Forum Discussion
Access Issues due to supervised Device
Hello we have Supvised (ADE) and user affinity iOS devices in our company. The users can log on to their device via their Modern Auth and the whole thing is managed with Intune. As a company, we ha...
Potential Solutions:
- Review App Protection Policies (APP):
- Check if App Protection Policies enforce all apps to use the corporate account.
- Modify the policy to allow exceptions for the Microsoft Remote Desktop app (or the specific app used for AVD), permitting it to use alternative accounts or exempt it from the policy.
- Set Up Conditional Access Exceptions:
- In Azure AD Conditional Access, create a policy to exclude specific apps (like the AVD app) from requiring managed devices or corporate accounts.
- Create a Custom Profile in Intune:
- Configure a special Device Configuration Profile in Intune to allow apps to use multiple accounts. This option may pose security risks and should align with the organization’s compliance policies.
- Use an Unmanaged Device:
- If exceptions are not allowed by corporate policy, consider using an unmanaged device (not supervised by Intune) to access the Azure Virtual Desktop.
Please let me know if the issue is resolved
Hello Ankido,
thank you for replying.
Regarding APP: I don't find any options to modify the policy to allow exceptions for the Microsoft Remote Desktop app (or the specific app used for AVD), permitting it to use alternative accounts or exempt it from the policy.
Can someone be more specific about the steps to be done? Ankido suggestions are the same ChatGPT is giving me. But these are very unprecised.
Hi again,
What does your policy look like? I’m thinking about where you’re trying to log in from. Have you configured any policy for geographical zones, or is there a specific IP address that’s blocked? If you go to Entra ID, then to Protection and Conditional Access audit logs, you can trace why you’re unable to log in. Let me know plz
