Forum Discussion
Microsoft Graph Command Line Tools Blocked by CA
Hi All I hope you are well. Anyway, I recently turned ON a Conditional Access Policy Template, "Require MDM-enrolled and compliant device to access cloud apps for all users (Preview)" this se...
Hi Buddy
These are new, OOBE devices being enrolled by our IT Admin DEM accounts, so they won't be enrolled or compliant yet as that's what we are trying to do, but first, we need to AutoPilot them in to Intune.
This guide states:
" Note
You can enroll your new devices to Intune even if you select Require device to be marked as compliant for All users and All resources (formerly 'All cloud apps') using the previous steps. The Require device to be marked as compliant control does not block Intune enrollment."
Ref: https://learn.microsoft.com/en-us/entra/identity/conditional-access/policy-all-users-device-compliance
SK
These are new, OOBE devices being enrolled by our IT Admin DEM accounts, so they won't be enrolled or compliant yet as that's what we are trying to do, but first, we need to AutoPilot them in to Intune.
This guide states:
" Note
You can enroll your new devices to Intune even if you select Require device to be marked as compliant for All users and All resources (formerly 'All cloud apps') using the previous steps. The Require device to be marked as compliant control does not block Intune enrollment."
Ref: https://learn.microsoft.com/en-us/entra/identity/conditional-access/policy-all-users-device-compliance
SK
StuartK73 You could create a separate, less restrictive Conditional Access policy that applies specifically to device enrollment scenarios
