Thanks for responding. Here are my settings:
I'm not able to do manual syncs because the device is logged out and you have to log back in before you can do any kind of sync, which gets blocked by CA. The only way I can get the device functioning again is to disable CA and log in, then re-enable. I'm not even sure I'd be able to completely unenroll the device and re-enroll. CA's blocking is quite belligerent.
I have only encountered this a couple times so far (of course, I'm only managing a handful of devices at this point), so I'm not sure if there's something else going on in addition.
Thanks again.
I had it happen just now on a test device that I haven't used in a while. Here is the error message when you try to log in.
Azure AD reports this sign-in error.
Forcing manual syncs from the device and/or the portal make no change.
To correct, I don't actually disable the CA policy. I remove the user from the Group to which the policy is applied. It's less disruptive, but still not an acceptable workaround.
When you say, "event logs (aad)," can you be more specific? I've tried looking at the Intune device logs. There are a zillion of them and I get a headache the moment I open even one.
Thanks,
Hi,
So you targetted "All cloud Apps? No exclusions ?
Like shown below, is the ca rule targgette dat all cloud apps or multiple selected apps?
Accepted Solutions
Hi , could you also share if there are any device cleanup rules configured ?
