We are trying to restrict access to O365 and any use of the O365 apps in a personal macOS device even if it's enrolled with Intune. This means that only macOS devices with Corporate ownership are allowed
However, whenever I try to test it on a personally owned macOS that is enrolled in Intune, I am able to access it still even if the conditional access action is set to Block.
This is what I have for the conditional access policy, but it's not working. Maybe I am misunderstanding something or I am missing something?