Deploy app to compliant devices only

Question

I'm probably missing something obvious, but I was wondering how I could deploy an app or configuration profile and limit it to compliant devices.&nbsp; Conditional access obviously isn't the solution as it's only for accessing cloud apps.&nbsp; I guess a dynamic group wouldn't work either as it'd require Intune enrollment to get the compliance data.&nbsp; Any ideas?

moe_kinani · Answer

Hi stromnessian,I thought Non-compliant devices will not receive apps or config policies from Intune anyways, do you see different experience?Moe

stromnessian · Answer

Moe_Kinani&nbsp;yes, non-compliant devices receive apps/config profiles the same as compliant ones do.&nbsp;RegardsKeith&nbsp;

eglockling · Answer

stromnessian&nbsp; Doesn't the device need to enroll with Intune to be identified as compliant/non-compliant? You're right about not being able to use Dynamic AAD group though, because device compliance is not an available Property for creating the dynamic membership rule.

moe_kinani · Answer

Hi Keith,Thanks. I don’t see any other ways that you can achieve the objective. As you mentioned, CA can block access to resources, not what you looking for.Moe

kirankumarms · Answer

stromnessian&nbsp;Hi,May i know how to deploy microsoft teams app to hololense devices by intune?&nbsp;Regards,KiranKumar MS&nbsp;

Forum Discussion

Deploy app to compliant devices only

Share

Resources