Forum Discussion
CA policy Intune non compliant device
Hello I have the following requirement. Can this be done using one CA policy, if so can i get an example? If a user does not enroll in Intune, we want to block them from accessing mail via int...
You should be able to do this by creating a CA policy that targets Exchange Online, set the device platform to iOS and Android, select client apps as browser and mobile and desktop apps (modern auth and Exchange ActiveSync) and grant controls to require a compliant device. Also have a look at device state to determine if any of that needs to be set in your case. Since this targets just Exchange Online on iOS and Android, any other apps will be allowed.
- And just exclude TEAMS ?
