Forum Discussion
Non persistent session on not joined devices
Hi, how do I create a conditional access policy within intunes that requires a non joined device and then specifies the persistent browser session to "never persistent". As I look ath the setting...
Hi, yes, exactly. To exclude registered devices and apply the policy only to non-registered devices, you need to use the filter for devices in Conditional Access.
From your screenshot, I can see that you have set the filter with the rule:
device.trustType -eq "ServerAD", which corresponds to Microsoft Entra hybrid joined devices
You have selected Exclude filtered devices from policy
This way, the policy will apply only to non-registered devices, meaning those that are not hybrid joined.
As a result, these devices will not maintain an active session persistently, since the default behavior for non-registered devices is already non-persistent.
