Microsoft Endpoint Manager Compliance

Kamikaze_worm 46 Reputation points
2021-06-21T16:26:28.877+00:00

Hi All,

Looking after a tenant and can see the overall device compliance as "Compliant" great. Whilst drilling down into the specific device one of the items under compliance "Built-in device compliance Policy" is listed as not compliant. This is for a different user.

How can I go about fixing this?

Dave

P.S - sorry if the tag is wrong. I cannot find anything related to what i have.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,215 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 34,786 Reputation points Microsoft Employee
    2021-06-21T22:41:02.133+00:00

    The built-in device compliance policy evaluates three things - whether the enrolled user exists, whether the device has a compliance policy assigned, and whether the device is active.

    Under Compliance policy settings, you have the option to mark a device with no compliance policy assigned as "Compliant."

    107811-image.png

    You can check the Built-in Device Compliance Policy to see if anything is being flagged. One possibility is that it has no compliance policy assigned. https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started

    107812-image.png

    Related thread: https://social.technet.microsoft.com/Forums/en-US/4268ab43-6daa-40a8-80a9-2445c9dd0557/intune-built-in-device-compliance-policy-quotis-activequot?forum=microsoftintuneprod

    0 comments No comments

  2. Kamikaze_worm 46 Reputation points
    2021-06-22T08:52:15.33+00:00

    Some more info on my issue.

    You can see here the pic shows as compliant.

    108049-azure-1.png

    Then when you go inside one of the users is non-compliant.

    108050-azure-2.png

    0 comments No comments