20a%20conditional%20access%20to%20to%20exclude%20android%20from%20O365%20services.%20Is%20it%20necessary%20create%26nbsp%3B%3CSPAN%3Eseparate%20conditional%20access%20policy%20(include)%20the%20device%20allowed%20for%20O365%20services%3F%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Capture.JPG%22%20style%3D%22width%3A%20247px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313784i8B064E674B3E8D3A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Capture.JPG%22%20alt%3D%22Capture.JPG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

In a conditional access to to exclude android from O365 services. Is it necessary create separate conditional access policy (include) the device allowed for O365 services?Capture.JPG

1 Reply
When organizations both include and exclude a user or group the user or group is excluded from the policy, as an exclude action overrides an include in policy. Exclusions are commonly used for emergency access or break-glass accounts.