In this case, the application and device don't meet that policy. In the above error, the message states that the application can only be accessed from devices or client applications that meet the company's mobile device management policy. This information alone may describe what the problem is and that may suggest a solution. For problems signing in when using a web browser, the error page itself has detailed information.
The first way is to review the error message that appears. If you're an administrator without a client application that has an Intune app protection policy, this policy blocks you from getting back into portals such as Intune and Azure.įor all users, all cloud apps, all device platforms: Require app protection policy - This policy block access has also the potential to block access for all users in your organization if you don't have an Intune policy.Require Hybrid Azure AD domain joined device - This policy block access has also the potential to block access for all users in your organization if they don't have a hybrid Azure AD joined device.If you're an administrator without an enrolled device, this policy blocks you from getting back into the Azure portal to change the policy. Require device to be marked as compliant - For users that haven't enrolled their devices yet, this policy blocks all access including access to the Intune portal.Block access - This configuration blocks your entire organization.Organizations should avoid the following configurations: In this context, you should pay special attention to assignments affecting complete sets such as all users / groups / cloud apps. However, great flexibility also means that you should carefully review each configuration policy before releasing it to avoid undesirable results. The Conditional Access framework provides you with a great configuration flexibility. The information in this article can be used to troubleshoot unexpected sign-in outcomes related to Conditional Access using error messages and Azure AD sign-ins log.
0 kommentar(er)
