![]() Use caseįirst and foremost, I agree with you that a compliance policy should be good enough, but there are scenario’s where you might need another option to add on top of compliance policies. The Grant control in your Conditional access Policy is set to Grant access if.īut there are many roads to Rome, so let’s see if there are other ways to block access to Microsoft 365 outside the Android for Work Profiles. Because this method might give users the option to enroll their device with Endpoint Manager. This method works great, if your configuration is spot on. Sign-in error code 530003 “ Your device is required to be managed to access this resource.” The Sign-in logs will also show an error. Using this method, the user will see an error on the device like the one below. When using the personal profile, the device should not be compliant. ![]() Simply put, if the device is not compliant (not managed), you are not granted access. Please note: Normally you would block access to Microsoft 365 resources by using a combination of device compliance and conditional access policies. After seeing a question on techcommunity I thought I might as well do a quick post on this topic. This post is about blocking access to Microsoft 365 outside the Android for Work Profile with Endpoint Manager.
0 Comments
Leave a Reply. |