We are trying to raise a good pilot for the Jamf / Intune Conditional Access intergration.
The fact is that 95% of the pilot machine's we try to enrol are enrolling as an Azure AD device and not as an Intune device.
So in this case, as they enrol as an Azure AD, they wont receive the compliance policies etc.
I see many discussions about malfunctioning of the intergration, does anyone have worked a way out for this issue?
I would agree that the experience has been very inconsistent... We have a very strict environment with a MAJOR focus on securing our devices. With that said. We are in the process of re-imaging/erasing/DEP our entire fleet due to some scripts we ran on our old config. particularly "5.1.4 from the CIS Benchmark" which modifies some Library files... We have the best results with having the user enroll into Conditional Access the moment after their machine finishes DEP. How much do you modify the out of box apple experience for your users?