Windows Phone SMC 6.1 multiple configuration in policy breaks compliance.

Hi Neil,

are you trying to add the restrictions to an already existing policy or have you created a  new policy for the restrictions?
Based on your description, it seems as if you try to create a separate profile.

Please be aware that only one policy can be assigned to a Windows Phone / Windows Mobile device by design of the operating system.
Additional info about the differentiation of policies and profiles can be found here.

If you assign a new policy to the device, the former profile will be removed. 

Hope this helps.

Best regards
Stefan

Hi Stefan,

Thanks for the response.

This problem manifests no matter how I try to deploy multiple configurations inside a Windows Mobile profile:

Adding additional settings to an existing profile results in the task completing successfully, but none of the additional settings are applied and the device always reports as non-compliant due to no PIN being set - the PIN is set as demonstarted by having to enter a PIN to unlock the device.

Creating a new profile containing all the required settings and transferring this to the device results in the existing profile being replaced. The device then reports non-compliant due to no PIN, although a PIN is set and required to unlock the device, and none of the additional settings are applied.

This occurs with any profile containing anything other than password settings.

The only way to clear non-compliance is to unenrol the device and enrol again. and am awaiting a response.

I have a support case open

Regards,

Neil.

Hi Stefan,

Thanks for the response.

This problem manifests no matter how I try to deploy multiple configurations inside a Windows Mobile profile:

Adding additional settings to an existing profile results in the task completing successfully, but none of the additional settings are applied and the device always reports as non-compliant due to no PIN being set - the PIN is set as demonstarted by having to enter a PIN to unlock the device.

Creating a new profile containing all the required settings and transferring this to the device results in the existing profile being replaced. The device then reports non-compliant due to no PIN, although a PIN is set and required to unlock the device, and none of the additional settings are applied.

This occurs with any profile containing anything other than password settings.

The only way to clear non-compliance is to unenrol the device and enrol again. and am awaiting a response.

I have a support case open

Regards,

Neil.

Hi Neil,

thank you for your additional information.
Are we talking about Windows 10 Mobile or Windows Phone 8.1 devices?

Best regards
Stefan

Hi Stefan,

Windows 10 Mobile. All devices are brand new and being unboxed and configured as required.

I have noticed this in the known issues for 6.1.4, it's similar in scope although not exactly the same issue as no PIN has been set by users and PIN is enforced via policy.

A "no passcode" compliance violation is reported although a passcode is set on the device

The “password required” compliance rule does not work correctly for Windows Phone and Windows 10 Mobile devices if no passcode policy is enforced by SMC. The devices do not report a passcode being set if the user does this without being forced to by a policy. This is an issue in Windows Phone and Windows 10 Mobile.

Regards,

Neil.