Dec 10 2021 10:56 AM
I'm using Intune's Conditional Access to block non-compliant devices on my O365 tenant. A problem I'm encountering is that the "Built-in Device Compliance Policy" turns Not Compliant if the device fails to log in for a long period of time. When this happens, the device gets blocked for being Not Compliant, so is unable to refresh the Built-in Device Compliance Policy that would make it compliant again. The only solution I've found is to stop enforcing CA on the user until the device is able to sign in successfully again. Then I can resume CA. This is obviously not an ideal solution.
Am I the only one dealing with this?
Dec 15 2021 02:51 AM
Dec 15 2021 07:25 AM
I was set up for "All cloud apps". I've changed it, but will have to root around here for another stale device to test it. For others who may find this thread, Intune doesn't show the entire list of cloud apps. You have to know what you're looking for and then search for it. I left the policy as "All cloud apps" with "Microsoft Intune" and "Microsoft Intune Enrollment" excluded from the policy.
The van Surksom link brings up a big spreadsheet. Lots of detail, but no discussion. Not sure if that's what you wanted.
Dec 15 2021 09:52 AM
Dec 15 2021 10:57 PM
SolutionDec 15 2021 11:45 PM
Dec 15 2021 11:47 PM - edited Dec 16 2021 03:23 AM
is this more or less than the "is active" setting before not getting compliant?
Skip that question :) 14 days and 90 days clean up rules.. So after 14 days you are experiencing the issue... not after 90 days?
Dec 16 2021 03:25 AM
Dec 16 2021 03:36 AM
Dec 16 2021 03:43 AM
Dec 16 2021 08:15 AM - edited Dec 17 2021 08:01 AM
I thought I had them set up, but I didn't. I just set them for a 60 day deletion.
Dec 16 2021 11:36 PM
Dec 17 2021 08:01 AM
Well, yesterday I would have said yes. This morning, however, the machine signed in without issue after a reboot. I found another stale device which also logged in without issue, so I guess this problem is fixed. Thank you so much!!
Out of curiosity, what made you think about cleanup rules in this context?