This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 43%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hi,
I am using Endpoint Manager with Intune, and have a Defender ATP policy assigned. The devices appear in 'Security Center', the risk level for devices is 'no known risk'. If I configure a policy for Microsoft Defender for Endpoint, to Require the device to be at or under the machine risk score: (Medium), then when I view the 'All Devices; blade, the devices are shown as Compliance, 'in grace period'. If I drill down to each device, the policies are green. If I drill down to the policies, the devices are green. Why does the 'All Devices' blade show the compliance as 'in grace period', when the devices are compliant?
Thanks
Mike
thanks for your help, I have ticket open with support.
Mike
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 33%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECW%3C/text%3E%3C/svg%3E)
In-grace period means the device is targeted with one or more device compliance policy settings. But, the user hasn't applied the policies yet. This status means the device is not-compliant, but it's in the grace-period defined by the admin.
Reference: https://learn.microsoft.com/en-us/mem/intune/protect/actions-for-noncompliance
I notice that if you drill down to each device, the policies are green. If you drill down to the policies, the devices are green. Do you mean that in the Device compliance states chart, the status are all complaint? Is it convenient to provide related screenshots?
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
The policy is assigned to a security group, which contains the devices. Attached are screenshots of the All Devices blade, the Device/Compliance page, and the policy page. The issue occurs, when the Microsoft Defender for Endpoint option is configured.
Devices in https://security.microsoft.com/machines have 'Risk Level' of 'no known risks' and 'Exposure Level' Low.
Thanks
Mike
I have done the tests and research and find that if the compliance policies are all green, the compliance status of the device is complaint. In grace period can represent either Complaint or not Not Compliant. In our case, in grace period represent Complaint and we can safely ignore this warning. If you want to set the In grace period to Complaint, simply set Actions for noncompliance to 0 days.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
It doesn't make sense, that in the 'all devices' blade, devices are shown with 'compliance' in 'grace period', but when you view the devices via the policy, or via the device itself, it is 'compliant'. It cannot be correct to say, that a device in 'grace period' can be compliant or not. Surely it has to be one or the other? Changing the grace period to 0, is not a solution, because it defeats the purpose of having a 'grace period', and if I change the 'grace period' to 0, the devices in the 'all device' blade shows as 'non compliant', but when you view the devices via the policy, or via the device itself, it is 'compliant'.
Mike
How about clicking each compliance policy and see if the per policy in this compliance policy has complaint? As follows:
