Recently, I was working with a customer who had deployed Intune to a small subset of pilot users. Specifically they were leveraging the All Users default container to apply the standard (soon deprecated*) Mobile Device Management policy, which used to contain all of the platform’s respective MDM policies.

*Moving forward, migration to the new Configuration Policies is recommended, because at some point the MDM overall policy will be deprecated.


As of the latest May release, found here, Microsoft now splits out the MDM policies on a per platform basis so you no longer have to hunt for the right policy and platform settings.

However that opened up a new issue. It seems that the MDM policy currently does not recognize conflicts with the new Configuration Policy and threw an error 0X87D1FD85, displaying a policy conflict, even though the settings are the same. Expected behavior would be to recognize that the policy settings for the child are the same and apply the new ones to trump the parent, we are confirming this with the Engineering team.

After we removed the legacy MDM policy and applied the new and refreshed the policies on our devices, everything came back clean.

Leave a Reply

Your email address will not be published. Required fields are marked *