{"id":3063,"date":"2023-01-18T07:00:00","date_gmt":"2023-01-18T06:00:00","guid":{"rendered":"https:\/\/scloud.work\/?p=3063"},"modified":"2023-08-17T14:47:53","modified_gmt":"2023-08-17T12:47:53","slug":"conditional-access-device-state","status":"publish","type":"post","link":"https:\/\/scloud.work\/conditional-access-device-state\/","title":{"rendered":"Conditional Access Device Info \/ State"},"content":{"rendered":"\n
Conditional Access Policies that query \"Device Info\" such as the compliance status or a filter do not work natively in all browsers. Since devices that have a compliance status are mostly managed anyway, we can easily distribute these settings via Intune. <\/p>\n\n\n <\/p>\n\n\n If a browser is not managed and installed without specific settings, device data such as the compliance status or whether a device is managed cannot be transferred to Conditional Access.<\/p>\n\n\n\n The result in \"Conditional Access - Sign-in Log<\/a>\", in the \"Device Info\" tab is then as follows:<\/p>\n\n\n\n Conditional Access Policies basically work on all devices and browsers. However, device policies can only be validated on supported systems with the correct settings. If such a rule fails or cannot be evaluated, this corresponds to a rejection.<\/p>\n\n\n\n Microsoft has listed the supported browsers here: Conditions in Conditional Access policy<\/a><\/p>\n\n\n\n
In this article, I limit myself to logins via Windows using the Microsoft Edge, Google Chrome and Mozilla Firefox browsers.<\/em><\/p>\n\n\n\nTable of Contents<\/h2>\n
\n
Behavior without additional settings<\/h2>\n\n\n
Supported browsers<\/h2>\n\n\n