Network Protection Set to Block Mode, but Clients Showing Audit Mode - Possible GPO Conflict?

Copper Contributor

Hi everyone,

 

I've run into an issue where I've created an Intune policy to enable Network Protection in block mode. However, when I check locally on the clients, I see that the policy is configured in audit mode instead of block mode.

 

I've verified in Intune that the devices have successfully synced and received the policy. During my troubleshooting, I found that some GPOs can take precedence over Intune policies.

 

Could this be the reason why the Network Protection is only set to audit mode on the clients? Has anyone else experienced this issue or have any insights?

 

Thanks in advance for your help!

1 Reply
Absolutely. GPO will take precedence. Even with MDMWinsOverGPO, it doesn’t support Defender and Windows Update CSPs.