Hi all,
This issue is happening on brand new install of RDS 2016 server with out of the box set up and minimal configuration for seamless sso.
Device is hybrid azure ad joined, users get prt, silent sso works fine via edge/chrome/ie.
The 365 apps for enterprise are not reporting device ID or join type to azure which is resulting in my CA policy to fail. It's set to require either compliant/or hybrid azure ad joined device to grant access.
Device filter (exception) is failing also because no device id is reported.
See photo below
This is the result that is passed to Azure during silent sso on a rds 2016 server.
Device info:
Device ID: BLANK
Browser
Rich Client v3.4.1.35249
This is the CA policy
Cloud apps: office 365
Conditions: any device
location: any
client apps: mobile apps/desktop clients
Grant access:
Require device to be compliant
or
Require hybrid azure ad joined device.