Oct 15 2020 07:15 AM - edited Oct 15 2020 07:18 AM
Hi all
I would like to block some users from download attachment in the non intune compliant device, so I first configured a conditional policy with custom session policy for all browser traffic to MCAS. Then I configured a session policy to find device tag does not equal intune compliant to block the file download.
Then when I test to download attachment in O365 with Edge browser ina Win 10 and Android which is intune enrolled, but the user agent tag has only Azure AD joined, not intune compliant (but I checked the device is compliant in endpoint manager). So may I know any one tried this setup?
Best regards
Alex Tsang
Oct 23 2020 04:08 PM
Hi Alex,
Unfortunately, session policies only work for Browser and in this case, the Android would not get this session policy. Are you saying that the Android is popping up as AAD joined instead of Intune compliant? Lastly, for the Browser, is that working?
Thank you!
Sarahzin