Hey everyone, maybe someone who has Intune deployed can help me out here:
We are looking to implement a BYOD policy, and we want to enforce that everyone has to have Intune/Company Portal installed on their mobile device. There are a small subset of users who are already enrolled in a client MDM, and we want to allow sync to those users with ActiveSync policies in place, without Intune.
I currently have configuration and compliance policies in place that are deployed to a specific security group. ActiveSync is configured and enabled.
I have tested and verified that AS is doing its job. When I place the user under the Intune security group in O365, email will still sync and no mention of requiring Intune is made.
Any idea why Intune is not being enforced?
Did you check to which users the policies configured in Conditional access will apply, may be those policies are not applying to those users who can still access your AS. By default apply the conditional access to all users.
Hope it may help you.
regards,