This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 55.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Seems to be issues going on with devices showing as non-compliant, when they are infact, compliant.
I've got two different types of compliancy reporting issues;
Is anyone else running into issues where compliancy just isn't accurately reporting? Any known work arounds or fixes?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 66%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENH%3C/text%3E%3C/svg%3E)
For 2 - is this for System account showing as non-compliant? If so, see https://learn.microsoft.com/en-us/mem/intune/protect/compliance-policy-monitor#drill-down-for-more-details
"If no user is signed in to the device, the device with the targeted device compliance policy will send a compliance report back to Intune showing System Account as the user principal name. This happens because a device compliance policy was targeted to either a group of users or devices, and no user was signed into the device at the time the compliance policy was evaluated."
No that isnt the case - the compliance is for the actual user. I'm aware of the other system account issue. Appreciate the reply.
@Phillip Coronakes Thanks for posting in our Q&A.
For 1, it seems that the compliance state doesn't keep same in device and the policy itself. It is suggested to try to sync the device and the check if the compliance state is normal.
If this issue still exists, it is better to create an online support ticket to feedback and find if there is any method can fix it. It is free. Here is the online support link and hope it helpful.
https://learn.microsoft.com/en-us/mem/intune/fundamentals/get-support
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Tried re-syncing device, rebooting, changing policy from user to device group and vice versa. Tried creating a new compliance policy as well - same thing.
I'll open a case i guess and persavere with support.
I've seen some serious problems with detecting Defender Firewall with compliance policies, but I think that has been fixed. For testing purposes, consider to change the default 60 days evaluation period to 1, and play around with it. Company Portal has the compliance view behind device option, and it shows you what's wrong, you can also initiate the re-evaluation from there.
I have small doubt around compliance that it may not work 100% bullet proof yet, as it should :)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 37%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
I am seeing an issue where the compliance policy shows 'error' against the firewall and AV, yet under device view they are reporting as compliant. Also the error is intermittent.