Could be related to PRT getting expired. Here is some information in relation to it.concept-primary-refresh-token
As for MFA, do you have a CA policy enforced which uses device state as a condition? I normally look at azure sign-ins for clues.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I am enrolling a device using Auto-pilot user driven mode.
In order to make it a shared device I am removing the primary user of the device.
Hence a different number of users are able to login to the system.
But after some days of keeping the machine in switched off mode, the device become non-compliant in Intune.
The reason of non-compliance is Is Active parameter is non-compliant
After becoming non-compliant in Intune, if I try to login to the device it asks for MFA and re-authentication.
I want to avoid the MFA for the users and want to know the reason on why MFA is required once device in non-compliant.
Could be related to PRT getting expired. Here is some information in relation to it.concept-primary-refresh-token
As for MFA, do you have a CA policy enforced which uses device state as a condition? I normally look at azure sign-ins for clues.