Built-in Device Compliance Policy - is active - Not Compliant

New Contributor

I have an enrolled windows device (we are using Azure AD, no hybrid), where I changed the primary user.
The compliance policy and the build-in device compliance policy for the new primary user is showing compliant.
But the build-in compliance policy for the user, who has enrolled the device is showing "not compliant" see screenshotsnot compliant.jpgnot compliant2.jpgnot compliant3.jpg

 

Do you have any ideas how to solve this? 

5 Replies
Hi MrNuggets,

this is something I see appearing and disappearing every now and then. Seems like a refresh issue. However, there are a few things you can check:

- check whether the device has another compliance policy assigned
- check whether the device is active (recently synchronized)
- check whether the user that enrolled the device (still) exists in AAD

if all answers are YES, then you can also try to re-enroll the device to get all data populated all new in the Intune database.

hope it helps

Alex
Hi,

If the user is active and everything good there is a known issue with this built in compliance policy that Microsoft knows about. Our tenant have hundreds of these even if they are "compliant".

@AlexdeJong 

thank you for your reply, I checked your points:
Only one compliance profile is assigned.
The client syncronized 30 minutes ago.
The enrolled user still exists.

I will think about reenrolling the device.
 

Hi

<Maybe offtopic but :p
Just looking at the pictures.. but just wondering... but are you okay with the settings: mark devices with no compliance policy --> compliant?

@Rudy_Ooms_MVP 

 

We do not have any clients without a compliance policy, but you are right, I will change this setting :)