Intune - Conditional Policy Blocked access to O365 apps; Reason: Device ID - Not matched

Anton 0 Reputation points

Hi Guys,

Recently one of the users had an issue with Windows Hello on their In tune managed laptop. He was being prompted to set the PIN every time he boots into the computer. The error was bitlocker related and after trying many steps, the final step of clearing the TPM fixed the problem of PIN setting. BUT, he is now unable to log in to outlook because of a conditional policy blocking access.

The error is that the Device ID is 'Not matched'.

Now to the questions.

(1) Does clearing TPM cause a device ID to change? He was able to access outlook before this step.

(2) How can this be fixed?


Not Monitored
Not Monitored
Tag not monitored by Microsoft.
35,817 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Q&A Assist
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Clearing the TPM can cause data loss and may affect the device ID. If the device ID changes, it can cause issues with conditional access policies. To fix this issue, you can try re-enrolling the device in Intune, which should generate a new device ID. Alternatively, you can contact your IT administrator to check the conditional access policy and ensure that the device ID is correctly configured.


    0 comments No comments