Is there a way to make the device non-compliant immediately after the user or malicious third party deletes the intune profile?
Even after the user deletes the profile, the admin center is treated as compliant.
Is there a way to make the device non-compliant immediately after the user or malicious third party deletes the intune profile?
Even after the user deletes the profile, the admin center is treated as compliant.
@tarouchabi-7271 In our official article, the settings of compliance policy lists in the following link. However, there is no built-in settings to determine device compliance based on the presence or absence of the intune profile.
https://docs.microsoft.com/en-us/mem/intune/protect/create-compliance-policy
At the same time, I have done the test in my lab. When I delete the intune profile in the iOS device and wait about 5-10 minutes, I refresh in intune portal and check the compliance is "Not Evaluated".
"Not evaluated" is one of the device complicance status. When the intune profile is deleted in the iOS device, it means the iOS device is unmanaged by intune. So, the device doesn't have a trigger to check for compliance and shows "Not evaluated".
Thanks for understanding.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you very much.
I might have had to wait patiently. After 5 hours, I checked it and it was in the same state.
And, now, I think apps that aren't blocked by conditional access rely on token caching..............
@tarouchabi-7271 Sorry, I didn't met this situation. Or you can open a case to get more help. It is free. The following link describes how to open a case, we can refer to it:
https://docs.microsoft.com/en-us/mem/intune/fundamentals/get-support
Thanks and have a nice day.
6 people are following this question.