I am trying to find a solid way to maintain Device Assurance/Authentication policies for major versions to the highest security update. What we’re getting stuck on is how to take care of the devices that are in between those major versions.
Example: I want to have Authentication policies that will maintain iOS 16 devices to have a minimum of 16.2 and iOS 17 devices to have a minimum of 17.2.
The real question is how do I restrict devices that are in between 16.2 -17.2? (I.E iOS 17.0)
Because of how the Device Assurance policies are worded, it will say “minimum of 16.2 or higher”. This means no matter how I prioritize the policies, the device that is iOS 17.0 will hit the “minimum of 16.2 or higher” policy and will be granted access. Which defeats the purpose of Device Assurance…