Conditional Access: Require "Azure AD joined"?

Kiril · ‎Nov 21 2022

In the Grant access configuration I can require a device to be "Hybrid Azure AD joined". Can this option be used to require "Azure AD joined" for cloud only organizations?

If "Hybrid Azure AD joined" is including "Azure AD joined", how can I require a device to be "Azure AD joined" in a conditional access policy?

ChristianJBergstrom · ‎Nov 21 2022

Consider enrolling the devices in Intune and use "compliant device" as CA. A device can only be managed by one organization and for a device to be compliant it has to be registered to your org. and satisfy the compliance settings you specify. You can also set device restrictions to block enrollment by devices that aren't corporate owned.

Kiril · ‎Nov 21 2022

Gotcha, thanks! So the "Hybrid Azure AD joined" should be ignored if the org is cloud-only, and the compliant device state should be used instead.

Conditional Access: Require "Azure AD joined"?

Conditional Access: Require "Azure AD joined"?

Re: Conditional Access: Require "Azure AD joined"?

Re: Conditional Access: Require "Azure AD joined"?

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Conditional Access: Require "Azure AD joined"?

Conditional Access: Require "Azure AD joined"?

Re: Conditional Access: Require "Azure AD joined"?

Re: Conditional Access: Require "Azure AD joined"?