Aug 11 2023 12:30 AM
Hey everyone, looking some advice on whether something is possible with Intune configuration profiles.
We currently have 2 distinct profile groups of devices, one which is heavily restricted due to client requirements and 1 that has restrictions but nothing compared to the first group. These are a mixture of device configuration (including admx), settings catalog and administrative templates policies.
The devices that are heavily restricted are currently only used for client side work and are based in our offices i.e. desktops. Each of these employees has a company issued laptop that they would use for the likes of email and accessing company resources when working from home or not in the office that are blocked on the desktops.
We would like to consolidate this and have one device that they can use for client side work under 1 profile and another profile that would basically match the less restrictive profile on their laptop. The employee has 2 separate AAD accounts that they use so can be easily segregated by user groups.
My question is, can we configure it so that these 2 profiles could be applied on the same device depending on which account? The reason I ask is that some of these current configuration profiles are device level restrictions, not user level. Would the more restrictive device level restrictions superseed the less restrictive? Or would certain settings not apply and be reported as a Conflict?
Aug 16 2023 08:06 AM