We have a Conditional Access policy in place that requires:
All 3 conditions must be met on iOS / Android phones before access is granted.
However, when adding test users to the Conditional Access target group, the users CANNOT access corp resources, with errors:
Add a test user to an Exclusion group and it works fine.
Any reason why the compliance / config policies are not hitting then device therefore causing non-compliance?