Deploy app to compliant devices only

stromnessian · ‎08-15-2020

I'm probably missing something obvious, but I was wondering how I could deploy an app or configuration profile and limit it to compliant devices. Conditional access obviously isn't the solution as it's only for accessing cloud apps. I guess a dynamic group wouldn't work either as it'd require Intune enrollment to get the compliance data. Any ideas?

Moe_Kinani · ‎08-16-2020

Hi stromnessian,

I thought Non-compliant devices will not receive apps or config policies from Intune anyways, do you see different experience?

Moe

stromnessian · ‎08-16-2020

@Moe_Kinani yes, non-compliant devices receive apps/config profiles the same as compliant ones do.

Regards

Keith

eglockling · ‎08-17-2020

@stromnessian Doesn't the device need to enroll with Intune to be identified as compliant/non-compliant? You're right about not being able to use Dynamic AAD group though, because device compliance is not an available Property for creating the dynamic membership rule.

Moe_Kinani · ‎08-17-2020

Hi Keith,

Thanks. I don’t see any other ways that you can achieve the objective. As you mentioned, CA can block access to resources, not what you looking for.

Moe

Deploy app to compliant devices only

Deploy app to compliant devices only

Re: Deploy app to compliant devices only

Re: Deploy app to compliant devices only

Re: Deploy app to compliant devices only

Re: Deploy app to compliant devices only

Products (70)

Special Topics (19)

Most Active Hubs

Most Active Hubs

Deploy app to compliant devices only