Conditional Access for SCCM managed devices
We want to use Conditional Access to Exchange on-premises for Intune managed devices and SCCM managed devices as well. Conditional Access with Intune managed devices works. But for a SCCM managed devices ActiveSync registrations are blocked when users want to use the Mail app on Windows 8.1 managed devices. We are looking for a solution that Conditional Access does not block ActiveSync registrations from SCCM managed devices as well. In our opinion Conditional Access should only block unmanaged devices and allow SCCM and Intune managed devices.
This is in 1606 production
Dominic Olsthoorn commented
For hybrid solutions such as these (combined with BYOD) this is one of the most important features. Your On-premise Exchange environment still needs a certain level of security which can only be protected by a valid management-layer. If this layer lacks the integration between Cloud/On-premise it will not succeed.
We share that opinion/conclusion. We need this feature now and it is holding us from moving forward.
Joop Kempe commented
Important feature! In my opinion the whole idea behind conditional access is to allow managed devices a certain level of access. At this moment SCCM managed devices are blocked as if they were unmanaged.