08-15-2020 01:55 PM
I'm probably missing something obvious, but I was wondering how I could deploy an app or configuration profile and limit it to compliant devices. Conditional access obviously isn't the solution as it's only for accessing cloud apps. I guess a dynamic group wouldn't work either as it'd require Intune enrollment to get the compliance data. Any ideas?
08-16-2020 07:56 PM
08-16-2020 10:08 PM
@Moe_Kinani yes, non-compliant devices receive apps/config profiles the same as compliant ones do.
Regards
Keith
08-17-2020 06:39 PM
@stromnessian Doesn't the device need to enroll with Intune to be identified as compliant/non-compliant? You're right about not being able to use Dynamic AAD group though, because device compliance is not an available Property for creating the dynamic membership rule.
08-17-2020 08:48 PM