Gmail
1 TopicConditional access blocks, even when Smartphone is marked as compliant
Hi Everyone. I'm trying to access my Exchange Mailbox over the Gmail App on my Pixel 8 Pro. Now my Problem is that a conditional access policy is blocking the access. I've created a policy that grants access to the "Office 365 Exchange Online" Resource, if passwordless MFA is satisfied and the device is marked as compliant. At the beginning I was trying to grant access if the Gmail App is protected by an app protection policy, which didn't work because Gmail does not support app protection policies, so I turned that off. So, my Smartphone is a BYOD and I've enrolled it into Intune with the "Android (personally-owned work profile)" enrollment method. A compliance policy is assigned, and Intune shows me that the device is compliant. Intune deploys the Gmail App to my work profile. I've read several documentations and I also deployed Google Chrome, Google Calendar and the Bing Search App just to be sure. But it still blocks access to the resource. I also made an Email configuration profile, to auto-setup the Gmail App with my Credentials. So everytime I open the Gmail App in my Work Profile, it tries to setup the account, I get an MFA number-matching prompt from MS Authenticator and then it tells me to download the company portal app and enroll my smartphone into Intune. Strange behavior because as I mentioned above, my Phone is indeed managed and marked as compliant in Intune. I was going through the Sign-in Logs, and I've seen that every logged attempt claims that the device is not compliant and not even managed. I feel like that I'm missing a big point. I would be thankfull if anyone has an idea to solve this ❤️ Thanks.Solved2.2KViews0likes2Comments
