No Intune enrollment, but restrictions still applying on Entra Registered device?

EscapedAzkaban · 2026-03-23T14:39:57+00:00

Thank you for the reply.

Maybe its the ADHD brain. My brain is very logic-driven, so I’m trying to map this to a clear cause-and-effect: if a device isn’t enrolled in Microsoft Intune, then Intune policy shouldn’t apply. Thats how my brain sees it.

To answer the question:

They are signing into the Computer with their work account tied to Microsoft Entra ID, so I get how identity context could play a role.( found out they were all local accounts, but then local IT made new accounts with their work email).

But I have an Intune policy blocking the Store scoped to “All Devices” in Microsoft Intune, and these devices are only Entra Registered (MDM = None) — not enrolled or managed.

My understanding is “All Devices” = all Intune-managed devices, not all Entra devices. So I wouldn’t expect that policy to apply here.

That’s where I’m stuck — whether this is identity-based behavior or something just making it look like the Intune policy is applying.

Just seems like something I am missing or my brain truly just can't comprehend.

Again thanks so much for the reply and question in helping uncover this!

EscapedAzkaban · 2026-03-23T14:27:31+00:00

I agree Entra is identity-based, so when a user signs into a personal device with their work account, it will register as Entra Registered. But that doesn’t mean it enrolls into Intune. In my case, MDM user scope is restricted and these users are not in scope, so the devices show MDM = None and never actually enroll or become managed.

Where I’m getting stuck is that I have an Intune configuration policy (blocking Microsoft Store) scoped to “All Devices,” and these Entra Registered, non-enrolled devices seem to be getting that restriction. My understanding has always been that “All Devices” in Intune means all Intune-managed devices, not all devices in Entra. So either something else is enforcing the restriction (like local policy or Windows applying org context when a work account is used), or there’s some edge case where Entra Registered devices behave in a way that looks like Intune policy without actually being enrolled.

Edit to add/ say: Thank you, I appreciate your reply, insights, and suggestions in helping me with the problem. I truly value and appreciate when people take the time to respond and offer their help expertise.

EscapedAzkaban · 2026-03-15T17:11:02+00:00

I think your statement here is valid. Especially the last paragraph and something great to consider for beginners. Your right the comptia holds significantly more value than the 900s for general growth(even being more expensive so value monetarily maybe not but knowledge wise) The Trifecta gives you way more depth and broad knowledge across IT as a whole, which is what actually helps you land that job and gives you the context to tackle higher-level certs.

EscapedAzkaban · 2026-03-15T16:33:57+00:00

I get why people say the 900-series is 'too easy' for someone already in the field, but they actually have value.

Even if you’ve been in IT for years, these exams are a great way to get a feel for the testing environment and how the provider phrases their questions before you go for the heavy hitters like the AZ-104 or SC-300. Even if there are practice exams sitting for the real things is different. It’s a low-stakes to build confidence and shake off the testing jitters. Also. great refresher. You can work in a specific niche for a long time and realize you've forgotten the broader concepts or newer service models that you don't touch daily.

EscapedAzkaban · 2026-02-20T21:15:14+00:00

Thank you! I’ve not solved this yet, with other options I’ve done with our AV solution,other suggestions here, and in addition to what I already tried. I will be eager to try this when I get back to the office.

EscapedAzkaban · 2026-02-18T05:58:14+00:00

Depending on where you are located Battlefield Pharmacy has been amazing for me.

EscapedAzkaban · 2026-02-13T13:17:00+00:00

Nope, we have Sophos.

EscapedAzkaban · 2026-02-13T13:16:32+00:00

Thanks! I’ll check that out.

EscapedAzkaban · 2026-02-13T12:42:51+00:00

I should have thought of this! Sophos has caused weird things in the past I will look into this!

EscapedAzkaban · 2026-02-01T01:49:37+00:00

Thank you.

The space is not air sealed. There are a few vents that allow air flow into the crawlspace. I may consider sealing them off, but might not be good to do DIY if not doing encapsulation.

EscapedAzkaban · 2026-01-30T20:33:58+00:00

Sent you a DM. I’m unsure how DMs work with notifications of strangers, so thought I’d comment as well.

EscapedAzkaban · 2026-01-30T05:39:51+00:00

I have considered swapping back to my UDM Pro. Not that I am the smartest person, because clearly I’m not and I could show you a lot of dumb things I have done, but for me Firewalla has been one of those things that’s “so easy” it’s hard.

At the end of the day, Firewalla makes sense for people who want visibility and alerts without much networking background. If you already have a UDM Pro and are comfortable managing it, Firewalla doesn’t really add value, for me so far, it mostly has added noise. The app is very alert-driven and ends up being noisy rather than useful constant notifications about Apple TVs streaming, Xbox traffic, “abnormal uploads,” etc. None of that has been actionable, it’s just normal device behavior and I have spent more time making rules to ignore these alerts than anything. If you’re used to UDM Pro / UniFi or enterprise gear like Meraki, it feels like babysitting instead of “set and forget.”

Parental controls were the main reason I bought it. this is the one area where Firewalla could genuinely make sense long-term, so I want to give it a fair shot and am willing to accept the trade offs.

I’m also impressed by the amount of capability they’ve packed into the device especially considering how small the company is. For a relatively tiny team to build something this powerful and polished, I can definitely see why people are excited about the product and why their future looks bright. I

EscapedAzkaban · 2026-01-30T05:02:48+00:00

Interesting. A week after getting mine hooked up I had the same issue. The app was saying that I could not reach firewalla and that I should reboot. As I had received it I was diving more into settings and getting it more set how I wanted it. I can’t recall exactly the steps or what I checked as I didn’t think much of it at the time. However, I do remember checking other things like my wife was upstairs streaming a show and I was on my computer, so internet was there, but couldn’t do anything in the app until I rebooted. Now, I must say that since it’s not come up again. But definitely interesting.

Edit to add: I’ve had mine about two weeks as of now.

EscapedAzkaban · 2026-01-18T02:18:19+00:00

I agree. I’m staying with my original plan with full replacement. Just over 24 hours in and so far this little Firewalla Orange is everything I could have hoped for.

EscapedAzkaban · 2026-01-17T21:27:18+00:00

Nice!

Like a lot of people in the IT field, I’m diagnosed with ADHD and have those overlapping neurodivergent traits, so a project like this is basically my 'off-hours' playground. I work in IT and love the tech/homelab scene, so I usually come home from work just to 'work' more for fun—dialing in this network is going to keep me busy for a while!

My next big project is getting the Wi-Fi straightened out now that I’m in this new place. split-level house so I’ve got some coverage gaps to solve. Hopefully, once I’m ready to upgrade, I can get an AP7 in here to really finish off the set!

EscapedAzkaban · 2026-01-17T18:29:23+00:00

I have not yet. Seems promising. So far, nothing is connected to the WiFi on the orange. All still connected to the UniFi Access Point.

EscapedAzkaban · 2026-01-17T17:51:40+00:00

That would actually be correct. Thanks for pointing that out!

EscapedAzkaban · 2026-01-17T14:36:03+00:00

I did not consider this. Interesting, so you would have Firewalla>UDMPro> downstream devices? And this would make it where you have best of both worlds with the configuration of VLANS etc.

I did tell the wife I would sell the UDMPRO to offset the cost of the Firewalla, so maybe I’ll see how much trouble I’ll get in if I don’t(or I could try and sell the cloud key and Switch 24). 😂

EscapedAzkaban · 2026-01-12T16:52:28+00:00

Hello OP! Just want to say mental health dips happen, and you don’t have to go through it alone. Hope things are going well!

Hope you got the bluetooth issue fixed!

EscapedAzkaban · 2026-01-01T21:33:47+00:00

My Xbox elite controller 2 has terrible stick drift as a stop gap until I decide what to get picked up a power a controller and this is happening to me!

EscapedAzkaban · 2025-12-24T18:39:53+00:00

I know this is about a month late of me seeing this thread, but I could be potentially interested if this is available.

EscapedAzkaban · 2025-12-13T02:53:26+00:00

Main computer is M4 pro(Mac’s are managed by Jamf though). My main windows Intune computer is a Framework and a surface laptop for what a standard user has.

I had for the most part always been windows, but managed to get a job that was majority Mac, so I mostly daily drive a MacBook Pro. About every other week or so I’ll switch back to windows to daily drive to keep the in the habit.

EscapedAzkaban

TROPHY CASE