Conditional Access - Filters for devices (Preview) - Filter not working

Shashank Kapoor 41 Reputation points
2021-09-22T15:56:59.293+00:00

This is a great feature and i only wish i can get this to work.
I am following this article: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-condition-filters-for-devices

I have a registered device which is not in Intune. I'm guessing that makes it in the category of "Registered not managed by Intune" vs "registered". (What is the difference between the two anyway, wouldn't these two be the same? why differentiate?

I have a conditional access policy based on a value in ExtensionAttribute1. Regardless of what value i put it keeps matching it. Why is that?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,451 questions
{count} votes

Accepted answer
  1. VipulSparsh-MSFT 16,276 Reputation points Microsoft Employee
    2021-09-23T04:44:04.02+00:00

    @Shashank Kapoor Thanks for reaching out.

    1 ) Registered not managed with Intune has a indication of Device presence in Azure AD as registered and management by other MDMs like these but not Intune :

    BlackBerry UEM
    Citrix Workspace device compliance
    IBM MaaS360
    JAMF Pro
    MobileIron Device Compliance Cloud
    MobileIron Device Compliance On-prem
    VMware Workspace ONE UEM (formerly AirWatch)

    2) Registered is just the normal device registration with Azure AD.

    Would you be share the screenshot of the policy you created, so that we can help you further ? Also what is your end goal with the CA policy.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.