Forum Discussion
Report-Only Device Compliance Policy
I am attempting to create a device compliance conditional access policy in report-only for testing, however, I get the warning that even report only may force devices to select a device certificate a...
Where do you see the warning? Report-only does not enforce the CA.
When you go to make a CA policy with device compliance there is a warning that says
Warning
Policies in report-only mode that require compliant devices may prompt users on Mac, iOS, and Android to select a device certificate during policy evaluation, even though device compliance is not enforced. These prompts may repeat until the device is made compliant. To prevent end users from receiving prompts during sign-in, exclude device platforms Mac, iOS and Android from report-only policies that perform device compliance checks. Note that report-only mode is not applicable for Conditional Access policies with "User Actions" scope.
