562 votesAnonymous commented
Took me a while to understand that PS script were only working on AAD joined device (maybe that should be clearly notified in the UI).
This request is still not even marked as noted... I'm wondering if they can have it working on hybrid joined device, maybe some permission issue. Or they just think that as these devices are "hybrid" we relay on another on-prem solutions for computer management and software deployment. However in many cases we can't go full Cloud so it's important that we have as many options as possible available to support a broad range of scenario.
Having the possibility to run PS script is not only a good thing for installing software but can be used also in place of GPO (when no MDM policy).
Thanks for the comments, just a few questions to the gallery.
What platform is this issue with. I’m only seeing IOS devices in your comments, so wanted to double check.
Also, are you having this issue with shared devices or just re-deployment? Unclear from all the comments. Do you want to keep all installed apps on the devices? Depending on your platform, you should be able to already do this for shared devices.
77 votesAnonymous commented
I think first they should allow multiple conditional access policies. Mobile device and PCs should have separate configuration, as you might want to let some users access from non ad joined or compliant PC or Mac. In the other hand you can still want to inforce them to be compliant with their mobile device.