Support Tip: Known issue in macOS Conditional Access Preview


Intune and Azure AD recently released the public preview for macOS Conditional Access (CA) which extends the way we can help secure resources in the cloud and now on Macs. Administrators can now restrict access to Intune-managed macOS devices using device-based conditional access according to their organization's security guidelines. However, we have a known issue that causes Macs enrolled in Intune to be reported as compliant even when they are not.

Currently, a bug in macOS is resulting in password compliance policies not being enforced. Apple has acknowledged this issue but has not provided an ETA for a fix. A Mac will not enforce the password requirements until the user actively changes their own password, and it will still be reported as compliant to Intune. Please ensure that all enrolled Mac users change their login/macOS user account passwords.

We're excited to have you try out this preview that will enable you to enroll and manage macOS devices using Intune. Let us know if you have any questions or feedback!

Comments (2)

  1. bao bong da says:

    i can’t update 🙁

    1. Documentation on how to use this feature is here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-azure-portal. If that doesn’t help (not sure what “I can’t update” references) then please contact support (which is provided at no cost). Hope these help!

Skip to main content