Intune Compliance Policies - Options other than marking device as non-compliant

Colby Brunner 21 Reputation points
2022-04-18T15:36:37.187+00:00

We have recently configured an Intune compliance policy that checks if users are local admin on their machine or not. The policy has been working correctly and is marking devices with local admin as non-compliant. This would be fine, except Company Portal on the user's end will throw up an error message that says "DEVICE cannot access COMPANY resources".

This error message looks scary, but it doesn't actually prevent users from installing Company Portal apps.

193937-compliance-2.png

Is there a way to not have this error message show up on the user's end? There doesn't seem to be any way of getting rid of the default "Mark device as non-compliant" action item in the compliance policy.

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,574 questions
0 comments No comments
{count} votes

Accepted answer
  1. Jason Sandys 31,181 Reputation points Microsoft Employee
    2022-04-19T13:49:02.45+00:00

    Sorry, I'm a bit confused here. If you don't want to mark the device as non-compliant, why use a compliance policy? This is the entire purpose of using compliance. If you don't want the device to be marked as non-compliant, then you should use another mechanism depending on your goal. Perhaps proactive remediations although without knowing your goals here that's just a guess and one possibility.


1 additional answer

Sort by: Most helpful
  1. Lu Dai-MSFT 28,366 Reputation points
    2022-04-19T04:04:50.507+00:00

    @Colby Brunner Thanks for posting in our Q&A. From your description, did you mean that this error message will display in the company portal when the device is not compliant? If there is anything misunderstanding, please correct me.

    Based on my test, it is same as yours. It seems an expected behavior by company portal app. There is no method to avoid showing this error message.

    If you are interested in this feature that avoid showing this error message or change the error message, it is suggested to feedback in intune feedback portal. This is a place to collect customers' requirements and problems.
    https://feedbackportal.microsoft.com/feedback/forum/ef1d6d38-fd1b-ec11-b6e7-0022481f8472

    Thanks for your understanding.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments